harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: Add atticd service to sgx-nixos system

Browse source 
This commit includes the atticd service to the sgx-nixos system. The `atticd.nix` file has been added with default configuration and the attic service has been included in imports in `default.nix`. Modifications were made in `flake.nix` and `flake.lock` to integrate attic dependencies.
This commit is contained in:
Harald Hoyer 2024-06-28 11:01:44 +02:00
parent 2629021f33
commit 3c58dfb400
4 changed files with 171 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

161
flake.lock generated
View file

@ -16,6 +16,30 @@
"type": "github"
}
},
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1717279440,
"narHash": "sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "717cc95983cdc357bc347d70be20ced21f935843",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"blobs": {
"flake": false,
"locked": {
@ -273,6 +297,27 @@
}
},
"crane": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717025063,
"narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=",
"owner": "ipetkov",
"repo": "crane",
"rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"crane_2": {
"inputs": {
"flake-compat": [
"lanzaboote",
@ -524,6 +569,22 @@
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1650374568,
@ -539,7 +600,7 @@
"type": "github"
}
},
"flake-compat_4": {
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@ -555,7 +616,7 @@
"type": "github"
}
},
"flake-compat_5": {
"flake-compat_6": {
"flake": false,
"locked": {
"lastModified": 1650374568,
@ -611,15 +672,12 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
@ -630,7 +688,7 @@
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils_4"
"flake-utils": "flake-utils_5"
},
"locked": {
"lastModified": 1715533576,
@ -649,7 +707,7 @@
},
"flake-utils-plus_2": {
"inputs": {
"flake-utils": "flake-utils_5"
"flake-utils": "flake-utils_6"
},
"locked": {
"lastModified": 1696331477,
@ -666,6 +724,24 @@
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
},
@ -683,7 +759,7 @@
"type": "github"
}
},
"flake-utils_3": {
"flake-utils_4": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
@ -698,7 +774,7 @@
"type": "github"
}
},
"flake-utils_4": {
"flake-utils_5": {
"inputs": {
"systems": "systems_5"
},
@ -716,7 +792,7 @@
"type": "github"
}
},
"flake-utils_5": {
"flake-utils_6": {
"inputs": {
"systems": "systems_7"
},
@ -939,10 +1015,10 @@
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"crane": "crane_2",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
@ -1189,7 +1265,7 @@
"elixir-tools": "elixir-tools",
"fidget-nvim": "fidget-nvim",
"flake-parts": "flake-parts_2",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_3",
"flutter-tools": "flutter-tools",
"gesture-nvim": "gesture-nvim",
"gitsigns-nvim": "gitsigns-nvim",
@ -1362,6 +1438,22 @@
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1678872516,
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
@ -1377,7 +1469,7 @@
"type": "github"
}
},
"nixpkgs-stable_2": {
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1717880976,
"narHash": "sha256-BRvSCsKtDUr83NEtbGfHLUOdDK0Cgbezj2PtcHnz+sQ=",
@ -1427,11 +1519,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1719145550,
"narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=",
"lastModified": 1719426051,
"narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8",
"rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd",
"type": "github"
},
"original": {
@ -1463,11 +1555,11 @@
"snowfall-lib": "snowfall-lib"
},
"locked": {
"lastModified": 1718961396,
"narHash": "sha256-RAyAHji/WLd7W/rMlDSC9XO5VREVFRuVo/LK0a9QIEI=",
"lastModified": 1719403531,
"narHash": "sha256-JYqPdAB393YZIndGs5om7EsLUha3fpLckb9RKjKN7Fg=",
"owner": "matter-labs",
"repo": "nixsgx",
"rev": "f6c55e4229be64e146679c2f77e48ba8351ba77b",
"rev": "3a272950fa21601f31e8ca8b4e4897975069a00a",
"type": "github"
},
"original": {
@ -1988,7 +2080,7 @@
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1681413034,
@ -2058,6 +2150,7 @@
},
"root": {
"inputs": {
"attic": "attic",
"darwin": "darwin",
"disko": "disko",
"home-manager": "home-manager",
@ -2174,7 +2267,7 @@
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_5",
"nixpkgs": [
"nixpkgs"
],
@ -2214,7 +2307,7 @@
},
"snowfall-lib": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_4",
"flake-utils-plus": "flake-utils-plus",
"nixpkgs": [
"nixsgx-flake",
@ -2237,7 +2330,7 @@
},
"snowfall-lib_2": {
"inputs": {
"flake-compat": "flake-compat_5",
"flake-compat": "flake-compat_6",
"flake-utils-plus": "flake-utils-plus_2",
"nixpkgs": [
"nixpkgs"
@ -2263,7 +2356,7 @@
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_2"
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1718137936,
@ -2556,11 +2649,11 @@
},
"unstable": {
"locked": {
"lastModified": 1719075281,
"narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=",
"lastModified": 1719254875,
"narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af",
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
"type": "github"
},
"original": {
@ -2768,8 +2861,8 @@
},
"zig": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3",
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_3"
},
"locked": {

4
flake.nix
View file

@ -40,6 +40,9 @@
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs";
attic.url = "github:zhaofengli/attic";
attic.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs:
@ -73,6 +76,7 @@
sops-nix.nixosModules.sops
disko.nixosModules.disko
simple-nixos-mailserver.nixosModule
attic.nixosModules.atticd
];
overlays = with inputs; [

36
systems/x86_64-linux/sgx-nixos/atticd.nix Normal file
View file

@ -0,0 +1,36 @@
{ pkgs, lib, config, ... }:
{
services.atticd = {
enable = true;
# Replace with absolute path to your credentials file
credentialsFile = "/etc/atticd.env";
settings = {
listen = "[::]:8080";
# Data chunking
#
# Warning: If you change any of the values here, it will be
# difficult to reuse existing chunks for newly-uploaded NARs
# since the cutpoints will be different. As a result, the
# deduplication ratio will suffer for a while after the change.
chunking = {
# The minimum NAR size to trigger chunking
#
# If 0, chunking is disabled entirely for newly-uploaded NARs.
# If 1, all NARs are chunked.
nar-size-threshold = 64 * 1024; # 64 KiB
# The preferred minimum size of a chunk, in bytes
min-size = 16 * 1024; # 16 KiB
# The preferred average size of a chunk, in bytes
avg-size = 64 * 1024; # 64 KiB
# The preferred maximum size of a chunk, in bytes
max-size = 256 * 1024; # 256 KiB
};
};
};
}

5
systems/x86_64-linux/sgx-nixos/default.nix
View file

@ -2,7 +2,10 @@
with lib;
with lib.metacfg;
{
imports = [ ./hardware-configuration.nix ];
imports = [
./hardware-configuration.nix
./atticd.nix
];
boot.kernel.sysctl."net.ipv4.conf.all.route_localnet" = 1;
boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;