diff --git a/flake.lock b/flake.lock index 9120804..4c725f4 100644 --- a/flake.lock +++ b/flake.lock @@ -16,6 +16,30 @@ "type": "github" } }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1717279440, + "narHash": "sha256-kH04ReTjxOpQumgWnqy40vvQLSnLGxWP6RF3nq5Esrk=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "717cc95983cdc357bc347d70be20ced21f935843", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "attic", + "type": "github" + } + }, "blobs": { "flake": false, "locked": { @@ -273,6 +297,27 @@ } }, "crane": { + "inputs": { + "nixpkgs": [ + "attic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717025063, + "narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=", + "owner": "ipetkov", + "repo": "crane", + "rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { "inputs": { "flake-compat": [ "lanzaboote", @@ -524,6 +569,22 @@ } }, "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1650374568, @@ -539,7 +600,7 @@ "type": "github" } }, - "flake-compat_4": { + "flake-compat_5": { "flake": false, "locked": { "lastModified": 1696426674, @@ -555,7 +616,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1650374568, @@ -611,15 +672,12 @@ } }, "flake-utils": { - "inputs": { - "systems": "systems" - }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -630,7 +688,7 @@ }, "flake-utils-plus": { "inputs": { - "flake-utils": "flake-utils_4" + "flake-utils": "flake-utils_5" }, "locked": { "lastModified": 1715533576, @@ -649,7 +707,7 @@ }, "flake-utils-plus_2": { "inputs": { - "flake-utils": "flake-utils_5" + "flake-utils": "flake-utils_6" }, "locked": { "lastModified": 1696331477, @@ -666,6 +724,24 @@ } }, "flake-utils_2": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "inputs": { "systems": "systems_2" }, @@ -683,7 +759,7 @@ "type": "github" } }, - "flake-utils_3": { + "flake-utils_4": { "locked": { "lastModified": 1659877975, "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", @@ -698,7 +774,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { "systems": "systems_5" }, @@ -716,7 +792,7 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { "systems": "systems_7" }, @@ -939,10 +1015,10 @@ }, "lanzaboote": { "inputs": { - "crane": "crane", - "flake-compat": "flake-compat", + "crane": "crane_2", + "flake-compat": "flake-compat_2", "flake-parts": "flake-parts", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ], @@ -1189,7 +1265,7 @@ "elixir-tools": "elixir-tools", "fidget-nvim": "fidget-nvim", "flake-parts": "flake-parts_2", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "flutter-tools": "flutter-tools", "gesture-nvim": "gesture-nvim", "gitsigns-nvim": "gitsigns-nvim", @@ -1362,6 +1438,22 @@ } }, "nixpkgs-stable": { + "locked": { + "lastModified": 1711460390, + "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { "locked": { "lastModified": 1678872516, "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", @@ -1377,7 +1469,7 @@ "type": "github" } }, - "nixpkgs-stable_2": { + "nixpkgs-stable_3": { "locked": { "lastModified": 1717880976, "narHash": "sha256-BRvSCsKtDUr83NEtbGfHLUOdDK0Cgbezj2PtcHnz+sQ=", @@ -1427,11 +1519,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1719145550, - "narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=", + "lastModified": 1719426051, + "narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8", + "rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd", "type": "github" }, "original": { @@ -1463,11 +1555,11 @@ "snowfall-lib": "snowfall-lib" }, "locked": { - "lastModified": 1718961396, - "narHash": "sha256-RAyAHji/WLd7W/rMlDSC9XO5VREVFRuVo/LK0a9QIEI=", + "lastModified": 1719403531, + "narHash": "sha256-JYqPdAB393YZIndGs5om7EsLUha3fpLckb9RKjKN7Fg=", "owner": "matter-labs", "repo": "nixsgx", - "rev": "f6c55e4229be64e146679c2f77e48ba8351ba77b", + "rev": "3a272950fa21601f31e8ca8b4e4897975069a00a", "type": "github" }, "original": { @@ -1988,7 +2080,7 @@ "lanzaboote", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1681413034, @@ -2058,6 +2150,7 @@ }, "root": { "inputs": { + "attic": "attic", "darwin": "darwin", "disko": "disko", "home-manager": "home-manager", @@ -2174,7 +2267,7 @@ "simple-nixos-mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_5", "nixpkgs": [ "nixpkgs" ], @@ -2214,7 +2307,7 @@ }, "snowfall-lib": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-utils-plus": "flake-utils-plus", "nixpkgs": [ "nixsgx-flake", @@ -2237,7 +2330,7 @@ }, "snowfall-lib_2": { "inputs": { - "flake-compat": "flake-compat_5", + "flake-compat": "flake-compat_6", "flake-utils-plus": "flake-utils-plus_2", "nixpkgs": [ "nixpkgs" @@ -2263,7 +2356,7 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { "lastModified": 1718137936, @@ -2556,11 +2649,11 @@ }, "unstable": { "locked": { - "lastModified": 1719075281, - "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=", + "lastModified": 1719254875, + "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", "type": "github" }, "original": { @@ -2768,8 +2861,8 @@ }, "zig": { "inputs": { - "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_3", + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_4", "nixpkgs": "nixpkgs_3" }, "locked": { diff --git a/flake.nix b/flake.nix index 92b67e0..a95c9e3 100644 --- a/flake.nix +++ b/flake.nix @@ -40,6 +40,9 @@ simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs"; + + attic.url = "github:zhaofengli/attic"; + attic.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = inputs: @@ -73,6 +76,7 @@ sops-nix.nixosModules.sops disko.nixosModules.disko simple-nixos-mailserver.nixosModule + attic.nixosModules.atticd ]; overlays = with inputs; [ diff --git a/systems/x86_64-linux/sgx-nixos/atticd.nix b/systems/x86_64-linux/sgx-nixos/atticd.nix new file mode 100644 index 0000000..0ba05de --- /dev/null +++ b/systems/x86_64-linux/sgx-nixos/atticd.nix @@ -0,0 +1,36 @@ +{ pkgs, lib, config, ... }: +{ + services.atticd = { + enable = true; + + # Replace with absolute path to your credentials file + credentialsFile = "/etc/atticd.env"; + + settings = { + listen = "[::]:8080"; + + # Data chunking + # + # Warning: If you change any of the values here, it will be + # difficult to reuse existing chunks for newly-uploaded NARs + # since the cutpoints will be different. As a result, the + # deduplication ratio will suffer for a while after the change. + chunking = { + # The minimum NAR size to trigger chunking + # + # If 0, chunking is disabled entirely for newly-uploaded NARs. + # If 1, all NARs are chunked. + nar-size-threshold = 64 * 1024; # 64 KiB + + # The preferred minimum size of a chunk, in bytes + min-size = 16 * 1024; # 16 KiB + + # The preferred average size of a chunk, in bytes + avg-size = 64 * 1024; # 64 KiB + + # The preferred maximum size of a chunk, in bytes + max-size = 256 * 1024; # 256 KiB + }; + }; + }; +} diff --git a/systems/x86_64-linux/sgx-nixos/default.nix b/systems/x86_64-linux/sgx-nixos/default.nix index 860abd6..7912e96 100644 --- a/systems/x86_64-linux/sgx-nixos/default.nix +++ b/systems/x86_64-linux/sgx-nixos/default.nix @@ -2,7 +2,10 @@ with lib; with lib.metacfg; { - imports = [ ./hardware-configuration.nix ]; + imports = [ + ./hardware-configuration.nix + ./atticd.nix + ]; boot.kernel.sysctl."net.ipv4.conf.all.route_localnet" = 1; boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;