feat(attic): update storage config and refine system settings

- Switch disk device from `/dev/vda` to `/dev/sda` for compatibility. - Add S3 storage configuration with bucket, region, and endpoint. - Update system state version from `24.05` to `25.11`. - Remove unused imports and clean up redundant attributes.
2026-03-25 09:33:32 +01:00 · 2026-03-25 09:33:32 +01:00 · 8c1eadf474
commit 8c1eadf474
parent 04ebe32c3c
4 changed files with 10 additions and 6 deletions
--- a/systems/x86_64-linux/attic/atticd.nix
+++ b/systems/x86_64-linux/attic/atticd.nix
@ -0,0 +1,65 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+{
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "attic" ];
+    ensureUsers = [ { name = "atticd"; } ];
+  };
+
+  systemd.services.postgresql.postStart = lib.mkAfter ''
+    $PSQL -tAc 'ALTER DATABASE "attic" OWNER TO "atticd"'
+  '';
+
+  environment.systemPackages = with pkgs; [ attic-client ];
+  services.atticd = {
+    enable = true;
+
+    # Replace with absolute path to your credentials file
+    environmentFile = "/etc/atticd.env";
+
+    settings = {
+      api-endpoint = "https://attic.teepot.org/";
+
+      garbage-collection.default-retention-period = "3 months";
+
+      database.url = "postgresql:///attic?host=/run/postgresql";
+
+      listen = "[::]:8080";
+
+      storage = {
+        type = "s3";
+        bucket = "attic";
+        region = "hel1";
+        endpoint = "https://hel1.your-objectstorage.com";
+      };
+
+      # Data chunking
+      #
+      # Warning: If you change any of the values here, it will be
+      # difficult to reuse existing chunks for newly-uploaded NARs
+      # since the cutpoints will be different. As a result, the
+      # deduplication ratio will suffer for a while after the change.
+      chunking = {
+        # The minimum NAR size to trigger chunking
+        #
+        # If 0, chunking is disabled entirely for newly-uploaded NARs.
+        # If 1, all NARs are chunked.
+        nar-size-threshold = 64 * 1024; # 64 KiB
+
+        # The preferred minimum size of a chunk, in bytes
+        min-size = 16 * 1024; # 16 KiB
+
+        # The preferred average size of a chunk, in bytes
+        avg-size = 64 * 1024; # 64 KiB
+
+        # The preferred maximum size of a chunk, in bytes
+        max-size = 256 * 1024; # 256 KiB
+      };
+    };
+  };
+}
--- a/systems/x86_64-linux/attic/default.nix
+++ b/systems/x86_64-linux/attic/default.nix
@ -0,0 +1,36 @@
+{
+  ...
+}:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./atticd.nix
+  ];
+
+  metacfg = {
+    base.enable = true;
+    nix.enable = true;
+  };
+
+  system.autoUpgrade = {
+    enable = true;
+    operation = "switch";
+    allowReboot = true;
+  };
+
+  virtualisation = {
+    docker.enable = true;
+    podman.dockerCompat = false;
+  };
+
+  security.tpm2.enable = false;
+  security.tpm2.abrmd.enable = false;
+
+  networking.wireless.enable = false;
+  networking.firewall.allowedTCPPorts = [ 8080 ];
+  networking.firewall.allowPing = true;
+
+  powerManagement.cpuFreqGovernor = "ondemand";
+
+  system.stateVersion = "25.11";
+}
--- a/systems/x86_64-linux/attic/disko.nix
+++ b/systems/x86_64-linux/attic/disko.nix
@ -0,0 +1,41 @@
+# USAGE in your configuration.nix.
+# Update devices to match your hardware.
+# {
+#  imports = [ ./disko-config.nix ];
+#  disko.devices.disk.main.device = "/dev/sda";
+# }
+{
+  config.disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+            };
+            ESP = {
+              size = "1G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/systems/x86_64-linux/attic/hardware-configuration.nix
+++ b/systems/x86_64-linux/attic/hardware-configuration.nix
@ -0,0 +1,38 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    ./disko.nix
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+  disko.devices.disk.main.device = "/dev/sda";
+
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "xhci_pci"
+    "virtio_pci"
+    "sr_mod"
+    "virtio_blk"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}