plumjam/nixos - Change L7KG2HKA2ZOTR3VPQT7MTAL2HFBVVULTUIENWWIKF5QR2XJZ3DDAC

dendritic: Migrate Nix cache service to module.

Created by PlumJam on January 13, 2026

L7KG2HKA2ZOTR3VPQT7MTAL2HFBVVULTUIENWWIKF5QR2XJZ3DDAC

Dependencies

In channels

main

Change contents

File move: cache.nix → nix-cache.nix
BF:BFD[3.128] → [3.34134:34167]
BF:BF[3.34167] → [3.32786:32786]
[4.2]
[3.32786]

Replacement in modules/nix-cache.nix at line 2 [3.32786]

B:BD[5.17090] → [5.17090:17136]

B:BD[5.17185] → [5.17185:17269]

∅:D[5.17269] → [3.32876:32914]

B:BD[3.32876] → [3.32876:32914]

B:BD[3.32914] → [5.17270:17320]

  self,
  config,
  lib,
  pkgs,
  ...
}:
let
  inherit (lib.modules) mkIf;
  inherit (lib)
    enabled
    merge
    types
    ;
  inherit (config.networking) domain;
in
{
  imports = [ (self + /modules/nginx.nix) ];

[5.17090]

[3.32962]

  config.flake.modules.nixos.nix-cache =
    {
      config,
      lib,
      pkgs,
      ...
    }:
    let
      inherit (lib.modules) mkIf;
      inherit (lib.types) types;
      inherit (config.myLib) merge;
      inherit (config.networking) domain;
    in
    {
      options.cache = {
        enable = lib.mkEnableOption "nix-serve cache server";

Replacement in modules/nix-cache.nix at line 19 [3.32786]

B:BD[3.32963] → [3.32963:33041]

  options.cache = {
    enable = lib.mkEnableOption "nix-serve cache server";

[3.32963]

[3.33041]

        fqdn = lib.mkOption {
          type = types.str;
          example = "cache1.example.com";
          description = "Fully qualified domain name for the cache";
        };

Replacement in modules/nix-cache.nix at line 25 [3.32786]

B:BD[3.33042] → [3.33042:33644]

B:BD[3.33644] → [5.17321:17343]

∅:D[5.17343] → [3.33670:33677]

B:BD[3.33670] → [3.33670:33677]

    fqdn = lib.mkOption {
      type = types.str;
      example = "cache1.example.com";
      description = "Fully qualified domain name for the cache";
    };
    port = lib.mkOption {
      type = types.port;
      default = 8006;
      description = "Port for nix-serve to listen on";
    };
    secretKeyFile = lib.mkOption {
      type = types.path;
      example = "/run/agenix/nixServeKey";
      description = "Path to the secret key file for signing the cache";
    };
  };
  config = mkIf config.cache.enable {
    age.secrets.nixServeKey = {
      rekeyFile = config.cache.secretKeyFile;
      owner = "root";
    };

[3.33042]

[3.33677]

        port = lib.mkOption {
          type = types.port;
          default = 8006;
          description = "Port for nix-serve to listen on";
        };
      };

Replacement in modules/nix-cache.nix at line 32 [3.32786]

B:BD[3.33678] → [3.33678:33840]

B:BD[3.33840] → [2.1293:1328]

∅:D[2.1328] → [3.33872:33879]

B:BD[3.33872] → [3.33872:33879]

    services.nix-serve = enabled {
      package = pkgs.nix-serve-ng;
      secretKeyFile = config.age.secrets.nixServeKey.path;
      bindAddress = "127.0.0.1";
      inherit (config.cache) port;
    };

[3.33678]

[3.33879]

      config = mkIf config.cache.enable {
        services.nix-serve = {
          enable = true;
          package = pkgs.nix-serve-ng;
          secretKeyFile = config.age.secrets.nixServeKey.path;
          bindAddress = "127.0.0.1";
          inherit (config.cache) port;
        };

Replacement in modules/nix-cache.nix at line 41 [3.32786]

B:BD[3.33880] → [3.33880:34119]

    services.nginx.virtualHosts.${config.cache.fqdn} = merge config.services.nginx.sslTemplate {
      locations."= /".return = "301 https://${domain}/404";
      locations."/".proxyPass = "http://127.0.0.1:${toString config.cache.port}";

[3.33880]

[3.34119]

        services.nginx.virtualHosts.${config.cache.fqdn} = merge config.services.nginx.sslTemplate {
          locations."= /".return = "301 https://${domain}/404";
          locations."/".proxyPass = "http://127.0.0.1:${toString config.cache.port}";
        };
      };

Deletion in modules/nix-cache.nix at line 47 [3.32786]
B:BD[3.34126] → [3.34126:34131]
```
  };
```