Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/simonswine/hoardix

Hoard your nix derivations
https://github.com/simonswine/hoardix

Last synced: 27 days ago
JSON representation

Hoard your nix derivations

Host: GitHub
URL: https://github.com/simonswine/hoardix
Owner: simonswine
License: apache-2.0
Created: 2021-06-12T22:27:31.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2023-06-20T07:52:21.000Z (over 1 year ago)
Last Synced: 2024-06-20T11:09:29.361Z (6 months ago)
Language: Go
Size: 95.7 KB
Stars: 4
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.adoc
- License: LICENSE

Awesome Lists containing this project

README

= Hoardix
:release-version: 0.1.0
:url-gh: https://github.com/simonswine
:url-repo: {url-gh}/hoardix
:url-cachix: https://cachix.org
:url-cache-nix: https://nixos.wiki/wiki/Binary_Cache
:image-url-screenshot: https://raw.githubusercontent.com/asciidoctor/asciidoctor/master/screenshot.png

{url-repo}[Hoardix] is a {url-cachix}[Cachix] API compatible {url-cache-nix}[binary cache for Nix] derivations.

== Usage

=== Configuration

[source,yaml]
----
# base url of how the cache is reached
#
# Cachix will be using the subdomain api.$base_domain to communicate with the
# API, while every cache defined in caches, will be available under its
# subdomain. So for the cachix to be reached it is advised to create a wildcard
# dns record pointing at this cache *.$base_domain.
base_url: http://localhost:5000

# modify http listen port. default: 5000
listen_port: 5000

# modify metrics listen port. default:9500
metric_listen_port: 9500

# define underlying storage for the cache
storage:
s3:
bucket: my-nixos-cache
region: eu-central-1
access_key: AKIA..
secret_key:

# map of caches with the key being the subdomain of the cache.
caches:
private-cache:
# ed25519 private key which will be used to sign uploaded narinfo files.
#
# This key can be generated using:
# $ nix-store \
# --generate-binary-cache-key private-cache.cachix.my-domain.com \
# /dev/stdout /dev/null
private_key: "private-cache.cachix.my-domain.com-1:"

# public caches can be read without authentication. default: false
public: false

# priority defines the cache's priority, when looking for cached
# derivations. default: 41
priority: 41

# substituters allows to define upstream caches, which should be ignored
# while uploading derivations.
#
# This is example is the default upstream nixos binary cache.
substituters:
- url: "https://cache.nixos.org"
public_key: cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=

# this section shows how read and write tokens can be configured, which will
# authorize requests.
tokens:
- static:
tokens:
- insecure-write-token
mappings:
- caches:
- private-cache
permission: write
- static:
tokens:
- insecure-read-token-1
- insecure-read-token-2
mappings:
- caches:
- private-cache
permission: read
----

=== Docker

[subs="attributes"]
----
$ docker run -p 5000:5000 simonswine/hoardix:v{release-version}
----

==== Setup cache

// Tested these and the following steps using docker run -t -i --net host nixos/nix:2.3.11

[source,shell]
----
$ CACHIX_AUTH_TOKEN=insecure-write-token cachix --host http://localhost:5000 use my-cache
----

==== Build hello world derivation and push it to the cache

[source,shell]
----
$ cat > my-build.nix < {} }:
let
inherit (nixpkgs) pkgs;
in
pkgs.writeText "hello.txt" "hello-hoardix"
EOF

$ CACHIX_AUTH_TOKEN=insecure-write-token cachix --host http://localhost:5000 push my-cache $(nix-build --no-out-link my-build.nix)
----

==== Get derivation

[source,shell]
----
$ STORE_PATH=$(nix-build --no-out-link my-build.nix)

# Delete existing derivation
$ nix-store --delete $STORE_PATH
1 store paths deleted, 0.00 MiB freed

# Download it again from the cache
$ nix-store -r $STORE_PATH
these paths will be fetched (0.00 MiB download, 0.00 MiB unpacked):
/nix/store/98mzbdzn6vi2r65l8lqfjpp4sqpqrrv6-hello.txt
copying path '/nix/store/98mzbdzn6vi2r65l8lqfjpp4sqpqrrv6-hello.txt' from 'http://my-cache.localhost:5000'...
warning: you did not specify '--add-root'; the result might be removed by the garbage collector
/nix/store/98mzbdzn6vi2r65l8lqfjpp4sqpqrrv6-hello.txt
----