diff --git a/flake.nix b/flake.nix index b72e86b..82942f7 100644 --- a/flake.nix +++ b/flake.nix @@ -88,5 +88,9 @@ }; } ); + hydraJobs = { + inherit (self) + packages formatter nixosConfigurations; + }; }; } diff --git a/nixos-modules/nix/default.nix b/nixos-modules/nix/default.nix index 974c9f8..e2c98a3 100644 --- a/nixos-modules/nix/default.nix +++ b/nixos-modules/nix/default.nix @@ -41,13 +41,10 @@ in "nix-command" "flakes" "auto-allocate-uids" - "ca-derivations" "cgroups" - "dynamic-derivations" "fetch-closure" "impure-derivations" "no-url-literals" - "recursive-nix" ]; auto-allocate-uids = true; use-cgroups = true; @@ -57,6 +54,10 @@ in builders-use-substitutes = true; download-attempts = 1; fallback = true; + allowed-uris = [ + "github:" + "gitlab:" + ]; }; buildMachines = let diff --git a/systems/hetzner/default.nix b/systems/hetzner/default.nix index 41703ec..fbe36e1 100644 --- a/systems/hetzner/default.nix +++ b/systems/hetzner/default.nix @@ -182,6 +182,15 @@ in initialPassword = "backupPassword"; }; + services.hydra = { + enable = true; + hydraURL = "https://hydra.missing.ninja"; + notificationSender = "hydra@missing.ninja"; + buildMachinesFiles = []; + useSubstitutes = true; + }; + + disko.devices = { disk = { vdb = { diff --git a/systems/hetzner/nginx.nix b/systems/hetzner/nginx.nix index a89c405..318d823 100644 --- a/systems/hetzner/nginx.nix +++ b/systems/hetzner/nginx.nix @@ -55,6 +55,11 @@ enableACME = true; locations."/".proxyPass = "http://localhost:8080"; }; + "hydra.missing.ninja" = { + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://localhost:3000"; + }; "ci.missing.ninja" = { forceSSL = true; enableACME = true;