{ hostRegistry, config, lib, pkgs, ... }: let nix-build = "client@${config.c3d2.hosts.nix-build.ip4}"; in { nix = { extraOptions = '' allowed-uris = http:// https:// ssh:// ''; trustedUsers = [ "hydra" "root" ]; buildMachines = [ { hostName = "localhost"; system = lib.concatStringsSep "," ( [ pkgs.system "i686-linux" ] ++ config.boot.binfmt.emulatedSystems ); supportedFeatures = [ "big-parallel" "benchmark" "kvm" "nixos-test" ]; inherit (config.nix) maxJobs; } ]; daemonCPUSchedPolicy = "idle"; daemonIOSchedClass = "idle"; daemonIOSchedPriority = 7; }; services.hydra-dev = { enable = true; hydraURL = "https://hydra.hq.c3d2.de"; logo = ./c3d2.svg; notificationSender = "hydra@spam.works"; # package = pkgs.hydra-unstable.overrideAttrs (oa: { # # HACK for Hydra error: cannot write modified lock file of flake # patchPhase = '' # ${pkgs.lib.optionalString (oa ? patchPhase) oa.patchPhase} # substituteInPlace src/script/hydra-eval-jobset \ # --replace '"nix", "flake", "info"' '"nix", "flake", "info", "--no-write-lock-file"' # ''; # }); useSubstitutes = true; extraConfig = '' max_output_size = 4294967296 evaluator_workers = 1 evaluator_max_memory_size = 65536 ''; }; systemd.services.hydra-evaluator.serviceConfig = { CPUWeight = 2; MemoryHigh = "32G"; MemoryMax = "40G"; MemorySwapMax = "16G"; }; systemd.services.nix-daemon.serviceConfig = { CPUWeight = 5; MemoryHigh = "32G"; MemoryMax = "40G"; MemorySwapMax = "16G"; }; services.nginx = let hydraVhost = { forceSSL = true; enableACME = true; locations."/".proxyPass = "http://localhost:${toString config.services.hydra.port}"; }; in { enable = true; recommendedProxySettings = true; recommendedGzipSettings = true; virtualHosts = { "hydra.hq.c3d2.de" = hydraVhost // { default = true; }; "hydra.serv.zentralwerk.org" = hydraVhost; }; }; }