From f5f046d2971c963f48dbacd63d9445969665bbe0 Mon Sep 17 00:00:00 2001
From: Noa Aarts <noa@voorwaarts.nl>
Date: Fri, 30 Aug 2024 20:49:43 +0200
Subject: [PATCH] feat: nix serve from main pc, also hydra

---
 hosts/default/configuration.nix | 35 +++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix
index 11b77fa..f5c845a 100644
--- a/hosts/default/configuration.nix
+++ b/hosts/default/configuration.nix
@@ -216,6 +216,19 @@
       pulse.enable = true;
       jack.enable = true;
     };
+    nix-serve = {
+      enable = true;
+      secretKeyFile = "/var/cache-priv-key.pem";
+      bindAddress = "127.0.0.1";
+      port = 22332;
+    };
+    hydra = {
+      enable = true;
+      hydraURL = "http://localhost:3000";
+      notificationSender = "hydra@localhost";
+      buildMachinesFiles = [ ];
+      useSubstitutes = true;
+    };
     fail2ban.enable = true;
     greetd = {
       enable = false;
@@ -261,6 +274,28 @@
     };
     flatpak.enable = true;
     udev.packages = [ pkgs.yubikey-personalization ];
+    nginx =
+      {
+        enable = true;
+        package = pkgs.nginx.override {
+          modules = [ pkgs.nginxModules.brotli ];
+        };
+
+
+        recommendedOptimisation = true;
+        recommendedProxySettings = true;
+        recommendedTlsSettings = true;
+        recommendedBrotliSettings = true;
+        sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+
+        virtualHosts = {
+
+          "noasserver" = {
+            locations."/".proxyPass = "http://127.0.0.1:22332";
+          };
+
+        };
+      };
   };
 
   systemd = {