From a7248262179d254d6fcc60ec86eab1f295e90dc5 Mon Sep 17 00:00:00 2001 From: Jake Hillion Date: Fri, 31 May 2024 22:34:30 +0100 Subject: [PATCH] sodium: build kernel with ccache --- hosts/sodium.pop.ts.hillion.co.uk/default.nix | 13 ++++++++++ .../default.nix | 26 ++++++++++++++++--- .../hardware-configuration.nix | 5 ++++ 3 files changed, 41 insertions(+), 3 deletions(-) diff --git a/hosts/sodium.pop.ts.hillion.co.uk/default.nix b/hosts/sodium.pop.ts.hillion.co.uk/default.nix index 7479fdc..6c7fa3a 100644 --- a/hosts/sodium.pop.ts.hillion.co.uk/default.nix +++ b/hosts/sodium.pop.ts.hillion.co.uk/default.nix @@ -41,6 +41,19 @@ # }; # }; + ## Use ccache for building the Linux kernel + programs.ccache.enable = true; + nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; + fileSystems."${config.programs.ccache.cacheDir}" = { + device = "${config.custom.dns.authoritative.ipv4.uk.co.hillion.ts.storage.tywin}:/ccache"; + fsType = "nfs"; + options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ]; + }; + programs.ccache.packageNames = [ + # linux_rpi5 overrides from linux_rpi4 + "linux_rpi4" + ]; + ## Custom Services custom.locations.autoServe = true; diff --git a/hosts/tywin.storage.ts.hillion.co.uk/default.nix b/hosts/tywin.storage.ts.hillion.co.uk/default.nix index cc3d9dd..6777799 100644 --- a/hosts/tywin.storage.ts.hillion.co.uk/default.nix +++ b/hosts/tywin.storage.ts.hillion.co.uk/default.nix @@ -67,6 +67,15 @@ interval = "Wed, 02:00"; }; + ## NFS + services.nfs.server = { + enable = true; + exports = '' + /export ${config.custom.dns.authoritative.ipv4.uk.co.hillion.ts.pop.sodium}(ro,fsid=0,no_subtree_check) + /export/ccache ${config.custom.dns.authoritative.ipv4.uk.co.hillion.ts.pop.sodium}(rw,no_subtree_check) + ''; + }; + ## Backups ### Git age.secrets."git/git_backups_ecdsa".file = ../../secrets/git/git_backups_ecdsa.age; @@ -238,8 +247,19 @@ ## Networking networking.nameservers = lib.mkForce [ ]; # Trust the DHCP nameservers - networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ - 80 # Caddy (restic.tywin.storage.ts.) - ]; + networking.firewall = { + trustedInterfaces = [ "tailscale0" ]; + allowedTCPPorts = lib.mkForce [ + ]; + allowedUDPPorts = lib.mkForce [ ]; + interfaces = { + eth0 = { + allowedTCPPorts = lib.mkForce [ + ]; + allowedUDPPorts = lib.mkForce [ + ]; + }; + }; + }; }; } diff --git a/hosts/tywin.storage.ts.hillion.co.uk/hardware-configuration.nix b/hosts/tywin.storage.ts.hillion.co.uk/hardware-configuration.nix index 8615974..46822bd 100644 --- a/hosts/tywin.storage.ts.hillion.co.uk/hardware-configuration.nix +++ b/hosts/tywin.storage.ts.hillion.co.uk/hardware-configuration.nix @@ -67,6 +67,11 @@ fsType = "btrfs"; }; + fileSystems."/export/ccache" = { + device = "/data/ccache"; + options = [ "bind" ]; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking