3bd4674179
Add other keys used in the snix-cache VM to //ops/users, and drop the `all` alias. Change-Id: I030d0d49e8a6d9e3d8f1e1c2fc19f17ecb7ecb93 Reviewed-on: https://cl.snix.dev/c/snix/+/30165 Autosubmit: Florian Klink <flokli@flokli.de> Tested-by: besadii Reviewed-by: Ryan Lahfa <masterancpp@gmail.com> |
||
|---|---|---|
| .. | ||
| default.nix | ||
| disko.nix | ||
| monitoring.nix | ||
| nar-bridge-module.nix | ||
| nar-bridge.nix | ||
| OWNERS | ||
| README.md | ||
nixos-tvix-cache
This is a fetch-through mirror of cache.nixos.org, hosted by NumTide.
The current machine is a SX65 Hetzner dedicated server with 4x22TB SATA disks, and 2x1TB NVMe disks.
The goals of this machine:
- Exercise snix-store and nar-bridge code
- Collect usage metrics (see Grafana)
- Identify bottlenecks in the current implementations and fix them
- Replace cache.nixos.org?
You can configure this as a Nix substitutor on your systems like this:
nix.settings.substituters = [
"https://nixos.tvix.store"
];
For store paths it hasn't already seen yet, it'll internally ingest its contents into snix-castore (deduplicating in doing so).
Requests for NARs will dynamically reassemble the NAR representation on demand.
Metadata and signatures are preserved (which is why you don't need to add additional trusted keys). We need to produce the same data bit by bit, else the signature check in your Nix/Lix client would fail.
Be however aware that there's zero availability guarantees. We will frequently redeploy this box, and it might become unavailable without prior notice.
Snix currently doesn't have garbage collection. If we run out of disk space, we might either move things to a bigger box or delete everything on it so far.
As it's only a cache, it should however re-ingest things again.