From 3dd4526878b455fa12d80b28cfda7656c0b8e384 Mon Sep 17 00:00:00 2001
From: uku <uku3lig@gmail.com>
Date: Mon, 1 Apr 2024 23:13:29 +0200
Subject: [PATCH] feat(etna): add attic

---
 flake.lock                   | 43 +++++++++++++++++++++++++++++++-----
 flake.nix                    | 15 +++++++++++++
 secrets/etna/atticEnv.age    | 13 +++++++++++
 secrets/secrets.nix          |  1 +
 systems/default.nix          |  1 +
 systems/etna/default.nix     | 36 ++++++++++++++++++++++++++++++
 systems/fuji-wsl/default.nix | 11 ++++++++-
 7 files changed, 114 insertions(+), 6 deletions(-)
 create mode 100644 secrets/etna/atticEnv.age

diff --git a/flake.lock b/flake.lock
index d00ac2d..f9caa6a 100644
--- a/flake.lock
+++ b/flake.lock
@@ -51,6 +51,36 @@
         "type": "github"
       }
     },
+    "attic": {
+      "inputs": {
+        "crane": [
+          "crane"
+        ],
+        "flake-compat": [],
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-stable": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1711742460,
+        "narHash": "sha256-0O4v6e4a1toxXZ2gf5INhg4WPE5C5T+SVvsBt+45Mcc=",
+        "owner": "zhaofengli",
+        "repo": "attic",
+        "rev": "4dbdbee45728d8ce5788db6461aaaa89d98081f0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "zhaofengli",
+        "repo": "attic",
+        "type": "github"
+      }
+    },
     "catppuccin": {
       "locked": {
         "lastModified": 1710663401,
@@ -69,16 +99,15 @@
     "crane": {
       "inputs": {
         "nixpkgs": [
-          "lanzaboote",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1711299236,
-        "narHash": "sha256-6/JsyozOMKN8LUGqWMopKTSiK8N79T8Q+hcxu2KkTXg=",
+        "lastModified": 1711681752,
+        "narHash": "sha256-LEg6/dmEFxx6Ygti5DO9MOhGNpyB7zdxdWtzv/FCTXk=",
         "owner": "ipetkov",
         "repo": "crane",
-        "rev": "880573f80d09e18a11713f402b9e6172a085449f",
+        "rev": "ada0fb4dcce4561acb1eb17c59b7306d9d4a95f3",
         "type": "github"
       },
       "original": {
@@ -174,7 +203,9 @@
     },
     "lanzaboote": {
       "inputs": {
-        "crane": "crane",
+        "crane": [
+          "crane"
+        ],
         "flake-compat": [],
         "flake-parts": [
           "flake-parts"
@@ -245,7 +276,9 @@
       "inputs": {
         "agenix": "agenix",
         "api-rs": "api-rs",
+        "attic": "attic",
         "catppuccin": "catppuccin",
+        "crane": "crane",
         "deploy-rs": "deploy-rs",
         "flake-parts": "flake-parts",
         "flake-utils": "flake-utils",
diff --git a/flake.nix b/flake.nix
index b01cc70..da898f3 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,6 +38,11 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    crane = {
+      url = "github:ipetkov/crane";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     catppuccin.url = "github:Stonks3141/ctp-nix";
 
     lanzaboote = {
@@ -45,6 +50,7 @@
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.flake-parts.follows = "flake-parts";
       inputs.flake-utils.follows = "flake-utils";
+      inputs.crane.follows = "crane";
       inputs.pre-commit-hooks-nix.follows = "";
       inputs.flake-compat.follows = "";
     };
@@ -64,6 +70,15 @@
       inputs.flake-compat.follows = "";
     };
 
+    attic = {
+      url = "github:zhaofengli/attic";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.nixpkgs-stable.follows = "nixpkgs"; # trolley emojo
+      inputs.flake-utils.follows = "flake-utils";
+      inputs.crane.follows = "crane";
+      inputs.flake-compat.follows = "";
+    };
+
     vscode-extensions = {
       url = "github:nix-community/nix-vscode-extensions";
       inputs.nixpkgs.follows = "nixpkgs";
diff --git a/secrets/etna/atticEnv.age b/secrets/etna/atticEnv.age
new file mode 100644
index 0000000..a49c76b
--- /dev/null
+++ b/secrets/etna/atticEnv.age
@@ -0,0 +1,13 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3RVNXS0JUMERheGlMbnVQ
+OGZuZmxZZWUyaWNPSGJINUhZK1BBT0ZIZ1FFCmh1MkVwRlNhbThVd0ZJZHVnWTJZ
+NXVGUTlWdENpa2dLT09NOHptcG1pQVkKLT4gWDI1NTE5IHF6YVNYTG5Bei91SWFN
+WVFoNmZwb2djbmRWUVpYMmRDRHcwSDBUSU9VMkEKRnF1ZWFRK0ZXODlxT2d0cmlS
+dm52bFVNMTlseU1BcjFNNEpJRFQwa21BcwotPiBYMjU1MTkgNkFoWU9zZFh3THdG
+akkwVG8vS0pOSXhma1RJNE55cUd2Z2RzK2lZczBWSQpYTUJwRi95M1BYK1ljNHdM
+SGMzaVJDUVhwd1NlZm1BcHBUdW5md3J1dzFzCi0tLSBZTFdKdXBhdUFkc3RHaVZp
+RERMLzdQdlFNY1VsOEV0RHZxWkdZdTc3ckRJCuxCX+OeUcJc4In8bxG+03Xd6OtF
+w7oOJMZWH9rxu9x1NhGO6+pDnokiqci6B2dhWHbhHERQmOLrOkzx56qjHQkUlu8I
+Gpb4zFV4c6YEQaieg/TJsIdiQ79htJhNY0dw+I7ZGAMt+6euwrApT1prve7R5oUb
+/xgdhNqW9SHhsDvjCrRGyIWjLcBmk6ZOt11FbMc3com5vLgCbcKuKl562q0=
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 05cde89..f965d54 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -19,4 +19,5 @@ in {
   "etna/ukubotRsEnv.age".publicKeys = main ++ [etna];
   "etna/ngrokEnv.age".publicKeys = main ++ [etna];
   "etna/minecraftEnv.age".publicKeys = main ++ [etna];
+  "etna/atticEnv.age".publicKeys = main ++ [etna];
 }
diff --git a/systems/default.nix b/systems/default.nix
index 4067cd0..b2bf78e 100644
--- a/systems/default.nix
+++ b/systems/default.nix
@@ -63,6 +63,7 @@ in {
       modules =
         nixos
         ++ (with inputs; [
+          attic.nixosModules.atticd
           api-rs.nixosModules.default
           ukubot-rs.nixosModules.default
           self.nixosModules.reposilite
diff --git a/systems/etna/default.nix b/systems/etna/default.nix
index 0e4ac52..0d11b04 100644
--- a/systems/etna/default.nix
+++ b/systems/etna/default.nix
@@ -12,6 +12,12 @@
       group = "cloudflared";
     };
 
+    atticEnv = {
+      file = "${path}/atticEnv.age";
+      owner = "atticd";
+      group = "atticd";
+    };
+
     apiRsEnv.file = "${path}/apiRsEnv.age";
     ukubotRsEnv.file = "${path}/ukubotRsEnv.age";
     ngrokEnv.file = "${path}/ngrokEnv.age";
@@ -82,6 +88,35 @@
       };
     };
 
+    atticd = {
+      enable = true;
+      credentialsFile = config.age.secrets.atticEnv.path;
+
+      settings = {
+        listen = "[::]:6000";
+        api-endpoint = "https://attic.uku3lig.net/";
+
+        storage = {
+          type = "local";
+          path = "/data/attic";
+        };
+
+        chunking = {
+          nar-size-threshold = 65536; # 64 KiB
+          min-size = 16384; # 16 KiB
+          avg-size = 65536; # 64 KiB
+          max-size = 262144; # 256 KiB
+        };
+
+        compression.type = "zstd";
+
+        garbage-collection = {
+          interval = "1 day";
+          default-retention-period = "6 weeks";
+        };
+      };
+    };
+
     cloudflared = {
       enable = true;
       tunnels."57f51ad7-25a0-45f3-b113-0b6ae0b2c3e5" = {
@@ -91,6 +126,7 @@
           "api.uku3lig.net" = "http://localhost:5000";
           "bw.uku3lig.net" = "http://localhost:8222";
           "maven.uku3lig.net" = "http://localhost:8080";
+          "attic.uku3lig.net" = "http://localhost:6000";
           "m.uku.moe" = "http://localhost:80";
         };
 
diff --git a/systems/fuji-wsl/default.nix b/systems/fuji-wsl/default.nix
index ecf7f64..7bf88ea 100644
--- a/systems/fuji-wsl/default.nix
+++ b/systems/fuji-wsl/default.nix
@@ -1,4 +1,13 @@
-{config, ...}: {
+{
+  config,
+  pkgs,
+  attic,
+  ...
+}: {
+  environment.systemPackages = [
+    attic.packages.${pkgs.system}.attic
+  ];
+
   wsl = {
     enable = true;
     defaultUser = "leo";