torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

nix-cache02: add scheduled builds timer
Some checks failed
Run nix flake check / flake-check (push) Failing after 5m7s
Details
Periodic flake update / flake-update (push) Successful in 2m18s
Details

Browse Source 
Add a systemd timer that triggers builds for all hosts every 2 hours
via NATS, keeping the binary cache warm.

- Add scheduler.nix with timer (every 2h) and oneshot service
- Add scheduler NATS user to DEPLOY account
- Add Vault secret and variable for scheduler NKey
- Increase nix-cache02 memory from 16GB to 20GB

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Torjus Håkestad
2026-02-12 00:50:09 +01:00
parent fa4a418007
commit ed1821b073
7 changed files with 95 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
docs/plans/nix-cache-reprovision.md
View File

@@ -12,6 +12,7 @@ Reprovision `nix-cache01` using the OpenTofu workflow, and improve the build/cac
**Phase 2: NATS Build Triggering** - COMPLETE
**Phase 3: Safe Flake Update Workflow** - NOT STARTED
**Phase 4: Complete Migration** - COMPLETE
**Phase 5: Scheduled Builds** - COMPLETE
## Completed Work
@@ -103,24 +104,20 @@ The `homelab-deploy` tool was extended with a builder mode:
- Removed from `flake.nix`
- Deleted VM from Proxmox
### Phase 5: Scheduled Builds (Optional)
### Phase 5: Scheduled Builds
Add a systemd timer on nix-cache02 to trigger periodic builds via NATS:
Implemented a systemd timer on nix-cache02 that triggers builds every 2 hours:
```nix
systemd.services.scheduled-build = {
script = ''
homelab-deploy build nixos-servers --all
homelab-deploy build nixos --all
'';
};
systemd.timers.scheduled-build = {
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = "*-*-* *:30:00";
};
```
- **Timer**: `scheduled-build.timer` runs every 2 hours with 5m random jitter
- **Service**: `scheduled-build.service` calls `homelab-deploy build` for both repos
- **Authentication**: Dedicated scheduler NKey stored in Vault
- **NATS user**: Added to DEPLOY account with publish `build.>` and subscribe `build.responses.>`
Or trigger builds from CI after merges to master.
Files:
- `hosts/nix-cache02/scheduler.nix` - Timer and service configuration
- `services/nats/default.nix` - Scheduler NATS user
- `terraform/vault/secrets.tf` - Scheduler NKey secret
- `terraform/vault/variables.tf` - Variable for scheduler NKey
## Resolved Questions