feat(john-endesktop): add harmonia binary cache service

Replace broken k8s harmonia deployment with native NixOS service. Configuration: - services.harmonia.enable = true - Bind to [::]:5000 (IPv4 and IPv6) - Sign key at /etc/harmonia/signing-key.private - Open firewall port 5000 The signing key must be placed manually on john-endesktop at /etc/harmonia/signing-key.private using the key generated earlier. Closes: x-fqaob
fix: update harmonia signing public key
2026-02-09 08:10:17 -08:00 · 2026-02-08 20:26:48 -08:00
2 changed files with 12 additions and 1 deletions
--- a/machines/john-endesktop/configuration.nix
+++ b/machines/john-endesktop/configuration.nix
@@ -54,6 +54,7 @@ with lib;
      4000  # nfs callback
      4001  # nlockmgr
      4002  # mountd
+      5000  # harmonia binary cache
      20048 # mountd
    ];
    allowedUDPPorts = [
@@ -148,6 +149,16 @@ with lib;
    };
  };

+  # Harmonia binary cache server
+  # Replaces the broken k8s deployment with native NixOS service
+  services.harmonia = {
+    enable = true;
+    signKeyPath = "/etc/harmonia/signing-key.private";
+    settings = {
+      bind = "[::]:5000";
+    };
+  };
+
  # Time zone
  time.timeZone = "America/Los_Angeles"; # Adjust as needed

--- a/roles/common.nix
+++ b/roles/common.nix
@@ -26,7 +26,7 @@
          "https://nix-cache.johnogle.info"
        ];
        trusted-public-keys = [
-          "nix-cache.johnogle.info-1:IC5x8BxnrqkU9XqhMdDnZLtSg9Y3rBJVXhve5DJ92J0="
+          "nix-cache.johnogle.info-1:G0ZGQwcSC4+4SDDFHZI/ZX3a6uFrs/5cjA5Jvaypj0I="
        ];
        fallback = true;
        connect-timeout = 5;
Author	SHA1	Message	Date
dust	7610a9c0e1	feat(john-endesktop): add harmonia binary cache service Replace broken k8s harmonia deployment with native NixOS service. Configuration: - services.harmonia.enable = true - Bind to [::]:5000 (IPv4 and IPv6) - Sign key at /etc/harmonia/signing-key.private - Open firewall port 5000 The signing key must be placed manually on john-endesktop at /etc/harmonia/signing-key.private using the key generated earlier. Closes: x-fqaob	2026-02-09 08:10:17 -08:00
mayor	ff57d3c043	fix: update harmonia signing public key Some checks failed CI / check (push) Successful in 6m48s Details CI / build-and-cache (boxy) (push) Failing after 27m9s Details CI / build-and-cache (john-endesktop) (push) Failing after 9m35s Details CI / build-and-cache (live-usb) (push) Failing after 18m27s Details CI / build-and-cache (nix-book) (push) Failing after 29m17s Details CI / build-and-cache (nix-deck) (push) Failing after 1h12m5s Details CI / build-and-cache (zix790prors) (push) Failing after 20m0s Details	2026-02-08 20:26:48 -08:00