From 2b415162b620c4bee2b39f688b4f51d896209887 Mon Sep 17 00:00:00 2001
From: Fabian Hauser <fabian@fh2.ch>
Date: Fri, 6 Dec 2024 14:26:01 +0200
Subject: [PATCH] Use attic from nixpkgs

---
 flake.lock                                    | 145 +-----------------
 flake.nix                                     |   1 -
 nixos-configurations/default.nix              |   8 -
 .../lindberg-build/applications/attic.nix     |   5 +-
 4 files changed, 9 insertions(+), 150 deletions(-)

diff --git a/flake.lock b/flake.lock
index 8f0ef83..c15a68f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,53 +1,9 @@
 {
   "nodes": {
-    "attic": {
-      "inputs": {
-        "crane": "crane",
-        "flake-compat": "flake-compat",
-        "flake-parts": "flake-parts",
-        "nix-github-actions": "nix-github-actions",
-        "nixpkgs": "nixpkgs",
-        "nixpkgs-stable": "nixpkgs-stable"
-      },
-      "locked": {
-        "lastModified": 1731270564,
-        "narHash": "sha256-6KMC/NH/VWP5Eb+hA56hz0urel3jP6Y6cF2PX6xaTkk=",
-        "owner": "zhaofengli",
-        "repo": "attic",
-        "rev": "47752427561f1c34debb16728a210d378f0ece36",
-        "type": "github"
-      },
-      "original": {
-        "owner": "zhaofengli",
-        "repo": "attic",
-        "type": "github"
-      }
-    },
-    "crane": {
-      "inputs": {
-        "nixpkgs": [
-          "attic",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1722960479,
-        "narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=",
-        "owner": "ipetkov",
-        "repo": "crane",
-        "rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4",
-        "type": "github"
-      },
-      "original": {
-        "owner": "ipetkov",
-        "repo": "crane",
-        "type": "github"
-      }
-    },
     "deploy-rs": {
       "inputs": {
-        "flake-compat": "flake-compat_2",
-        "nixpkgs": "nixpkgs_2",
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs",
         "utils": "utils"
       },
       "locked": {
@@ -100,71 +56,13 @@
         "type": "github"
       }
     },
-    "flake-compat_2": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "flake-parts": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "attic",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1722555600,
-        "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
-    "nix-github-actions": {
-      "inputs": {
-        "nixpkgs": [
-          "attic",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1729742964,
-        "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
-        "owner": "nix-community",
-        "repo": "nix-github-actions",
-        "rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nix-github-actions",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1726042813,
-        "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=",
+        "lastModified": 1702272962,
+        "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "159be5db480d1df880a0135ca0bfed84c2f88353",
+        "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
         "type": "github"
       },
       "original": {
@@ -206,38 +104,6 @@
         "type": "github"
       }
     },
-    "nixpkgs-stable": {
-      "locked": {
-        "lastModified": 1724316499,
-        "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1702272962,
-        "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "private": {
       "inputs": {
         "nixpkgs-nixos-unstable": [
@@ -259,7 +125,6 @@
     },
     "root": {
       "inputs": {
-        "attic": "attic",
         "deploy-rs": "deploy-rs",
         "disko": "disko",
         "nixpkgs-nixos-stable": "nixpkgs-nixos-stable",
diff --git a/flake.nix b/flake.nix
index b641eed..d9dae25 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,7 +5,6 @@
     extra-trusted-public-keys = "qois-infrastructure:lh35ymN7Aoxm5Hz0S6JusxE+cYzMU+x9OMKjDVIpfuE=";
   };
   inputs = {
-    attic.url = "github:zhaofengli/attic";
     deploy-rs.url = "github:serokell/deploy-rs";
     disko = {
       url = "github:nix-community/disko";
diff --git a/nixos-configurations/default.nix b/nixos-configurations/default.nix
index 6fccd8b..00253e0 100644
--- a/nixos-configurations/default.nix
+++ b/nixos-configurations/default.nix
@@ -3,7 +3,6 @@
   pkgs,
   nixpkgs-nixos-stable,
   disko,
-  attic,
   sops-nix,
   ...
 }@inputs:
@@ -20,13 +19,6 @@ pkgs.lib.genAttrs configs (
     modules = [
       self.nixosModules.default
       ./${config}/default.nix
-      (
-        { ... }:
-        {
-          imports = [ "${attic}/nixos/atticd.nix" ];
-          services.atticd.useFlakeCompatOverlay = false;
-        }
-      )
       disko.nixosModules.disko
       sops-nix.nixosModules.sops
       (
diff --git a/nixos-configurations/lindberg-build/applications/attic.nix b/nixos-configurations/lindberg-build/applications/attic.nix
index 2825897..c0b0cc0 100644
--- a/nixos-configurations/lindberg-build/applications/attic.nix
+++ b/nixos-configurations/lindberg-build/applications/attic.nix
@@ -14,7 +14,7 @@ in
     # generate secret with
     # nix run system#openssl rand 64 | base64 -w0
     # ATTIC_SERVER_TOKEN_HS256_SECRET_BASE64="output from openssl"
-    credentialsFile = config.sops.secrets."attic/server_token".path;
+    environmentFile = config.sops.secrets."attic/server_token".path;
 
     settings = {
       listen = "127.0.0.1:${builtins.toString atticPort}";
@@ -44,6 +44,8 @@ in
         max-size = 256 * 1024; # 256 KiB
       };
 
+      garbage-collection.default-retention-period = "6 months";
+
       database.url = "postgresql:///atticd?host=/run/postgresql";
     };
   };
@@ -51,6 +53,7 @@ in
   imports = [ ../../../defaults/webserver ];
 
   qois.postgresql.enable = true;
+
   # Note: Attic cache availability is "best effort", so no artifacts are backed up.
 
   services.postgresql = {