{ config, lib, ... }:

# hydra user needs to be manually crated
# sudo -u hydra -s
# hydra-create-user $USERNAME --password $PASSWORD --role admin

# https://qfpl.io/posts/nix/starting-simple-hydra/
# also for reference a well written hydra config:
# https://github.com/NixOS/nixos-org-configurations/blob/master/delft/hydra.nix

with lib;

mkIf (elem "hydra" config.machine.services) {
  # also take a look at ../conf/nix.nix
  nix.buildMachines = [
    {
      hostName = "localhost";
      system = "x86_64-linux";
      supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
      maxJobs = 8;
    }
  ];

  services.hydra = {
    enable = true;
    hydraURL = "https://builder.${config.machine.domain}"; # externally visible URL
    listenHost = "localhost";
    port = 3001;
    minimumDiskFree = 15;
    minimumDiskFreeEvaluator = 15;
    notificationSender = "hydra@mail.${config.machine.domain}"; # e-mail of hydra service
    useSubstitutes = true;
    debugServer = false;
    # Hints from hydra-queue-runner:
    # binary_cache_dir is deprecated and ignored. use store_uri=file:// instead
    # hydra.conf: binary_cache_secret_key_file is deprecated and ignored. use store_uri=...?secret-key= instead
    extraConfig = ''
      max_output_size = 4294967296
      store_uri = file:///var/cache/hydra?secret-key=${config.machine.secretPath}/hydra_cache&write-nar-listing=1&ls-compression=br&log-compression=br
      # add ?local-nar-cache= to set nar cache location
      server_store_uri = https://cache.${config.machine.domain}
      binary_cache_public_uri https://cache.${config.machine.domain}
      upload_logs_to_binary_cache = true
    '';
  };

  services.nix-serve = {
    enable = true;
    bindAddress = "0.0.0.0";
    port = 5000;
    secretKeyFile = "${config.machine.secretPath}/hydra_cache";
    extraParams = ''
# Dont know how to change the store root yet...
#      --user hydra-queue-runner
#      --group hydra
    ''; 
  };  
}