add first working configuration
This commit is contained in:
parent
f81c71a328
commit
97f1870c15
|
@ -40,7 +40,6 @@ GITHUB_WEBHOOK_SECRET = read_secret_file("github-webhook-secret")
|
||||||
# Shape of this file:
|
# Shape of this file:
|
||||||
# [ { "name": "<worker-name>", "pass": "<worker-password>", "cores": "<cpu-cores>" } ]
|
# [ { "name": "<worker-name>", "pass": "<worker-password>", "cores": "<cpu-cores>" } ]
|
||||||
BUILDBOT_NIX_WORKERS = read_secret_file("buildbot-nix-workers")
|
BUILDBOT_NIX_WORKERS = read_secret_file("buildbot-nix-workers")
|
||||||
REPO_FOR_FLAKE_UPDATE = os.environ["REPO_FOR_FLAKE_UPDATE"]
|
|
||||||
BUILDBOT_URL = os.environ["BUILDBOT_URL"]
|
BUILDBOT_URL = os.environ["BUILDBOT_URL"]
|
||||||
BUILDBOT_GITHUB_USER = os.environ["BUILDBOT_GITHUB_USER"]
|
BUILDBOT_GITHUB_USER = os.environ["BUILDBOT_GITHUB_USER"]
|
||||||
NIX_SUPPORTED_SYSTEMS = os.environ["NIX_SUPPORTED_SYSTEMS"].split(" ")
|
NIX_SUPPORTED_SYSTEMS = os.environ["NIX_SUPPORTED_SYSTEMS"].split(" ")
|
||||||
|
|
|
@ -1,19 +1,36 @@
|
||||||
{ nixpkgs, system, buildbot-nix, ... }:
|
{ nixpkgs, system, srvos, buildbot-nix, disko, ... }:
|
||||||
let
|
let
|
||||||
# some example configuration to make it eval
|
# some example configuration to make it eval
|
||||||
dummy = { config, modulesPath, ... }: {
|
dummy = { config, modulesPath, ... }: {
|
||||||
networking.hostName = "example-common";
|
imports = [
|
||||||
system.stateVersion = config.system.nixos.version;
|
#srvos.nixosModules.server
|
||||||
users.users.root.initialPassword = "fnord23";
|
#srvos.nixosModules.hardware-hetzner-cloud
|
||||||
boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
|
disko.nixosModules.disko
|
||||||
fileSystems."/".device = lib.mkDefault "/dev/sda";
|
./disko.nix
|
||||||
|
"${modulesPath}/profiles/qemu-guest.nix"
|
||||||
|
];
|
||||||
|
config = {
|
||||||
|
networking.hostName = "example-common";
|
||||||
|
system.stateVersion = config.system.nixos.version;
|
||||||
|
services.openssh.enable = true;
|
||||||
|
users.users.root.initialPassword = "fnord23";
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE joerg@turingmachine"
|
||||||
|
];
|
||||||
|
|
||||||
|
#users.users.root.initialPassword = "fnord23";
|
||||||
|
#boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
|
||||||
|
#fileSystems."/".device = lib.mkDefault "/dev/sda";
|
||||||
|
|
||||||
|
#systemd.network.networks."10-uplink".networkConfig.Address = [ "2a01:4f9:c012:539b::/64" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
inherit (lib) nixosSystem;
|
inherit (lib) nixosSystem;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
example-master = lib.makeOverridable nixosSystem {
|
example-master = nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [
|
modules = [
|
||||||
dummy
|
dummy
|
||||||
|
@ -21,11 +38,11 @@ in
|
||||||
services.buildbot-nix.master = {
|
services.buildbot-nix.master = {
|
||||||
enable = true;
|
enable = true;
|
||||||
url = "https://buildbot.thalheim.io";
|
url = "https://buildbot.thalheim.io";
|
||||||
workersFile = "/home/mic92/buildbot-nix/workers.json";
|
workersFile = "/var/lib/secrets/buildbot-nix/workers.json";
|
||||||
github = {
|
github = {
|
||||||
tokenFile = "/home/mic92/git/buildbot-nix/github-token";
|
tokenFile = "/var/lib/secrets/buildbot-nix/github-token";
|
||||||
webhookSecretFile = "/home/mic92/buildbot-nix/github-webhook-secret";
|
webhookSecretFile = "/var/lib/secrets/buildbot-nix/github-webhook-secret";
|
||||||
oauthSecretFile = "/home/mic92/buildbot-nix/github-oauth-secret";
|
oauthSecretFile = "/var/lib/secrets/buildbot-nix/github-oauth-secret";
|
||||||
oauthId = "2516248ec6289e4d9818122cce0cbde39e4b788d";
|
oauthId = "2516248ec6289e4d9818122cce0cbde39e4b788d";
|
||||||
githubUser = "mic92-buildbot";
|
githubUser = "mic92-buildbot";
|
||||||
githubAdmins = [ "Mic92" ];
|
githubAdmins = [ "Mic92" ];
|
||||||
|
@ -35,14 +52,14 @@ in
|
||||||
buildbot-nix.nixosModules.buildbot-master
|
buildbot-nix.nixosModules.buildbot-master
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
example-worker = lib.makeOverridable nixosSystem {
|
example-worker = nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [
|
modules = [
|
||||||
dummy
|
dummy
|
||||||
{
|
{
|
||||||
services.buildbot-nix.worker = {
|
services.buildbot-nix.worker = {
|
||||||
enable = true;
|
enable = true;
|
||||||
workerPasswordFile = "/home/mic92/buildbot-nix/worker-password";
|
workerPasswordFile = "/var/lib/secrets/buildbot-nix/worker-password";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
buildbot-nix.nixosModules.buildbot-worker
|
buildbot-nix.nixosModules.buildbot-worker
|
||||||
|
|
35
examples/disko.nix
Normal file
35
examples/disko.nix
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
{
|
||||||
|
disko.devices.disk.sda = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/sda";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
boot = {
|
||||||
|
name = "grub";
|
||||||
|
size = "1M";
|
||||||
|
type = "EF02";
|
||||||
|
};
|
||||||
|
esp = {
|
||||||
|
name = "ESP";
|
||||||
|
type = "EF00";
|
||||||
|
size = "500M";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
root = {
|
||||||
|
name = "root";
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
44
flake.lock
44
flake.lock
|
@ -1,5 +1,25 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"disko": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694266353,
|
||||||
|
"narHash": "sha256-NutPFFKc5FK05zq8JYm8quBKJ93goYowxjW/FKcXAdI=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "disko",
|
||||||
|
"rev": "f9907fcf6df79a76ea7e3a3afe9340a672cb9c6e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "disko",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-parts": {
|
"flake-parts": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
|
@ -54,8 +74,30 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"disko": "disko",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs",
|
||||||
|
"srvos": "srvos"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"srvos": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1694049767,
|
||||||
|
"narHash": "sha256-/S1mbeHO1JAV0hIBK8b92lBw2V34oPfhYPzXr73JCy4=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "srvos",
|
||||||
|
"rev": "6a824ca672288a6c8e4b8ade835f01b7b25fca2c",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "srvos",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
@ -4,10 +4,14 @@
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||||
|
srvos.url = "github:numtide/srvos";
|
||||||
|
srvos.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
disko.url = "github:nix-community/disko";
|
||||||
|
disko.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
flake-parts.url = "github:hercules-ci/flake-parts";
|
flake-parts.url = "github:hercules-ci/flake-parts";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ self, flake-parts, ... }:
|
outputs = inputs@{ self, srvos, flake-parts, ... }:
|
||||||
flake-parts.lib.mkFlake { inherit inputs; } ({ lib, ... }: {
|
flake-parts.lib.mkFlake { inherit inputs; } ({ lib, ... }: {
|
||||||
systems = [ "x86_64-linux" ];
|
systems = [ "x86_64-linux" ];
|
||||||
flake = {
|
flake = {
|
||||||
|
@ -15,7 +19,7 @@
|
||||||
nixosModules.buildbot-worker = ./nix/worker.nix;
|
nixosModules.buildbot-worker = ./nix/worker.nix;
|
||||||
|
|
||||||
nixosConfigurations = import ./examples {
|
nixosConfigurations = import ./examples {
|
||||||
inherit (inputs) nixpkgs;
|
inherit (inputs) nixpkgs srvos disko;
|
||||||
buildbot-nix = self;
|
buildbot-nix = self;
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
};
|
};
|
||||||
|
|
|
@ -80,7 +80,7 @@ in
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.buildbot-master = {
|
services.buildbot-master = {
|
||||||
enable = true;
|
enable = true;
|
||||||
masterCfg = "${../buildbot_nix/master.py}";
|
masterCfg = "${../buildbot_nix}/master.py";
|
||||||
dbUrl = config.services.buildbot-nix.master.dbUrl;
|
dbUrl = config.services.buildbot-nix.master.dbUrl;
|
||||||
pythonPackages = ps: [
|
pythonPackages = ps: [
|
||||||
ps.requests
|
ps.requests
|
||||||
|
|
|
@ -67,7 +67,7 @@ in
|
||||||
|
|
||||||
# Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
|
# Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
|
||||||
ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
|
ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
|
||||||
ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${../buildbot_nix/worker.py}";
|
ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${../buildbot_nix}/worker.py";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue