fixup buildbot-nix

This commit is contained in:
Jörg Thalheim 2023-09-10 11:29:56 +00:00
parent 97f1870c15
commit f1b5e56876
2 changed files with 18 additions and 8 deletions

View file

@ -37,7 +37,7 @@ in
{ {
services.buildbot-nix.master = { services.buildbot-nix.master = {
enable = true; enable = true;
url = "https://buildbot.thalheim.io"; domain = "buildbot2.thalheim.io";
workersFile = "/var/lib/secrets/buildbot-nix/workers.json"; workersFile = "/var/lib/secrets/buildbot-nix/workers.json";
github = { github = {
tokenFile = "/var/lib/secrets/buildbot-nix/github-token"; tokenFile = "/var/lib/secrets/buildbot-nix/github-token";
@ -48,6 +48,13 @@ in
githubAdmins = [ "Mic92" ]; githubAdmins = [ "Mic92" ];
}; };
}; };
services.nginx.virtualHosts."buildbot2.thalheim.io" = {
enableACME = true;
forceSSL = true;
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme.acceptTerms = true;
security.acme.defaults.email = "joerg.acme@thalheim.io";
} }
buildbot-nix.nixosModules.buildbot-master buildbot-nix.nixosModules.buildbot-master
]; ];

View file

@ -71,9 +71,10 @@ in
restarted. restarted.
''; '';
}; };
url = lib.mkOption { domain = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "Buildbot url"; description = "Buildbot domain";
example = "buildbot.numtide.com";
}; };
}; };
}; };
@ -97,7 +98,7 @@ in
PORT = builtins.toString cfg.port; PORT = builtins.toString cfg.port;
DB_URL = cfg.dbUrl; DB_URL = cfg.dbUrl;
GITHUB_OAUTH_ID = cfg.github.oauthId; GITHUB_OAUTH_ID = cfg.github.oauthId;
BUILDBOT_URL = cfg.url; BUILDBOT_URL = "https://${cfg.domain}/";
BUILDBOT_GITHUB_USER = cfg.github.githubUser; BUILDBOT_GITHUB_USER = cfg.github.githubUser;
GITHUB_ADMINS = builtins.toString cfg.github.githubAdmins; GITHUB_ADMINS = builtins.toString cfg.github.githubAdmins;
NIX_SUPPORTED_SYSTEMS = builtins.toString cfg.buildSystems; NIX_SUPPORTED_SYSTEMS = builtins.toString cfg.buildSystems;
@ -125,15 +126,16 @@ in
]; ];
}; };
services.nginx.virtualHosts.${cfg.url} = { services.nginx.enable = true;
locations."/".proxyPass = "http://127.0.0.1:${cfg.port}/"; services.nginx.virtualHosts.${cfg.domain} = {
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}/";
locations."/sse" = { locations."/sse" = {
proxyPass = "http://127.0.0.1:${cfg.port}/sse"; proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}/sse";
# proxy buffering will prevent sse to work # proxy buffering will prevent sse to work
extraConfig = "proxy_buffering off;"; extraConfig = "proxy_buffering off;";
}; };
locations."/ws" = { locations."/ws" = {
proxyPass = "http://127.0.0.1:${cfg.port}/ws"; proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}/ws";
proxyWebsockets = true; proxyWebsockets = true;
# raise the proxy timeout for the websocket # raise the proxy timeout for the websocket
extraConfig = "proxy_read_timeout 6000s;"; extraConfig = "proxy_read_timeout 6000s;";
@ -147,5 +149,6 @@ in
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /var/www/buildbot/nix-outputs 0755 buildbot buildbot - -" "d /var/www/buildbot/nix-outputs 0755 buildbot buildbot - -"
]; ];
}; };
} }