stockholm/lass/2configs/buildbot-standalone.nix

156 lines
4.6 KiB
Nix
Raw Normal View History

2015-12-30 01:05:14 +00:00
{ lib, config, pkgs, ... }:
2016-06-18 11:26:22 +00:00
2016-10-20 18:54:38 +00:00
with import <stockholm/lib>;
2016-06-18 11:26:22 +00:00
let
2016-07-23 17:19:18 +00:00
sshHostConfig = pkgs.writeText "ssh-config" ''
ControlMaster auto
ControlPath /tmp/%u_sshmux_%r@%h:%p
ControlPersist 4h
'';
2016-06-18 11:26:22 +00:00
in {
config.services.nginx.virtualHosts.build = {
serverAliases = [ "build.prism.r" ];
locations."/".extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
'';
};
2016-06-18 11:26:22 +00:00
config.krebs.buildbot.master = let
stockholm-mirror-url = http://cgit.prism.r/stockholm ;
in {
workers = {
testworker = "lasspass";
2015-12-30 01:05:14 +00:00
};
change_source.stockholm = ''
stockholm_repo = '${stockholm-mirror-url}'
2016-11-28 22:24:47 +00:00
cs.append(
changes.GitPoller(
2015-12-30 01:05:14 +00:00
stockholm_repo,
workdir='stockholm-poller', branches=True,
2015-12-30 01:05:14 +00:00
project='stockholm',
2017-06-19 23:05:50 +00:00
pollinterval=10
2016-11-28 22:24:47 +00:00
)
)
2015-12-30 01:05:14 +00:00
'';
scheduler = {
2016-06-25 08:39:35 +00:00
build-scheduler = ''
# build all hosts
2016-11-28 22:24:47 +00:00
sched.append(
schedulers.SingleBranchScheduler(
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=10,
name="build-all-branches",
2017-06-19 23:05:16 +00:00
builderNames=["build-hosts"]
2016-11-28 22:24:47 +00:00
)
)
'';
2015-12-30 01:05:14 +00:00
};
builder_pre = ''
# prepare grab_repo step for stockholm
2016-11-28 22:24:47 +00:00
grab_repo = steps.Git(
repourl=stockholm_repo,
mode='full'
)
2015-12-30 01:05:14 +00:00
# prepare addShell function
def addShell(factory,**kwargs):
factory.addStep(steps.ShellCommand(**kwargs))
'';
builder = {
build-hosts = ''
f = util.BuildFactory()
f.addStep(grab_repo)
2017-07-04 14:39:10 +00:00
def build_host(user, host):
addShell(f,
name="{}".format(i),
env={
"LOGNAME": user,
"NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
},
command=[
"nix-shell", "--run",
"test --system={} --target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host)
]
)
2016-11-28 22:24:47 +00:00
2017-07-14 00:24:57 +00:00
for i in [ "test-all-krebs-modules", "test-centos7", "test-minimal-deploy", "wolf" ]:
build_host("krebs", i)
2017-06-01 10:49:21 +00:00
for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
2017-07-04 14:39:10 +00:00
build_host("lass", i)
2016-07-28 10:58:54 +00:00
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
2017-07-04 14:39:10 +00:00
build_host("makefu", i)
2016-06-25 07:58:00 +00:00
2017-01-26 22:44:31 +00:00
for i in [ "hiawatha", "onondaga" ]:
2017-07-04 14:39:10 +00:00
build_host("nin", i)
for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]:
2017-07-04 14:39:10 +00:00
build_host("tv", i)
2016-11-28 22:24:47 +00:00
bu.append(
util.BuilderConfig(
name="build-hosts",
2016-11-28 22:24:47 +00:00
workernames=workernames,
factory=f
)
)
2016-06-25 07:58:00 +00:00
2016-08-09 20:49:17 +00:00
'';
2015-12-30 01:05:14 +00:00
};
enable = true;
web.enable = true;
irc = {
enable = true;
nick = "buildbot-lass";
2016-11-11 07:47:46 +00:00
server = "ni.r";
2017-02-15 23:06:15 +00:00
channels = [ { channel = "retiolum"; } { channel = "noise"; } ];
2015-12-30 01:05:14 +00:00
allowForce = true;
};
2017-04-12 10:15:15 +00:00
extraConfig = ''
c['buildbotURL'] = "http://build.prism.r/"
2017-04-12 10:15:15 +00:00
'';
2015-12-30 01:05:14 +00:00
};
config.krebs.buildbot.worker = {
2015-12-30 01:05:14 +00:00
enable = true;
masterhost = "localhost";
username = "testworker";
2015-12-30 01:05:14 +00:00
password = "lasspass";
packages = with pkgs; [ gnumake jq nix populate ];
};
2016-06-18 11:26:22 +00:00
config.krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 9989"; target = "ACCEPT"; }
];
};
2015-12-30 01:05:14 +00:00
};
2016-06-18 11:26:22 +00:00
#ssh workaround for make test
options.lass.build-ssh-privkey = mkOption {
type = types.secret-file;
default = {
path = "${config.users.users.buildbotworker.home}/.ssh/id_rsa";
owner = { inherit (config.users.users.buildbotworker ) name uid;};
2016-06-18 11:26:22 +00:00
source-path = toString <secrets> + "/build.ssh.key";
};
};
config.krebs.secret.files = {
build-ssh-privkey = config.lass.build-ssh-privkey;
};
config.users.users.buildbotworker = {
useDefaultShell = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP"
];
2016-06-18 11:26:22 +00:00
};
2015-12-30 01:05:14 +00:00
}