Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'gum/master'

Browse Source
This commit is contained in:
tv 2016-11-18 14:44:18 +01:00
commit 151ca19a6e
18 changed files with 323 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
krebs/3modules/buildbot/buildbot-worker.patch Normal file
View File

@ -0,0 +1,11 @@
--- ./buildbot_worker/scripts/logwatcher.py 2016-11-10 23:25:46.956000000 +0100
+++ ./buildbot_worker/scripts/logwatcher.py.fix 2016-11-10 23:24:33.225000000 +0100
@@ -76,7 +76,7 @@
if platform.system().lower() == 'sunos' and os.path.exists('/usr/xpg4/bin/tail'):
tailBin = "/usr/xpg4/bin/tail"
else:
- tailBin = "/usr/bin/tail"
+ tailBin = "tail"
self.p = reactor.spawnProcess(self.pp, tailBin,
("tail", "-f", "-n", "0", self.logfile),
env=os.environ,

11
krebs/3modules/buildbot/buildbot.patch Normal file
View File

@ -0,0 +1,11 @@
--- ./buildbot/scripts/logwatcher.py 2016-11-10 23:25:46.956000000 +0100
+++ ./buildbot/scripts/logwatcher.py.fix 2016-11-10 23:24:33.225000000 +0100
@@ -76,7 +76,7 @@
if platform.system().lower() == 'sunos' and os.path.exists('/usr/xpg4/bin/tail'):
tailBin = "/usr/xpg4/bin/tail"
else:
- tailBin = "/usr/bin/tail"
+ tailBin = "tail"
self.p = reactor.spawnProcess(self.pp, tailBin,
("tail", "-f", "-n", "0", self.logfile),
env=os.environ,

95
krebs/3modules/buildbot/master.nix
View File

@ -3,14 +3,10 @@
with import <stockholm/lib>; with import <stockholm/lib>;
let let
# https://github.com/NixOS/nixpkgs/issues/14026 buildbot = pkgs.stdenv.lib.overrideDerivation pkgs.buildbot-full (old:{
nixpkgs-fix = import (pkgs.fetchgit { patches = [ ./buildbot.patch ];
url = https://github.com/nixos/nixpkgs; propagatedBuildInputs = old.propagatedBuildInputs ++ [ pkgs.coreutils ];
rev = "e026b5c243ea39810826e68362718f5d703fb5d0"; });
sha256 = "87e0724910a6df0371f883f99a8cf42e366fb4119f676f6f74ffb404beca2632";
}) {};
buildbot = nixpkgs-fix.buildbot;
buildbot-master-config = pkgs.writeText "buildbot-master.cfg" '' buildbot-master-config = pkgs.writeText "buildbot-master.cfg" ''
# -*- python -*- # -*- python -*-
from buildbot.plugins import * from buildbot.plugins import *
@ -18,11 +14,11 @@ let
import json import json
c = BuildmasterConfig = {} c = BuildmasterConfig = {}
c['slaves'] = [] c['workers'] = []
slaves = json.loads('${builtins.toJSON cfg.slaves}') workers = json.loads('${builtins.toJSON cfg.workers}')
slavenames = [ s for s in slaves ] workernames = [ s for s in workers ]
for k,v in slaves.items(): for k,v in workers.items():
c['slaves'].append(buildslave.BuildSlave(k, v)) c['workers'].append(worker.Worker(k, v))
# TODO: configure protocols? # TODO: configure protocols?
c['protocols'] = {'pb': {'port': 9989}} c['protocols'] = {'pb': {'port': 9989}}
@ -63,32 +59,46 @@ let
####### Status ####### Status
c['status'] = st = [] c['services'] = []
# If you want to configure this url, override with extraConfig # If you want to configure this url, override with extraConfig
c['buildbotURL'] = "http://${config.networking.hostName}:${toString cfg.web.port}/" c['buildbotURL'] = "http://${config.networking.hostName}:${toString cfg.web.port}/"
${optionalString (cfg.web.enable) '' ${optionalString (cfg.web.enable) ''
from buildbot.status import html from buildbot.plugins import util
from buildbot.status.web import authz, auth
authz_cfg=authz.Authz( #authz_cfg=authz.Authz(
auth=auth.BasicAuth([ ("${cfg.web.username}","${cfg.web.password}") ]), # auth=auth.BasicAuth([ ]),
# TODO: configure harder # # TODO: configure harder
gracefulShutdown = False, # gracefulShutdown = False,
forceBuild = 'auth', # forceBuild = 'auth',
forceAllBuilds = 'auth', # forceAllBuilds = 'auth',
pingBuilder = False, # pingBuilder = False,
stopBuild = 'auth', # stopBuild = 'auth',
stopAllBuilds = 'auth', # stopAllBuilds = 'auth',
cancelPendingBuild = 'auth' # cancelPendingBuild = 'auth'
) #)
# TODO: configure krebs.nginx # TODO: configure krebs.nginx
st.append(html.WebStatus(http_port=${toString cfg.web.port}, authz=authz_cfg)) c['www'] = dict(
port = ${toString cfg.web.port},
plugins = { 'waterfall_view':{}, 'console_view':{} }
)
c['www']['auth'] = util.UserPasswordAuth({"${cfg.web.username}":"${cfg.web.password}"})
c['www']['authz'] = util.Authz(
allowRules = [
util.StopBuildEndpointMatcher(role="admins"),
util.ForceBuildEndpointMatcher(role="admins"),
util.RebuildBuildEndpointMatcher(role="admins")
],
roleMatchers = [
util.RolesFromEmails(admins=["${cfg.web.username}"])
]
)
''} ''}
${optionalString (cfg.irc.enable) '' ${optionalString (cfg.irc.enable) ''
from buildbot.status import words from buildbot.plugins import reporters
irc = words.IRC("${cfg.irc.server}", "${cfg.irc.nick}", irc = reporters.IRC("${cfg.irc.server}", "${cfg.irc.nick}",
channels=${builtins.toJSON cfg.irc.channels}, channels=${builtins.toJSON cfg.irc.channels},
notify_events={ notify_events={
'success': 1, 'success': 1,
@ -97,7 +107,7 @@ let
'successToFailure': 1, 'successToFailure': 1,
'failureToSuccess': 1, 'failureToSuccess': 1,
}${optionalString cfg.irc.allowForce ",allowForce=True"}) }${optionalString cfg.irc.allowForce ",allowForce=True"})
c['status'].append(irc) c['services'].append(irc)
''} ''}
${ concatStringsSep "\n" ${ concatStringsSep "\n"
@ -150,12 +160,12 @@ let
''; '';
}; };
slaves = mkOption { workers = mkOption {
default = {}; default = {};
type = types.attrsOf types.str; type = types.attrsOf types.str;
description = '' description = ''
Attrset of slavenames with their passwords Attrset of workernames with their passwords
slavename = slavepassword workername = workerpassword
''; '';
}; };
@ -283,8 +293,12 @@ let
options = { options = {
enable = mkEnableOption "Buildbot Master IRC Status"; enable = mkEnableOption "Buildbot Master IRC Status";
channels = mkOption { channels = mkOption {
default = [ "nix-buildbot-meetup" ]; default = [ { channel = "nix-buildbot-meetup";} ];
type = with types; listOf str; example = literalExample ''[
{channel = "nix-buildbot-meetup";}
{channel = "nix-buildbot-lol"; "password" = "lol";}
]'';
type = with types; listOf (attrsOf str);
description = '' description = ''
irc channels the bot should connect to irc channels the bot should connect to
''; '';
@ -333,7 +347,7 @@ let
}; };
users.extraGroups.buildbotMaster = { users.extraGroups.buildbotMaster = {
gid = 672626386; gid = genid "buildbotMaster";
}; };
systemd.services.buildbotMaster = { systemd.services.buildbotMaster = {
@ -350,8 +364,6 @@ let
secretsdir = shell.escape (toString <secrets>); secretsdir = shell.escape (toString <secrets>);
in { in {
PermissionsStartOnly = true; PermissionsStartOnly = true;
Type = "forking";
PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? # TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeDash "buildbot-master-init" '' ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux set -efux
@ -375,9 +387,8 @@ let
chmod 700 -R ${workdir} chmod 700 -R ${workdir}
chown buildbotMaster:buildbotMaster -R ${workdir} chown buildbotMaster:buildbotMaster -R ${workdir}
''; '';
ExecStart = "${buildbot}/bin/buildbot start ${workdir}"; ExecStart = "${buildbot}/bin/buildbot start --nodaemon ${workdir}";
ExecStop = "${buildbot}/bin/buildbot stop ${workdir}"; # ExecReload = "${buildbot}/bin/buildbot reconfig ${workdir}";
ExecReload = "${buildbot}/bin/buildbot reconfig ${workdir}";
PrivateTmp = "true"; PrivateTmp = "true";
User = "buildbotMaster"; User = "buildbotMaster";
Restart = "always"; Restart = "always";

101
krebs/3modules/buildbot/slave.nix
View File

@ -2,53 +2,21 @@
with import <stockholm/lib>; with import <stockholm/lib>;
let let
buildbot-slave-init = pkgs.writeText "buildbot-slave.tac" ''
import os
from buildslave.bot import BuildSlave
from twisted.application import service
basedir = '${cfg.workDir}'
rotateLength = 10000000
maxRotatedFiles = 10
application = service.Application('buildslave')
from twisted.python.logfile import LogFile
from twisted.python.log import ILogObserver, FileLogObserver
logfile = LogFile.fromFullPath(os.path.join(basedir, "twistd.log"), rotateLength=rotateLength,
maxRotatedFiles=maxRotatedFiles)
application.setComponent(ILogObserver, FileLogObserver(logfile).emit)
buildmaster_host = '${cfg.masterhost}'
# TODO: masterport?
port = 9989
slavename = '${cfg.username}'
passwd = '${cfg.password}'
keepalive = 600
usepty = 0
umask = None
maxdelay = 300
allow_shutdown = None
${cfg.extraConfig}
s = BuildSlave(buildmaster_host, port, slavename, passwd, basedir,
keepalive, usepty, umask=umask, maxdelay=maxdelay,
allow_shutdown=allow_shutdown)
s.setServiceParent(application)
'';
default-packages = [ pkgs.git pkgs.bash ]; default-packages = [ pkgs.git pkgs.bash ];
cfg = config.krebs.buildbot.slave; buildbot = pkgs.stdenv.lib.overrideDerivation pkgs.buildbot-worker (old:{
patches = [ ./buildbot-worker.patch ];
propagatedBuildInputs = old.propagatedBuildInputs ++ [ pkgs.coreutils ];
});
cfg = config.krebs.buildbot.worker;
api = { api = {
enable = mkEnableOption "Buildbot Slave"; enable = mkEnableOption "Buildbot worker";
workDir = mkOption { workDir = mkOption {
default = "/var/lib/buildbot/slave"; default = "/var/lib/buildbot/worker";
type = types.str; type = types.str;
description = '' description = ''
Path to build bot slave directory. Path to build bot worker directory.
Will be created on startup. Will be created on startup.
''; '';
}; };
@ -64,30 +32,30 @@ let
username = mkOption { username = mkOption {
type = types.str; type = types.str;
description = '' description = ''
slavename used to authenticate with master workername used to authenticate with master
''; '';
}; };
password = mkOption { password = mkOption {
type = types.str; type = types.str;
description = '' description = ''
slave password used to authenticate with master worker password used to authenticate with master
''; '';
}; };
contact = mkOption { contact = mkOption {
default = "nix slave <buildslave@${config.networking.hostName}>"; default = "nix worker <buildworker@${config.networking.hostName}>";
type = types.str; type = types.str;
description = '' description = ''
contact to be announced by buildslave contact to be announced by buildworker
''; '';
}; };
description = mkOption { description = mkOption {
default = "Nix Generated BuildSlave"; default = "Nix Generated Buildworker";
type = types.str; type = types.str;
description = '' description = ''
description for hostto be announced by buildslave description for hostto be announced by buildworker
''; '';
}; };
@ -95,7 +63,7 @@ let
default = [ pkgs.git ]; default = [ pkgs.git ];
type = with types; listOf package; type = with types; listOf package;
description = '' description = ''
packages which should be in path for buildslave packages which should be in path for buildworker
''; '';
}; };
@ -106,7 +74,7 @@ let
}; };
type = types.attrsOf types.str; type = types.attrsOf types.str;
description = '' description = ''
extra environment variables to be provided to the buildslave service extra environment variables to be provided to the buildworker service
if you need nixpkgs, e.g. for running nix-shell you can set NIX_PATH here. if you need nixpkgs, e.g. for running nix-shell you can set NIX_PATH here.
''; '';
}; };
@ -119,26 +87,26 @@ let
keepalive = 600 keepalive = 600
''; '';
description = '' description = ''
extra config evaluated before calling BuildSlave init in .tac file extra config evaluated before calling Buildworker init in .tac file
''; '';
}; };
}; };
imp = { imp = {
users.extraUsers.buildbotSlave = { users.extraUsers.buildbotworker = {
uid = genid "buildbotSlave"; uid = genid "buildbotworker";
description = "Buildbot Slave"; description = "Buildbot worker";
home = cfg.workDir; home = cfg.workDir;
createHome = false; createHome = false;
}; };
users.extraGroups.buildbotSlave = { users.extraGroups.buildbotworker = {
gid = 1408105834; gid = genid "buildbotworker";
}; };
systemd.services."buildbotSlave-${cfg.username}-${cfg.masterhost}" = { systemd.services."buildbotworker-${cfg.username}-${cfg.masterhost}" = {
description = "Buildbot Slave for ${cfg.username}@${cfg.masterhost}"; description = "Buildbot worker for ${cfg.username}@${cfg.masterhost}";
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = default-packages ++ cfg.packages; path = default-packages ++ cfg.packages;
@ -152,27 +120,28 @@ let
workdir = shell.escape cfg.workDir; workdir = shell.escape cfg.workDir;
contact = shell.escape cfg.contact; contact = shell.escape cfg.contact;
description = shell.escape cfg.description; description = shell.escape cfg.description;
buildbot = pkgs.buildbot-slave; masterhost = shell.escape cfg.masterhost;
# TODO:make this username = shell.escape cfg.username;
password = shell.escape cfg.password;
in { in {
PermissionsStartOnly = true; PermissionsStartOnly = true;
Type = "forking"; Type = "forking";
PIDFile = "${workdir}/twistd.pid"; PIDFile = "${workdir}/twistd.pid";
# TODO: maybe also prepare buildbot.tac? ExecStartPre = pkgs.writeDash "buildbot-slave-init" ''
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux set -efux
mkdir -p ${workdir}/info mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac # TODO: cleanup .tac file?
${buildbot}/bin/buildbot-worker create-worker ${workdir} ${masterhost} ${username} ${password}
echo ${contact} > ${workdir}/info/admin echo ${contact} > ${workdir}/info/admin
echo ${description} > ${workdir}/info/host echo ${description} > ${workdir}/info/host
chown buildbotSlave:buildbotSlave -R ${workdir} chown buildbotworker:buildbotworker -R ${workdir}
chmod 700 -R ${workdir} chmod 700 -R ${workdir}
''; '';
ExecStart = "${buildbot}/bin/buildslave start ${workdir}"; ExecStart = "${buildbot}/bin/buildbot-worker start ${workdir}";
ExecStop = "${buildbot}/bin/buildslave stop ${workdir}"; ExecStop = "${buildbot}/bin/buildbot-worker stop ${workdir}";
PrivateTmp = "true"; PrivateTmp = "true";
User = "buildbotSlave"; User = "buildbotworker";
Restart = "always"; Restart = "always";
RestartSec = "10"; RestartSec = "10";
}; };
@ -180,6 +149,6 @@ let
}; };
in in
{ {
options.krebs.buildbot.slave = api; options.krebs.buildbot.worker = api;
config = lib.mkIf cfg.enable imp; config = lib.mkIf cfg.enable imp;
} }

2
krebs/5pkgs/Reaktor/plugins.nix
View File

@ -59,7 +59,7 @@ rec {
}; };
sed-plugin = buildSimpleReaktorPlugin "sed-plugin" { sed-plugin = buildSimpleReaktorPlugin "sed-plugin" {
path = [ pkgs.gnused pkgs.python3 ]; path = [ pkgs.gnused pkgs.proot pkgs.python3 ];
# only support s///gi the plugin needs to see every msg # only support s///gi the plugin needs to see every msg
# TODO: this will eat up the last regex, fix Reaktor to support fallthru # TODO: this will eat up the last regex, fix Reaktor to support fallthru
append_rule = true; append_rule = true;

17
krebs/5pkgs/Reaktor/scripts/sed-plugin.py
View File

@ -34,9 +34,22 @@ if m:
flagstr = '' flagstr = ''
last = d.get(usr,None) last = d.get(usr,None)
if last: if last:
#print(re.sub(fn,tn,last,count=count,flags=flags))
from subprocess import Popen,PIPE from subprocess import Popen,PIPE
p = Popen(['sed','s/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE ) import shutil
from os.path import realpath
# sed only needs stdin/stdout, we protect state_dir with this
# input to read/write arbitrary files:
# s/.\/\/; w /tmp/i (props to waldi)
# conclusion: sed is untrusted and we handle it like this
p = Popen(['proot',
# '-v','1',
'-w','/', # cwd is root
'-b','/nix/store', # mount important folders
'-b','/usr',
'-b','/bin',
'-r','/var/empty', # chroot to /var/empty
realpath(shutil.which('sed')),
's/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
so,se = p.communicate(bytes("{}\n".format(last),"UTF-8")) so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
if p.returncode: if p.returncode:
print("something went wrong when trying to process your regex: {}".format(se.decode())) print("something went wrong when trying to process your regex: {}".format(se.decode()))

81
krebs/5pkgs/buildbot/default.nix Normal file
View File

@ -0,0 +1,81 @@
{ pkgs, stdenv, pythonPackages, fetchurl, coreutils, plugins ? [] }:
pythonPackages.buildPythonApplication (rec {
name = "${pname}-${version}";
pname = "buildbot";
version = "0.9.1";
src = fetchurl {
url = "mirror://pypi/b/${pname}/${name}.tar.gz";
sha256 = "1kk4dlkk4rznwid9xykq2lbzksvkcr4r5kmz9hgh5hswdzv8bwx9";
};
doCheck = false;
buildInputs = with pythonPackages; [
lz4
txrequests
pyjade
boto3
moto
txgithub
mock
setuptoolsTrial
isort
pylint
astroid
pyflakes
];
propagatedBuildInputs = with pythonPackages; [
# core
twisted
jinja2
zope_interface
future
sqlalchemy
sqlalchemy_migrate
future
dateutil
txaio
autobahn
# tls
pyopenssl
service-identity
idna
pkgs.treq
# docs
sphinx
sphinxcontrib-blockdiag
sphinxcontrib-spelling
pyenchant
docutils
ramlfications
sphinx-jinja
] ++ plugins;
preInstall = ''
# writes out a file that can't be read properly
sed -i.bak -e '69,84d' buildbot/test/unit/test_www_config.py
# re-hardcode path to tail
sed -i.bak 's|/usr/bin/tail|${coreutils}/bin/tail|' buildbot/scripts/logwatcher.py
'';
postFixup = ''
mv -v $out/bin/buildbot $out/bin/.wrapped-buildbot
echo "#!/bin/sh" > $out/bin/buildbot
echo "export PYTHONPATH=$PYTHONPATH" >> $out/bin/buildbot
echo "exec $out/bin/.wrapped-buildbot \"\$@\"" >> $out/bin/buildbot
chmod -c 555 $out/bin/buildbot
'';
meta = with stdenv.lib; {
homepage = http://buildbot.net/;
description = "Continuous integration system that automates the build/test cycle";
maintainers = with maintainers; [ nand0p ryansydnor ];
platforms = platforms.all;
license = licenses.gpl2;
};
})

24
krebs/5pkgs/buildbot/worker.nix Normal file
View File

@ -0,0 +1,24 @@
{ pkgs, stdenv, fetchurl, pythonPackages }:
pythonPackages.buildPythonApplication (rec {
name = "${pname}-${version}";
pname = "buildbot-worker";
version = "0.9.1";
doCheck = false;
src = fetchurl {
url = "mirror://pypi/b/${pname}/${name}.tar.gz";
sha256 = "00p9l1qz6mx12npjwsycp8f9a8f2har15ig79pfsg8z7a7yw93hx";
};
buildInputs = with pythonPackages; [ setuptoolsTrial mock ];
propagatedBuildInputs = with pythonPackages; [ twisted future pkgs.treq ];
meta = with stdenv.lib; {
homepage = http://buildbot.net/;
description = "Buildbot Worker Daemon";
maintainers = with maintainers; [ nand0p ryansydnor ];
platforms = platforms.all;
license = licenses.gpl2;
};
})

6
krebs/5pkgs/default.nix
View File

@ -38,6 +38,12 @@ with import <stockholm/lib>;
ReaktorPlugins = callPackage ./Reaktor/plugins.nix {}; ReaktorPlugins = callPackage ./Reaktor/plugins.nix {};
buildbot = callPackage ./buildbot {};
buildbot-full = callPackage ./buildbot {
plugins = with pkgs.buildbot-plugins; [ www console-view waterfall-view ];
};
buildbot-worker = callPackage ./buildbot/worker.nix {};
# XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d
symlinkJoin = { name, paths, ... }@args: let symlinkJoin = { name, paths, ... }@args: let
x = pkgs.symlinkJoin args; x = pkgs.symlinkJoin args;

17
krebs/5pkgs/treq/default.nix Normal file
View File

@ -0,0 +1,17 @@
{ stdenv, fetchurl, pythonPackages }:
pythonPackages.buildPythonPackage rec {
name = "${pname}-${version}";
pname = "treq";
version = "15.1.0";
src = fetchurl {
url = "mirror://pypi/t/${pname}/${name}.tar.gz";
sha256= "425a47d5d52a993d51211028fb6ade252e5fbea094e878bb4b644096a7322de8";
};
propagatedBuildInputs = with pythonPackages; [
twisted
pyopenssl
requests2
service-identity
];
}

2
lass/2configs/buildbot-standalone.nix
View File

@ -162,7 +162,7 @@ in {
enable = true; enable = true;
nick = "buildbot-lass"; nick = "buildbot-lass";
server = "ni.r"; server = "ni.r";
channels = [ "retiolum" ]; channels = [ { channels = "retiolum"; } ];
allowForce = true; allowForce = true;
}; };
}; };

8
makefu/1systems/vbob.nix
View File

@ -8,12 +8,12 @@
(toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>) (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
(toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>) (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
../2configs/main-laptop.nix #< base-gui ../2configs/main-laptop.nix #< base-gui
# <secrets/extra-hosts.nix>
# environment # environment
../2configs/tinc/retiolum.nix ../2configs/tinc/retiolum.nix
]; ];
networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
# workaround for https://github.com/NixOS/nixpkgs/issues/16641 # workaround for https://github.com/NixOS/nixpkgs/issues/16641
services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
@ -41,8 +41,10 @@
get get
logstash logstash
# docker # docker
devpi-web #devpi-web
devpi-client #devpi-client
debmirror
ansible
]; ];
# virtualisation.docker.enable = true; # virtualisation.docker.enable = true;

2
makefu/2configs/graphite-standalone.nix
View File

@ -9,7 +9,7 @@ with import <stockholm/lib>;
services.graphite = { services.graphite = {
web = { web = {
enable = true; enable = true;
host = "0.0.0.0"; listenAddress = "0.0.0.0";
}; };
carbon = { carbon = {
enableCache = true; enableCache = true;

8
makefu/2configs/save-diskspace.nix
View File

@ -1,9 +1,11 @@
_: _:
# TODO: do not check out nixpkgs master but fetch revision from github # TODO: do not check out nixpkgs master but fetch revision from github
{ {
services.nixosManual.enable = false; environment.noXlibs = true;
programs.man.enable = false;
services.journald.extraConfig = "SystemMaxUse=50M";
nix.gc.automatic = true; nix.gc.automatic = true;
nix.gc.dates = "03:10"; nix.gc.dates = "03:10";
programs.info.enable = false;
programs.man.enable = false;
services.journald.extraConfig = "SystemMaxUse=50M";
services.nixosManual.enable = false;
} }

41
makefu/5pkgs/debmirror/default.nix Normal file
View File

@ -0,0 +1,41 @@
{ stdenv, pkgs, fetchgit }:
pkgs.perlPackages.buildPerlPackage rec {
name = "debmirror-${version}";
version = "2.25";
enableParallelBuilding = true;
src = fetchgit {
url = "https://anonscm.debian.org/git/collab-maint/debmirror.git";
rev = "c77e5caa15a4ab6497db5d819614387e647ccf4e";
sha256 = "1zp8ff9ajw22b4wradnw1hnfcpbyx5ibqzqgk6kp79nsj1dzmm0d";
};
preConfigure = ''
touch Makefile.PL
'';
outputs = [ "out" ];
buildPhase = ''
make
'';
doCheck = false;
installPhase = ''
mkdir -p $out/bin $out/share/man/man1/
cp debmirror mirror-size $out/bin
cp debmirror.1 $out/share/man/man1/
'';
propagatedBuildInputs = (with pkgs.perlPackages; [ LockFileSimple LWP]) ++
(with pkgs; [ rsync patch ed gzip diffutils findutils gnupg1 xz ]);
meta = {
description = "mirror apt repos";
homepage = https://tracker.debian.org/pkg/debmirror;
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = with stdenv.lib.maintainers; [ makefu ];
};
}

4
makefu/5pkgs/default.nix
View File

@ -10,7 +10,9 @@ in
alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";}; alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
awesomecfg = callPackage ./awesomecfg {}; awesomecfg = callPackage ./awesomecfg {};
bintray-upload = callPackage ./bintray-upload {}; bintray-upload = callPackage ./bintray-upload {};
inherit (callPackage ./devpi {}) devpi-web devpi-server; debmirror = callPackage ./debmirror {};
inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
elchhub = callPackage ./elchhub {};
f3 = callPackage ./f3 {}; f3 = callPackage ./f3 {};
farpd = callPackage ./farpd {}; farpd = callPackage ./farpd {};
git-xlsx-textconv = callPackage ./git-xlsx-textconv {}; git-xlsx-textconv = callPackage ./git-xlsx-textconv {};

2
shared/1systems/test-all-krebs-modules.nix
View File

@ -16,7 +16,7 @@ in {
# FIXME fast-tests / instantiate-test-all-modules fails at wolfbot # FIXME fast-tests / instantiate-test-all-modules fails at wolfbot
# http://wolf:8010/builders/fast-tests/builds/442 # http://wolf:8010/builders/fast-tests/builds/442
#buildbot.master.enable = true; #buildbot.master.enable = true;
buildbot.slave = { buildbot.worker = {
enable = true; enable = true;
username = "lol"; username = "lol";
password = "wut"; password = "wut";

36
shared/2configs/shared-buildbot.nix
View File

@ -11,14 +11,13 @@
# /nix/store should be cleaned up automatically as well # /nix/store should be cleaned up automatically as well
nix.gc.automatic = true; nix.gc.automatic = true;
nix.gc.dates = "05:23"; nix.gc.dates = "05:23";
networking.firewall.allowedTCPPorts = [ 8010 9989 ]; networking.firewall.allowedTCPPorts = [ 8010 9989 ];
krebs.buildbot.master = let krebs.buildbot.master = let
stockholm-mirror-url = http://cgit.wolf/stockholm-mirror ; stockholm-mirror-url = http://cgit.wolf/stockholm-mirror ;
in { in {
secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
slaves = { workers = {
testslave = "krebspass"; testworker = "krebspass";
}; };
change_source.stockholm = '' change_source.stockholm = ''
stockholm_repo = '${stockholm-mirror-url}' stockholm_repo = '${stockholm-mirror-url}'
@ -40,9 +39,7 @@
''; '';
fast-tests-scheduler = '' fast-tests-scheduler = ''
# test everything real quick # test everything real quick
sched.append(schedulers.SingleBranchScheduler( sched.append(schedulers.AnyBranchScheduler(
## all branches
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=10, treeStableTimer=10,
name="fast-all-branches", name="fast-all-branches",
builderNames=["fast-tests"])) builderNames=["fast-tests"]))
@ -109,7 +106,7 @@
system={}".format(i)]) system={}".format(i)])
bu.append(util.BuilderConfig(name="fast-tests", bu.append(util.BuilderConfig(name="fast-tests",
slavenames=slavenames, workernames=workernames,
factory=f)) factory=f))
''; '';
@ -119,36 +116,27 @@
f = util.BuildFactory() f = util.BuildFactory()
f.addStep(grab_repo) f.addStep(grab_repo)
for i in [ "test-all-krebs-modules", "wolf" ]:
addShell(f,name="build-{}".format(i),env=env,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
system={}".format(i)])
bu.append(util.BuilderConfig(name="build-local", bu.append(util.BuilderConfig(name="build-local",
slavenames=slavenames, workernames=workernames,
factory=f)) factory=f))
''; '';
# slow-tests = '' # slow-tests = ''
# s = util.BuildFactory() # s = util.BuildFactory()
# s.addStep(grab_repo) # s.addStep(grab_repo)
# #
# # slave needs 2 files: # # worker needs 2 files:
# # * cac.json # # * cac.json
# # * retiolum # # * retiolum
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", slavedest="cac.json")) # s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", workerdest="cac.json"))
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", slavedest="retiolum.rsa_key.priv")) # s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", workerdest="retiolum.rsa_key.priv"))
# addShell(s, name="infest-cac-centos7",env=env, # addShell(s, name="infest-cac-centos7",env=env,
# sigtermTime=60, # SIGTERM 1 minute before SIGKILL # sigtermTime=60, # SIGTERM 1 minute before SIGKILL
# timeout=10800, # 3h # timeout=10800, # 3h
# command=nixshell + ["infest-cac-centos7"]) # command=nixshell + ["infest-cac-centos7"])
# #
# bu.append(util.BuilderConfig(name="full-tests", # bu.append(util.BuilderConfig(name="full-tests",
# slavenames=slavenames, # workernames=workernames,
# factory=s)) # factory=s))
# ''; # '';
}; };
@ -160,15 +148,15 @@
enable = true; enable = true;
nick = "wolfbot"; nick = "wolfbot";
server = "ni.r"; server = "ni.r";
channels = [ "retiolum" ]; channels = [ { channel = "retiolum"; } ];
allowForce = true; allowForce = true;
}; };
}; };
krebs.buildbot.slave = { krebs.buildbot.worker = {
enable = true; enable = true;
masterhost = "localhost"; masterhost = "localhost";
username = "testslave"; username = "testworker";
password = "krebspass"; password = "krebspass";
packages = with pkgs; [ gnumake jq nix populate ]; packages = with pkgs; [ gnumake jq nix populate ];
# all nix commands will need a working nixpkgs installation # all nix commands will need a working nixpkgs installation