diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix index acd806d6e..8a647012f 100644 --- a/krebs/2configs/buildbot-all.nix +++ b/krebs/2configs/buildbot-all.nix @@ -1,3 +1,4 @@ +with import ; { lib, config, pkgs, ... }: { imports = [ @@ -7,10 +8,6 @@ networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; krebs.ci.enable = true; krebs.ci.treeStableTimer = 1; - krebs.ci.users.krebs.all = true; - krebs.ci.users.lass.all = true; - krebs.ci.users.makefu.all = true; - krebs.ci.users.nin.all = true; - krebs.ci.users.tv.all = true; + krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts); } diff --git a/krebs/2configs/buildbot-krebs.nix b/krebs/2configs/buildbot-krebs.nix index 40ca3c66d..a09b3b98b 100644 --- a/krebs/2configs/buildbot-krebs.nix +++ b/krebs/2configs/buildbot-krebs.nix @@ -1,3 +1,4 @@ +with import ; { lib, config, pkgs, ... }: { imports = [ @@ -7,7 +8,5 @@ networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; krebs.ci.enable = true; krebs.ci.treeStableTimer = 120; - krebs.ci.users.krebs.hosts = [ - config.networking.hostName - ]; + krebs.ci.hosts = [ config.krebs.build.host ]; } diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index b55827e3a..dab87792e 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -17,30 +17,12 @@ in default = 10; description = "how long to wait until we test changes (in minutes)"; }; - users = mkOption { - type = with types; attrsOf (submodule { - options = { - all = mkOption { - type = bool; - default = false; - }; - hosts = mkOption { - type = listOf str; - default = []; - }; - }; - }); - example = { - lass.all = true; - krebs = { - all = true; - hosts = [ - "test-all-krebs-modules" - "test-arch" - ]; - }; - }; - default = {}; + hosts = mkOption { + type = types.listOf types.host; + default = []; + description = '' + List of hosts that should be build + ''; }; }; @@ -132,23 +114,9 @@ in timeout=90001 ) - ${let - user-hosts = mapAttrs (user: a: let - managed-hosts = attrNames (filterAttrs (_: h: (h.owner.name == user) && h.managed) config.krebs.hosts); - defined-hosts = a.hosts; - in - defined-hosts ++ (optionals a.all managed-hosts) - ) cfg.users; - - in - concatStringsSep "\n" ( - (mapAttrsToList (user: hosts: - concatMapStringsSep "\n" (host: - "build_host(\"${user}\", \"${host}\")" - ) hosts - ) user-hosts) - ) - } + ${concatMapStringsSep "\n" (host: + "build_host(\"${host.owner.name}\", \"${host.name}\")" + ) cfg.hosts} bu.append( util.BuilderConfig( diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 9cd103175..881329a47 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -31,8 +31,8 @@ let in { hosts = { hope = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { internet = { ip4.addr = "45.62.225.18"; @@ -63,8 +63,8 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/"; }; hotdog = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { retiolum = { ip4.addr = "10.243.77.3"; @@ -90,8 +90,8 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; puyak = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { retiolum = { ip4.addr = "10.243.77.2"; @@ -117,8 +117,8 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; }; wolf = { + ci = true; owner = config.krebs.users.krebs; - managed = true; nets = { shack = { ip4.addr = "10.42.2.150" ; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 7aeeb1f21..9b1e6ba20 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -5,7 +5,7 @@ with import ; { hosts = mapAttrs (_: recursiveUpdate { owner = config.krebs.users.lass; - managed = true; + ci = true; }) { dishfire = { cores = 4; @@ -117,6 +117,8 @@ with import ; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChm4sqQ2bUZj+2YnTf6G5HHRTpSe1jTUhJRnwcYPYZKF+CBqBncipRpuGlGXEsptNa+7ZMcQC0ySsz5SUOMt3Ih+NehVe/qt3VtRz0l0MgOWmH2qBwKK9Y4IuxrJQzUmP4UGlOGlFj9DORssSMOyFIG4eZ9k2qMn3xal0NVRfGTShKlouWsiUILZ8I+sDNE00z8DAYesgc1yazvRnjzvLkRxdNdpYiAFBbmXMpPKK95McRJaWsuNSeal9kd5p5PagWcgN4DZ6+ebzz3NKnmzk4j+vuHX0U9lTXBqKMlzzmM2YNLRtDPfrtJNyHqLpZUpFhJKqZCD+4/0zdrzRfC7Th+5czzUCSvHiKPVsqw5eOdiQX6EyzNAF5zpkpRp//QdUNNXC5/Ku6GKCO491+TuA8VCha0fOwBONccTLUI/hGNmCh88mLbukVoeGJrbYNCOA/6kEz7ZLEveU4i+TT7okhDElMsNk+AWCZ8/NdJQNX3/K6+JJ9qAn+/yC8LdjgYYJ2oU/aw5/HyOgiQ0z4n9UfQ7j+nHysY9CQb1b3guX7yjJoc3KpNXCXEztuIRHjFD1EP8NRTSmGjsa/VjLmTLSsqjD+7IE5mT0tO5RJvmagDgdJSr/iR5D9zjW7hx7ttvektrlp9g0v3CiCFVaW4l95hGYT0HaNBLJ5R0YHm0lD+Q=="; }; domsen-nas = { + ci = false; + external = true; nets = rec { internet = { aliases = [ @@ -126,7 +128,6 @@ with import ; ssh.port = 2223; }; }; - managed = false; }; uriel = { cores = 1; @@ -295,10 +296,12 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/MmASvx3i09DY1xFVM5jOhZRZA8rMRqtf8bCIkC+t"; }; iso = { + ci = false; cores = 1; - managed = false; }; sokrateslaptop = { + ci = false; + external = true; nets = { retiolum = { ip4.addr = "10.243.142.104"; @@ -318,7 +321,6 @@ with import ; ''; }; }; - managed = false; }; }; users = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 21ea7e23c..6e0e876b8 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -5,8 +5,8 @@ with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { drop = rec { + ci = true; cores = 1; - managed = true; nets = { retiolum = { ip4.addr = "10.243.177.9"; @@ -28,8 +28,8 @@ with import ; }; }; studio = rec { + ci = true; cores = 4; - managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; nets = { @@ -54,8 +54,8 @@ with import ; }; fileleech = rec { + ci = true; cores = 4; - managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; nets = { @@ -80,8 +80,8 @@ with import ; }; pnp = { + ci = true; cores = 1; - managed = true; nets = { retiolum = { ip4.addr = "10.243.0.210"; @@ -104,8 +104,8 @@ with import ; }; }; darth = { + ci = true; cores = 4; - managed = true; nets = { retiolum = { ip4.addr = "10.243.0.84"; @@ -176,7 +176,7 @@ with import ; }; }; tsp = { - managed = true; + ci = true; cores = 1; nets = { retiolum = { @@ -204,7 +204,7 @@ with import ; }; }; x = { - managed = true; + ci = true; cores = 4; nets = { retiolum = { @@ -249,8 +249,8 @@ with import ; }; vbob = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.1.91"; @@ -312,8 +312,8 @@ with import ; }; }; wry = rec { + ci = true; cores = 1; - managed = true; extraZones = { "krebsco.de" = '' wry IN A ${nets.internet.ip4.addr} @@ -357,8 +357,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry"; }; filepimp = rec { + ci = true; cores = 1; - managed = true; nets = { lan = { ip4.addr = "192.168.1.12"; @@ -387,8 +387,8 @@ with import ; }; omo = rec { + ci = true; cores = 2; - managed = true; nets = { lan = { @@ -421,8 +421,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH"; }; wbob = rec { + ci = true; cores = 4; - managed = true; nets = { siem = { ip4.addr = "10.8.10.7"; @@ -463,8 +463,8 @@ with import ; }; gum = rec { + ci = true; cores = 2; - managed = true; extraZones = { "krebsco.de" = '' @@ -526,8 +526,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; }; shoney = rec { + ci = true; cores = 1; - managed = true; nets = rec { siem = { via = internet; @@ -575,8 +575,8 @@ with import ; }; }; sdev = rec { + ci = true; cores = 1; - managed = true; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev"; nets = { diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix index 7876ab79e..c8d138a44 100644 --- a/krebs/3modules/mv/default.nix +++ b/krebs/3modules/mv/default.nix @@ -5,6 +5,7 @@ with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) { stro = { + ci = true; cores = 4; nets = { retiolum = { diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 68cba633b..79fa27bad 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -8,8 +8,8 @@ with import ; }; hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) { alnus = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.21.1"; @@ -33,6 +33,7 @@ with import ; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; cd = { + ci = true; cores = 2; extraZones = { # TODO generate krebsco.de zone from nets and don't use extraZones at all @@ -40,7 +41,6 @@ with import ; cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} ''; }; - managed = true; nets = { internet = { ip4.addr = "45.62.237.203"; @@ -79,6 +79,7 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOd/HqZIO9Trn3eycl23GZAz21HQCISaVNfNyaLSQvJ6"; }; ju = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.144"; @@ -112,6 +113,7 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM6dL0fQ8Bd0hER0Xa3I2pAWVHdnwOBaAZhbDlLJmUu"; }; kaepsele = { + external = true; nets = { retiolum = { ip4.addr = "10.243.166.2"; @@ -135,8 +137,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wr36T0MmB8pnSO5/pw9/Dfe5+IMgVHOhm6EUa55jj"; }; mu = { + ci = true; cores = 2; - managed = true; nets = { retiolum = { ip4.addr = "10.243.20.1"; @@ -205,8 +207,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; nomic = { + ci = true; cores = 2; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.110"; @@ -237,6 +239,7 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; ok = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.1"; @@ -245,6 +248,7 @@ with import ; }; }; schnabeldrucker = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.21"; @@ -253,6 +257,7 @@ with import ; }; }; schnabelscanner = { + external = true; nets = { gg23 = { ip4.addr = "10.23.1.22"; @@ -261,8 +266,8 @@ with import ; }; }; wu = { + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.37"; @@ -299,8 +304,8 @@ with import ; binary-cache = { pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; }; + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.38"; @@ -335,8 +340,8 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { + ci = true; cores = 4; - managed = true; nets = { gg23 = { ip4.addr = "10.23.1.39"; diff --git a/lass/3modules/hosts.nix b/lass/3modules/hosts.nix index 7e3af10be..37cbf3ed3 100644 --- a/lass/3modules/hosts.nix +++ b/lass/3modules/hosts.nix @@ -6,7 +6,7 @@ with import ; options.lass.hosts = mkOption { type = types.attrsOf types.host; default = - filterAttrs (_: host: host.owner.name == "lass" && host.managed) + filterAttrs (_: host: host.owner.name == "lass" && host.ci) config.krebs.hosts; }; } diff --git a/lass/source.nix b/lass/source.nix index 8430ecb16..26c668241 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -19,6 +19,6 @@ in # 87a4615 & 334ac4f # + acme permissions for groups # fd7a8f1 - ref = "60dc02d"; + ref = "fe46ffc"; }; } diff --git a/lib/types.nix b/lib/types.nix index 8c6846887..70570a6b3 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -31,9 +31,20 @@ rec { default = null; }; - managed = mkOption { + ci = mkOption { description = '' - If true, then the host's configuration is defined in stockholm. + If true, then the host wants to be tested by some CI system. + See + ''; + type = bool; + default = false; + }; + + external = mkOption { + description = '' + Whether the host is defined externally (in contrast to being defined + in ). This is useful e.g. when legacy and/or adopted + hosts should be part of retiolum or some other component. ''; type = bool; default = false;