Merge branch 'master' of gum.krebsco.de:stockholm
This commit is contained in:
commit
36b34fdebe
@ -273,6 +273,7 @@ with lib;
|
||||
mattermost.euer IN A ${head nets.internet.addrs4}
|
||||
git.euer IN A ${head nets.internet.addrs4}
|
||||
gum IN A ${head nets.internet.addrs4}
|
||||
cgit.euer IN A ${head nets.internet.addrs4}
|
||||
'';
|
||||
};
|
||||
nets = {
|
||||
@ -287,6 +288,7 @@ with lib;
|
||||
addrs6 = ["42:f9f0:0000:0000:0000:0000:0000:70d2"];
|
||||
aliases = [
|
||||
"gum.retiolum"
|
||||
"cgit.gum.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
@ -302,10 +304,26 @@ with lib;
|
||||
};
|
||||
};
|
||||
};
|
||||
users = addNames {
|
||||
users = addNames rec {
|
||||
makefu = {
|
||||
mail = "makefu@pornocauster.retiolum";
|
||||
pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster";
|
||||
};
|
||||
makefu-omo = {
|
||||
inherit (makefu) mail;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch";
|
||||
};
|
||||
makefu-tsp = {
|
||||
inherit (makefu) mail;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp";
|
||||
};
|
||||
makefu-vbob = {
|
||||
inherit (makefu) mail;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@vbob";
|
||||
};
|
||||
exco = {
|
||||
mail = "dickbutt@excogitation.de";
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== dickbutt@excogitation.de";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
87
krebs/5pkgs/fortclientsslvpn/default.nix
Normal file
87
krebs/5pkgs/fortclientsslvpn/default.nix
Normal file
@ -0,0 +1,87 @@
|
||||
{ stdenv, lib, fetchurl, gtk, glib, libSM, gdk_pixbuf, libX11, libXinerama, iproute,
|
||||
makeWrapper, libredirect, ppp, coreutils, gawk, pango }:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "forticlientsslvpn";
|
||||
# forticlient will be copied into /tmp before execution. this is necessary as
|
||||
# the software demands $base to be writeable
|
||||
|
||||
src = fetchurl {
|
||||
# archive.org mirror:
|
||||
# https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz
|
||||
url = http://www.zen.co.uk/userfiles/knowledgebase/FortigateSSLVPNClient/forticlientsslvpn_linux_4.4.2317.tar.gz;
|
||||
sha256 = "19clnf9rgrnwazlpah8zz5kvz6kc8lxawrgmksx25k5ywflmbcrr";
|
||||
};
|
||||
phases = [ "unpackPhase" "buildPhase" "installPhase" "fixupPhase" ];
|
||||
|
||||
buildInputs = [ makeWrapper ];
|
||||
|
||||
binPath = lib.makeSearchPath "bin" [
|
||||
coreutils
|
||||
gawk
|
||||
];
|
||||
|
||||
|
||||
libPath = lib.makeLibraryPath [
|
||||
stdenv.cc.cc
|
||||
];
|
||||
|
||||
guiLibPath = lib.makeLibraryPath [
|
||||
gtk
|
||||
glib
|
||||
libSM
|
||||
gdk_pixbuf
|
||||
libX11
|
||||
libXinerama
|
||||
pango
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
# TODO: 32bit, use the 32bit folder
|
||||
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \
|
||||
--set-rpath "$libPath" \
|
||||
64bit/forticlientsslvpn_cli
|
||||
|
||||
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \
|
||||
--set-rpath "$libPath:$guiLibPath" \
|
||||
64bit/forticlientsslvpn
|
||||
|
||||
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \
|
||||
--set-rpath "$libPath" \
|
||||
64bit/helper/subproc
|
||||
|
||||
sed -i 's#\(export PATH=\).*#\1"${binPath}"#' 64bit/helper/waitppp.sh
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p "$out/opt/fortinet"
|
||||
|
||||
cp -r 64bit/. "$out/opt/fortinet"
|
||||
wrapProgram $out/opt/fortinet/forticlientsslvpn \
|
||||
--set LD_PRELOAD "${libredirect}/lib/libredirect.so" \
|
||||
--set NIX_REDIRECTS /usr/sbin/ip=${iproute}/bin/ip:/usr/sbin/ppp=${ppp}/bin/ppp
|
||||
|
||||
mkdir -p "$out/bin/"
|
||||
|
||||
cat > $out/bin/forticlientsslvpn <<EOF
|
||||
#!/bin/sh
|
||||
# prepare suid bit in tmp
|
||||
# TODO maybe tmp does not support suid
|
||||
set -euf
|
||||
tmpforti=\$(${coreutils}/bin/mktemp -d)
|
||||
trap "rm -rf \$tmpforti;" INT TERM EXIT
|
||||
cp -r $out/opt/fortinet/. \$tmpforti
|
||||
chmod +s \$tmpforti/helper/subproc
|
||||
cd \$tmpforti
|
||||
"./forticlientsslvpn" "\$@"
|
||||
EOF
|
||||
|
||||
chmod +x $out/bin/forticlientsslvpn
|
||||
chmod -x $out/opt/fortinet/helper/showlicense
|
||||
'';
|
||||
meta = {
|
||||
homepage = http://www.fortinet.com;
|
||||
description = "Forticlient SSL-VPN client";
|
||||
license = lib.licenses.nonfree;
|
||||
maintainers = [ lib.maintainers.makefu ];
|
||||
};
|
||||
}
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== christian.stoeveken@gmail.com
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@nixos
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
#
|
||||
#
|
||||
{ config, pkgs, ... }:
|
||||
{ lib, config, pkgs, ... }:
|
||||
|
||||
{
|
||||
krebs.build.host = config.krebs.hosts.vbob;
|
||||
@ -12,13 +12,21 @@
|
||||
../2configs/main-laptop.nix #< base-gui
|
||||
|
||||
# environment
|
||||
|
||||
../2configs/zsh-user.nix
|
||||
../2configs/virtualization.nix
|
||||
];
|
||||
|
||||
# allow vbob to deploy self
|
||||
users.extraUsers = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
||||
};
|
||||
};
|
||||
nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
|
||||
environment.systemPackages = with pkgs;[
|
||||
get
|
||||
];
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
25
|
||||
|
18
makefu/2configs/Reaktor/full.nix
Normal file
18
makefu/2configs/Reaktor/full.nix
Normal file
@ -0,0 +1,18 @@
|
||||
_:
|
||||
{
|
||||
# implementation of the complete Reaktor bot
|
||||
imports = [
|
||||
#./stockholmLentil.nix
|
||||
./simpleExtend.nix
|
||||
./random-emoji.nix
|
||||
./titlebot.nix
|
||||
./shack-correct.nix
|
||||
./sed-plugin.nix
|
||||
];
|
||||
krebs.Reaktor.nickname = "Reaktor|bot";
|
||||
krebs.Reaktor.enable = true;
|
||||
|
||||
krebs.Reaktor.extraEnviron = {
|
||||
REAKTOR_CHANNELS = "#krebs,#binaergewitter,#shackspace";
|
||||
};
|
||||
}
|
@ -80,26 +80,6 @@ let
|
||||
};
|
||||
|
||||
in {
|
||||
imports = [{
|
||||
krebs.users = {
|
||||
makefu-omo = {
|
||||
name = "makefu-omo" ;
|
||||
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub;
|
||||
};
|
||||
makefu-vbob = {
|
||||
name = "makefu-vbob" ;
|
||||
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_vbob.ssh.pub;
|
||||
};
|
||||
makefu-tsp = {
|
||||
name = "makefu-tsp" ;
|
||||
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub;
|
||||
};
|
||||
exco = {
|
||||
name = "exco";
|
||||
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/exco.ssh.pub;
|
||||
};
|
||||
};
|
||||
}];
|
||||
krebs.git = {
|
||||
enable = true;
|
||||
root-title = "public repositories";
|
||||
|
@ -5,6 +5,36 @@ let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
{
|
||||
programs.zsh.enable = true;
|
||||
users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
|
||||
programs.zsh= {
|
||||
enable = true;
|
||||
interactiveShellInit = ''
|
||||
HISTSIZE=900001
|
||||
HISTFILESIZE=$HISTSIZE
|
||||
SAVEHIST=$HISTSIZE
|
||||
|
||||
setopt HIST_IGNORE_ALL_DUPS
|
||||
setopt HIST_IGNORE_SPACE
|
||||
setopt HIST_FIND_NO_DUPS
|
||||
bindkey -e
|
||||
# shift-tab
|
||||
bindkey '^[[Z' reverse-menu-complete
|
||||
|
||||
autoload -U compinit && compinit
|
||||
zstyle ':completion:*' menu select
|
||||
'';
|
||||
|
||||
promptInit = ''
|
||||
RPROMPT=""
|
||||
autoload colors && colors
|
||||
case $UID in
|
||||
0) PROMPT="%{$fg[red]%}%~%{$reset_color%} " ;;
|
||||
9001) PROMPT="%{$fg[green]%}%~%{$reset_color%} " ;;
|
||||
*) PROMPT="%{$fg[yellow]%}%n %{$fg[green]%}%~%{$reset_color%} " ;;
|
||||
esac
|
||||
if test -n "$SSH_CLIENT"; then
|
||||
PROMPT="%{$fg[magenta]%}%m $PROMPT"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
179
makefu/3modules/buildbot/master.nix
Normal file
179
makefu/3modules/buildbot/master.nix
Normal file
@ -0,0 +1,179 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
buildbot = pkgs.buildbot;
|
||||
buildbot-master-config = pkgs.writeText "buildbot-master.cfg" ''
|
||||
# -*- python -*-
|
||||
from buildbot.plugins import *
|
||||
|
||||
c = BuildmasterConfig = {}
|
||||
|
||||
c['slaves'] = []
|
||||
# TODO: template potential buildslaves
|
||||
# TODO: set password?
|
||||
for i in [ 'testslave' ]:
|
||||
c['slaves'].append(buildslave.BuildSlave(i, "krebspass"))
|
||||
|
||||
c['protocols'] = {'pb': {'port': 9989}}
|
||||
|
||||
####### Build Inputs
|
||||
stockholm_repo = 'http://cgit.gum/stockholm'
|
||||
c['change_source'] = []
|
||||
c['change_source'].append(changes.GitPoller(
|
||||
stockholm_repo,
|
||||
workdir='stockholm-poller', branch='master',
|
||||
project='stockholm',
|
||||
pollinterval=300))
|
||||
|
||||
####### Build Scheduler
|
||||
# TODO: configure scheduler
|
||||
important_files = util.ChangeFilter(
|
||||
project_re="^((krebs|share)/.*|Makefile|default.nix)",
|
||||
branch='master')
|
||||
c['schedulers'] = []
|
||||
c['schedulers'].append(schedulers.SingleBranchScheduler(
|
||||
name="all-important-files",
|
||||
change_filter=important_files,
|
||||
# 3 minutes stable tree
|
||||
treeStableTimer=3*60,
|
||||
builderNames=["runtests"]))
|
||||
c['schedulers'].append(schedulers.ForceScheduler(
|
||||
name="force",
|
||||
builderNames=["runtests"]))
|
||||
###### The actual build
|
||||
factory = util.BuildFactory()
|
||||
factory.addStep(steps.Git(repourl=stockholm_repo, mode='incremental'))
|
||||
|
||||
deps = [ "gnumake", "jq" ]
|
||||
factory.addStep(steps.ShellCommand(command=["nix-shell", "-p" ] + deps ))
|
||||
factory.addStep(steps.ShellCommand(env={"LOGNAME": "shared"},
|
||||
command=["make", "get=krebs.deploy",
|
||||
"system=test-centos7"]))
|
||||
|
||||
# TODO: different Builders?
|
||||
c['builders'] = []
|
||||
c['builders'].append(
|
||||
util.BuilderConfig(name="runtests",
|
||||
# TODO: only some slaves being used in builder?
|
||||
slavenames=c['slaves'],
|
||||
factory=factory))
|
||||
|
||||
####### Status of Builds
|
||||
c['status'] = []
|
||||
|
||||
from buildbot.status import html
|
||||
from buildbot.status.web import authz, auth
|
||||
# TODO: configure if http is wanted
|
||||
authz_cfg=authz.Authz(
|
||||
# TODO: configure user/pw
|
||||
auth=auth.BasicAuth([("krebs","bob")]),
|
||||
gracefulShutdown = False,
|
||||
forceBuild = 'auth',
|
||||
forceAllBuilds = 'auth',
|
||||
pingBuilder = False,
|
||||
stopBuild = False,
|
||||
stopAllBuilds = False,
|
||||
cancelPendingBuild = False,
|
||||
)
|
||||
# TODO: configure nginx
|
||||
c['status'].append(html.WebStatus(http_port=8010, authz=authz_cfg))
|
||||
|
||||
from buildbot.status import words
|
||||
# TODO: configure IRC Bot
|
||||
irc = words.IRC("irc.freenode.net", "krebsbuild",
|
||||
channels=["krebs"],
|
||||
notify_events={
|
||||
'sucess': 1,
|
||||
'failure': 1,
|
||||
'exception': 1,
|
||||
'successToFailure': 1,
|
||||
'failureToSuccess': 1,
|
||||
},allowForce=True)
|
||||
c['status'].append(irc)
|
||||
|
||||
####### PROJECT IDENTITY
|
||||
c['title'] = "Stockholm"
|
||||
c['titleURL'] = "http://krebsco.de"
|
||||
|
||||
c['buildbotURL'] = "http://buildbot.krebsco.de/"
|
||||
|
||||
####### DB URL
|
||||
c['db'] = {
|
||||
'db_url' : "sqlite:///state.sqlite",
|
||||
}
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
cfg = config.makefu.buildbot.master;
|
||||
|
||||
api = {
|
||||
enable = mkEnableOption "Buildbot Master";
|
||||
|
||||
workDir = mkOption {
|
||||
default = "/var/lib/buildbot/master";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Path to build bot master directory.
|
||||
Will be created on startup.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
default = "";
|
||||
type = types.lines;
|
||||
description = ''
|
||||
extra config appended to the generated master.cfg
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
imp = {
|
||||
|
||||
users.extraUsers.buildbotMaster = {
|
||||
uid = 672626386; #genid buildbotMaster
|
||||
description = "Buildbot Master";
|
||||
home = cfg.workDir;
|
||||
createHome = false;
|
||||
};
|
||||
|
||||
users.extraGroups.buildbotMaster = {
|
||||
gid = 672626386;
|
||||
};
|
||||
|
||||
systemd.services.buildbotMaster = {
|
||||
description = "Buildbot Master";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
# TODO: maybe also prepare buildbot.tac?
|
||||
ExecStartPre = pkgs.writeScript "buildbot-master-init" ''
|
||||
#!/bin/sh
|
||||
set -efux
|
||||
workdir=${lib.shell.escape cfg.workDir}
|
||||
if [ ! -e $workdir ];then
|
||||
mkdir -p $workdir
|
||||
${buildbot}/bin/buildbot create-master -r -l 10 -f $workdir
|
||||
chown buildbotMaster:buildbotMaster $workdir
|
||||
fi
|
||||
# always override the master.cfg
|
||||
cp ${toString buildbot-master-config} "$workdir/master.cfg"
|
||||
# sanity
|
||||
${buildbot}/bin/buildbot checkconfig $workdir
|
||||
# upgrade
|
||||
${buildbot}/bin/buildbot upgrade-master $workdir
|
||||
'';
|
||||
ExecStart = "${buildbot}/bin/buildbot ${lib.shell.escape cfg.workDir}";
|
||||
PrivateTmp = "true";
|
||||
User = "buildbotMaster";
|
||||
Restart = "always";
|
||||
RestartSec = "10";
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
options.makefu.buildbot.master = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
}
|
Loading…
Reference in New Issue
Block a user