diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index 607eb7cac..92400139c 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -70,12 +70,17 @@ let REAKTOR_HOST REAKTOR_PORT REAKTOR_STATEDIR - REAKTOR_CHANNELS debug and nickname can be set separately via the Reaktor api ''; }; - + channels = mkOption { + default = [ "#krebs" ]; + type = types.listOf types.str; + description = '' + Channels the Reaktor should connect to at startup. + ''; + }; debug = mkOption { default = false; description = '' @@ -112,7 +117,9 @@ let GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; REAKTOR_NICKNAME = cfg.nickname; REAKTOR_DEBUG = (if cfg.debug then "True" else "False"); + REAKTOR_CHANNELS = lib.concatStringsSep "," cfg.channels; state_dir = cfg.workdir; + } // cfg.extraEnviron; serviceConfig= { ExecStartPre = pkgs.writeScript "Reaktor-init" '' diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index e1315d8c8..ea012c38c 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,14 +1,12 @@ { config, pkgs, lib, ... }: -with builtins; with lib; let cfg = config.krebs.exim-retiolum; out = { options.krebs.exim-retiolum = api; - config = - mkIf cfg.enable imp; + config = mkIf cfg.enable imp; }; api = { @@ -16,13 +14,13 @@ let }; imp = { - services.exim = - # This configuration makes only sense for retiolum-enabled hosts. - # TODO modular configuration - assert config.krebs.retiolum.enable; - { - enable = true; - config = '' + services.exim = { + enable = true; + config = + # This configuration makes only sense for retiolum-enabled hosts. + # TODO modular configuration + assert config.krebs.retiolum.enable; + '' primary_hostname = ${retiolumHostname} domainlist local_domains = @ : localhost domainlist relay_to_domains = *.retiolum @@ -134,7 +132,7 @@ let begin authenticators ''; - }; + }; }; # TODO get the hostname from somewhere else. diff --git a/krebs/5pkgs/Reaktor/plugins.nix b/krebs/5pkgs/Reaktor/plugins.nix index 5c7b89f5c..7490be4ca 100644 --- a/krebs/5pkgs/Reaktor/plugins.nix +++ b/krebs/5pkgs/Reaktor/plugins.nix @@ -14,6 +14,7 @@ rec { buildSimpleReaktorPlugin = name: { script , path ? [] , env ? {} + , append_rule ? false # append the rule instead of insert , pattern ? "" , ... } @ attrs: let @@ -26,7 +27,7 @@ rec { }); src_file = "${src_dir}/bin/${name}"; config = '' - public_commands.insert(0,{ + public_commands.${if append_rule then "append(" else "insert(0," }{ 'capname' : "${name}", 'pattern' : ${if pattern == "" then ''indirect_pattern.format("${name}")'' else @@ -58,9 +59,10 @@ rec { }; sed-plugin = buildSimpleReaktorPlugin "sed-plugin" { - path = [ pkgs.gnused ]; + path = [ pkgs.gnused pkgs.python3 ]; # only support s///gi the plugin needs to see every msg # TODO: this will eat up the last regex, fix Reaktor to support fallthru + append_rule = true; pattern = "^(?P.*)$$"; script = ./scripts/sed-plugin.py; }; @@ -105,7 +107,7 @@ rec { config = '' def titlebot_cmd(cmd): from os import environ - return { 'capname': cmd, + return { 'capname': None, 'env': { 'TITLEDB': environ['state_dir']+'/suggestions.json' }, 'pattern': '^\\.' + cmd + '\\s*(?:\\s+(?P.*))?$$', diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index cd2b3f657..f022311c9 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -18,8 +18,6 @@ in { ../2configs/iodined.nix - # Reaktor - ../2configs/Reaktor/simpleExtend.nix # other nginx ../2configs/nginx/euer.wiki.nix @@ -29,9 +27,21 @@ in { # collectd ../2configs/collectd/collectd-base.nix ]; + krebs.build.host = config.krebs.hosts.wry; - krebs.Reaktor.enable = true; + krebs.Reaktor = { + nickname = "Reaktor|bot"; + channels = [ "#krebs" "#shackspace" "#binaergewitter" ]; + enable = true; + plugins = with pkgs.ReaktorPlugins;[ + titlebot + # stockholm-issue + nixos-version + shack-correct + sed-plugin + random-emoji ]; + }; # bepasty to listen only on the correct interfaces krebs.bepasty.servers.internal.nginx.listen = [ "${internal-ip}:80" ]; @@ -59,11 +69,11 @@ in { }; networking = { - firewall = { + firewall = { allowPing = true; logRefusedConnections = false; allowedTCPPorts = [ 53 80 443 ]; - allowedUDPPorts = [ 655 ]; + allowedUDPPorts = [ 655 53 ]; }; interfaces.enp2s1.ip4 = [{ address = external-ip; diff --git a/shared/1systems/test-minimal-deploy.nix b/shared/1systems/test-minimal-deploy.nix new file mode 100644 index 000000000..ddd96f6b5 --- /dev/null +++ b/shared/1systems/test-minimal-deploy.nix @@ -0,0 +1,13 @@ +{ config, pkgs, lib, ... }: +{ + krebs = { + enable = true; + build.user = config.krebs.users.shared; + build.host = config.krebs.hosts.test-all-krebs-modules; + }; + # just get the system running + boot.loader.grub.devices = ["/dev/sda"]; + fileSystems."/" = { + device = "/dev/lol"; + }; +} diff --git a/shared/2configs/buildbot-standalone.nix b/shared/2configs/buildbot-standalone.nix index c62f8920c..6ffd7fe8a 100644 --- a/shared/2configs/buildbot-standalone.nix +++ b/shared/2configs/buildbot-standalone.nix @@ -94,6 +94,17 @@ in { --argstr current-host-name lol \ --strict --json"]) + addShell(f,name="instantiate-test-minimal-deploy",env=env, + command=nixshell + \ + ["nix-instantiate --eval -A \ + users.shared.test-minimal-deploy.system \ + -I stockholm=. \ + -I secrets=. '' \ + --argstr current-date lol \ + --argstr current-user-name shared \ + --argstr current-host-name lol \ + --strict --json"]) + bu.append(util.BuilderConfig(name="fast-tests", slavenames=slavenames, factory=f))