Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'lass/master'

Browse Source
This commit is contained in:
makefu 2017-07-28 22:00:25 +02:00
commit dfd1b5f6bc
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
12 changed files with 24 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
krebs/1systems/hotdog/config.nix
View File

@ -9,7 +9,7 @@
<stockholm/krebs>
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/shared-buildbot.nix>
<stockholm/krebs/2configs/buildbot-all.nix>
];
krebs.build.host = config.krebs.hosts.hotdog;

2
krebs/1systems/puyak/config.nix
View File

@ -7,7 +7,7 @@
<stockholm/krebs/2configs/secret-passwords.nix>
<stockholm/krebs/2configs/hw/x220.nix>
<stockholm/krebs/2configs/shared-buildbot.nix>
<stockholm/krebs/2configs/buildbot-krebs.nix>
<stockholm/krebs/2configs/stats/puyak-client.nix>
];

2
krebs/1systems/wolf/config.nix
View File

@ -12,7 +12,7 @@ in
<stockholm/krebs/2configs/save-diskspace.nix>
<stockholm/krebs/2configs/graphite.nix>
<stockholm/krebs/2configs/shared-buildbot.nix>
<stockholm/krebs/2configs/buildbot-krebs.nix>
<stockholm/krebs/2configs/shack/worlddomination.nix>
<stockholm/krebs/2configs/shack/drivedroid.nix>

11
krebs/2configs/buildbot-all.nix Normal file
View File

@ -0,0 +1,11 @@
{ lib, config, pkgs, ... }:
{
imports = [
<stockholm/krebs/2configs/buildbot-krebs.nix>
];
krebs.ci.users.lass.all = true;
krebs.ci.users.makefu.all = true;
krebs.ci.users.nin.all = true;
krebs.ci.users.tv.all = true;
}

0
krebs/2configs/shared-buildbot.nix → krebs/2configs/buildbot-krebs.nix
View File

8
krebs/3modules/ci.nix
View File

@ -116,8 +116,12 @@ in
"dummy_secrets": "true",
},
command=[
"nix-shell", "--run",
"test --user={} --system={} --target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user, host, user)
"nix-shell", "--run", " ".join(["test",
"--user={}".format(user),
"--system={}".format(host),
"--force-populate",
"--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user),
])
]
)

2
krebs/3modules/fetchWallpaper.nix
View File

@ -51,7 +51,7 @@ let
mkdir -p ${cfg.stateDir}
chmod o+rx ${cfg.stateDir}
cd ${cfg.stateDir}
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || :
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper.tmp ${shell.escape cfg.url} && cp wallpaper.tmp wallpaper) || :
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
'';

3
krebs/3modules/lass/default.nix
View File

@ -97,7 +97,6 @@ with import <stockholm/lib>;
aliases = [
"prism.r"
"build.prism.r"
"cgit.prism.r"
"cache.prism.r"
"paste.r"
"p.r"
@ -255,7 +254,7 @@ with import <stockholm/lib>;
nets = rec {
retiolum = {
ip4.addr = "10.243.133.114";
ip6.addr = "42:0:0:0:0:0:1ca0:1205";
ip6.addr = "42:0:0:0:0:0:01ca:1205";
aliases = [
"icarus.r"
"cgit.icarus.r"

1
lass/1systems/prism/config.nix
View File

@ -30,7 +30,6 @@ in {
<stockholm/lass/2configs/weechat.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
<stockholm/lass/2configs/radio.nix>
<stockholm/lass/2configs/buildbot-standalone.nix>
<stockholm/lass/2configs/repo-sync.nix>
<stockholm/lass/2configs/binary-cache/server.nix>
<stockholm/lass/2configs/iodined.nix>

1
lass/2configs/baseX.nix
View File

@ -53,6 +53,7 @@ in {
haskellPackages.hledger
much
ncdu
nix-repl
nmap
pavucontrol
powertop

157
lass/2configs/buildbot-standalone.nix
View File

@ -1,157 +0,0 @@
{ lib, config, pkgs, ... }:
with import <stockholm/lib>;
let
sshHostConfig = pkgs.writeText "ssh-config" ''
ControlMaster auto
ControlPath /tmp/%u_sshmux_%r@%h:%p
ControlPersist 4h
'';
hostname = config.networking.hostName;
in {
config.services.nginx.virtualHosts.build = {
serverAliases = [ "build.${hostname}.r" ];
locations."/".extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
'';
};
config.krebs.buildbot.master = let
stockholm-mirror-url = "http://cgit.${hostname}.r/stockholm";
in {
slaves = {
testslave = "lasspass";
};
change_source.stockholm = ''
stockholm_repo = '${stockholm-mirror-url}'
cs.append(
changes.GitPoller(
stockholm_repo,
workdir='stockholm-poller', branches=True,
project='stockholm',
pollinterval=10
)
)
'';
scheduler = {
build-scheduler = ''
# build all hosts
sched.append(
schedulers.SingleBranchScheduler(
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=10,
name="build-all-branches",
builderNames=["build-hosts"]
)
)
'';
};
builder_pre = ''
# prepare grab_repo step for stockholm
grab_repo = steps.Git(
repourl=stockholm_repo,
mode='full'
)
# prepare addShell function
def addShell(factory,**kwargs):
factory.addStep(steps.ShellCommand(**kwargs))
'';
builder = {
build-hosts = ''
f = util.BuildFactory()
f.addStep(grab_repo)
def build_host(user, host):
addShell(f,
name="{}".format(i),
env={
"LOGNAME": user,
"NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
},
command=[
"nix-shell", "--run",
"test --system={} --target=buildbotSlave@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host)
]
)
for i in [ "hotdog", "puyak", "test-all-krebs-modules", "test-centos7", "test-minimal-deploy", "wolf" ]:
build_host("krebs", i)
for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
build_host("lass", i)
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
build_host("makefu", i)
for i in [ "hiawatha", "onondaga" ]:
build_host("nin", i)
for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]:
build_host("tv", i)
bu.append(
util.BuilderConfig(
name="build-hosts",
slavenames=slavenames,
factory=f
)
)
'';
};
enable = true;
web.enable = true;
irc = {
enable = true;
nick = "build|${hostname}";
server = "ni.r";
channels = [ "retiolum" "noise" ];
allowForce = true;
};
extraConfig = ''
c['buildbotURL'] = "http://build.${hostname}.r/"
'';
};
config.krebs.buildbot.slave = {
enable = true;
masterhost = "localhost";
username = "testslave";
password = "lasspass";
packages = with pkgs; [ gnumake jq nix populate ];
};
config.krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 9989"; target = "ACCEPT"; }
];
};
};
#ssh workaround for make test
options.lass.build-ssh-privkey = mkOption {
type = types.secret-file;
default = {
path = "${config.users.users.buildbotSlave.home}/.ssh/id_rsa";
owner = { inherit (config.users.users.buildbotSlave ) name uid;};
source-path = toString <secrets> + "/build.ssh.key";
};
};
config.krebs.secret.files = {
build-ssh-privkey = config.lass.build-ssh-privkey;
};
config.users.users.buildbotSlave = {
useDefaultShell = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP"
];
};
}

1
lass/2configs/exim-smarthost.nix
View File

@ -35,6 +35,7 @@ with import <stockholm/lib>;
{ from = "polo@lassul.us"; to = lass.mail; }
{ from = "shack@lassul.us"; to = lass.mail; }
{ from = "nix@lassul.us"; to = lass.mail; }
{ from = "c-base@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }