Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
dfd1b5f6bc
@ -9,7 +9,7 @@
|
|||||||
<stockholm/krebs>
|
<stockholm/krebs>
|
||||||
<stockholm/krebs/2configs>
|
<stockholm/krebs/2configs>
|
||||||
|
|
||||||
<stockholm/krebs/2configs/shared-buildbot.nix>
|
<stockholm/krebs/2configs/buildbot-all.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.hotdog;
|
krebs.build.host = config.krebs.hosts.hotdog;
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
<stockholm/krebs/2configs/secret-passwords.nix>
|
<stockholm/krebs/2configs/secret-passwords.nix>
|
||||||
<stockholm/krebs/2configs/hw/x220.nix>
|
<stockholm/krebs/2configs/hw/x220.nix>
|
||||||
|
|
||||||
<stockholm/krebs/2configs/shared-buildbot.nix>
|
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||||
<stockholm/krebs/2configs/stats/puyak-client.nix>
|
<stockholm/krebs/2configs/stats/puyak-client.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ in
|
|||||||
<stockholm/krebs/2configs/save-diskspace.nix>
|
<stockholm/krebs/2configs/save-diskspace.nix>
|
||||||
|
|
||||||
<stockholm/krebs/2configs/graphite.nix>
|
<stockholm/krebs/2configs/graphite.nix>
|
||||||
<stockholm/krebs/2configs/shared-buildbot.nix>
|
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||||
|
|
||||||
<stockholm/krebs/2configs/shack/worlddomination.nix>
|
<stockholm/krebs/2configs/shack/worlddomination.nix>
|
||||||
<stockholm/krebs/2configs/shack/drivedroid.nix>
|
<stockholm/krebs/2configs/shack/drivedroid.nix>
|
||||||
|
11
krebs/2configs/buildbot-all.nix
Normal file
11
krebs/2configs/buildbot-all.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{ lib, config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||||
|
];
|
||||||
|
krebs.ci.users.lass.all = true;
|
||||||
|
krebs.ci.users.makefu.all = true;
|
||||||
|
krebs.ci.users.nin.all = true;
|
||||||
|
krebs.ci.users.tv.all = true;
|
||||||
|
}
|
||||||
|
|
@ -116,8 +116,12 @@ in
|
|||||||
"dummy_secrets": "true",
|
"dummy_secrets": "true",
|
||||||
},
|
},
|
||||||
command=[
|
command=[
|
||||||
"nix-shell", "--run",
|
"nix-shell", "--run", " ".join(["test",
|
||||||
"test --user={} --system={} --target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user, host, user)
|
"--user={}".format(user),
|
||||||
|
"--system={}".format(host),
|
||||||
|
"--force-populate",
|
||||||
|
"--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user),
|
||||||
|
])
|
||||||
]
|
]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -51,7 +51,7 @@ let
|
|||||||
mkdir -p ${cfg.stateDir}
|
mkdir -p ${cfg.stateDir}
|
||||||
chmod o+rx ${cfg.stateDir}
|
chmod o+rx ${cfg.stateDir}
|
||||||
cd ${cfg.stateDir}
|
cd ${cfg.stateDir}
|
||||||
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || :
|
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper.tmp ${shell.escape cfg.url} && cp wallpaper.tmp wallpaper) || :
|
||||||
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
|
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -97,7 +97,6 @@ with import <stockholm/lib>;
|
|||||||
aliases = [
|
aliases = [
|
||||||
"prism.r"
|
"prism.r"
|
||||||
"build.prism.r"
|
"build.prism.r"
|
||||||
"cgit.prism.r"
|
|
||||||
"cache.prism.r"
|
"cache.prism.r"
|
||||||
"paste.r"
|
"paste.r"
|
||||||
"p.r"
|
"p.r"
|
||||||
@ -255,7 +254,7 @@ with import <stockholm/lib>;
|
|||||||
nets = rec {
|
nets = rec {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.133.114";
|
ip4.addr = "10.243.133.114";
|
||||||
ip6.addr = "42:0:0:0:0:0:1ca0:1205";
|
ip6.addr = "42:0:0:0:0:0:01ca:1205";
|
||||||
aliases = [
|
aliases = [
|
||||||
"icarus.r"
|
"icarus.r"
|
||||||
"cgit.icarus.r"
|
"cgit.icarus.r"
|
||||||
|
@ -30,7 +30,6 @@ in {
|
|||||||
<stockholm/lass/2configs/weechat.nix>
|
<stockholm/lass/2configs/weechat.nix>
|
||||||
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
||||||
<stockholm/lass/2configs/radio.nix>
|
<stockholm/lass/2configs/radio.nix>
|
||||||
<stockholm/lass/2configs/buildbot-standalone.nix>
|
|
||||||
<stockholm/lass/2configs/repo-sync.nix>
|
<stockholm/lass/2configs/repo-sync.nix>
|
||||||
<stockholm/lass/2configs/binary-cache/server.nix>
|
<stockholm/lass/2configs/binary-cache/server.nix>
|
||||||
<stockholm/lass/2configs/iodined.nix>
|
<stockholm/lass/2configs/iodined.nix>
|
||||||
|
@ -53,6 +53,7 @@ in {
|
|||||||
haskellPackages.hledger
|
haskellPackages.hledger
|
||||||
much
|
much
|
||||||
ncdu
|
ncdu
|
||||||
|
nix-repl
|
||||||
nmap
|
nmap
|
||||||
pavucontrol
|
pavucontrol
|
||||||
powertop
|
powertop
|
||||||
|
@ -1,157 +0,0 @@
|
|||||||
{ lib, config, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
sshHostConfig = pkgs.writeText "ssh-config" ''
|
|
||||||
ControlMaster auto
|
|
||||||
ControlPath /tmp/%u_sshmux_%r@%h:%p
|
|
||||||
ControlPersist 4h
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostname = config.networking.hostName;
|
|
||||||
|
|
||||||
in {
|
|
||||||
config.services.nginx.virtualHosts.build = {
|
|
||||||
serverAliases = [ "build.${hostname}.r" ];
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection "upgrade";
|
|
||||||
proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
config.krebs.buildbot.master = let
|
|
||||||
stockholm-mirror-url = "http://cgit.${hostname}.r/stockholm";
|
|
||||||
in {
|
|
||||||
slaves = {
|
|
||||||
testslave = "lasspass";
|
|
||||||
};
|
|
||||||
change_source.stockholm = ''
|
|
||||||
stockholm_repo = '${stockholm-mirror-url}'
|
|
||||||
cs.append(
|
|
||||||
changes.GitPoller(
|
|
||||||
stockholm_repo,
|
|
||||||
workdir='stockholm-poller', branches=True,
|
|
||||||
project='stockholm',
|
|
||||||
pollinterval=10
|
|
||||||
)
|
|
||||||
)
|
|
||||||
'';
|
|
||||||
scheduler = {
|
|
||||||
build-scheduler = ''
|
|
||||||
# build all hosts
|
|
||||||
sched.append(
|
|
||||||
schedulers.SingleBranchScheduler(
|
|
||||||
change_filter=util.ChangeFilter(branch_re=".*"),
|
|
||||||
treeStableTimer=10,
|
|
||||||
name="build-all-branches",
|
|
||||||
builderNames=["build-hosts"]
|
|
||||||
)
|
|
||||||
)
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
builder_pre = ''
|
|
||||||
# prepare grab_repo step for stockholm
|
|
||||||
grab_repo = steps.Git(
|
|
||||||
repourl=stockholm_repo,
|
|
||||||
mode='full'
|
|
||||||
)
|
|
||||||
|
|
||||||
# prepare addShell function
|
|
||||||
def addShell(factory,**kwargs):
|
|
||||||
factory.addStep(steps.ShellCommand(**kwargs))
|
|
||||||
'';
|
|
||||||
builder = {
|
|
||||||
build-hosts = ''
|
|
||||||
f = util.BuildFactory()
|
|
||||||
f.addStep(grab_repo)
|
|
||||||
|
|
||||||
def build_host(user, host):
|
|
||||||
addShell(f,
|
|
||||||
name="{}".format(i),
|
|
||||||
env={
|
|
||||||
"LOGNAME": user,
|
|
||||||
"NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
|
|
||||||
"NIX_REMOTE": "daemon",
|
|
||||||
"dummy_secrets": "true",
|
|
||||||
},
|
|
||||||
command=[
|
|
||||||
"nix-shell", "--run",
|
|
||||||
"test --system={} --target=buildbotSlave@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host)
|
|
||||||
]
|
|
||||||
)
|
|
||||||
|
|
||||||
for i in [ "hotdog", "puyak", "test-all-krebs-modules", "test-centos7", "test-minimal-deploy", "wolf" ]:
|
|
||||||
build_host("krebs", i)
|
|
||||||
|
|
||||||
for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
|
|
||||||
build_host("lass", i)
|
|
||||||
|
|
||||||
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
|
|
||||||
build_host("makefu", i)
|
|
||||||
|
|
||||||
for i in [ "hiawatha", "onondaga" ]:
|
|
||||||
build_host("nin", i)
|
|
||||||
|
|
||||||
for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]:
|
|
||||||
build_host("tv", i)
|
|
||||||
|
|
||||||
bu.append(
|
|
||||||
util.BuilderConfig(
|
|
||||||
name="build-hosts",
|
|
||||||
slavenames=slavenames,
|
|
||||||
factory=f
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
enable = true;
|
|
||||||
web.enable = true;
|
|
||||||
irc = {
|
|
||||||
enable = true;
|
|
||||||
nick = "build|${hostname}";
|
|
||||||
server = "ni.r";
|
|
||||||
channels = [ "retiolum" "noise" ];
|
|
||||||
allowForce = true;
|
|
||||||
};
|
|
||||||
extraConfig = ''
|
|
||||||
c['buildbotURL'] = "http://build.${hostname}.r/"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
config.krebs.buildbot.slave = {
|
|
||||||
enable = true;
|
|
||||||
masterhost = "localhost";
|
|
||||||
username = "testslave";
|
|
||||||
password = "lasspass";
|
|
||||||
packages = with pkgs; [ gnumake jq nix populate ];
|
|
||||||
};
|
|
||||||
config.krebs.iptables = {
|
|
||||||
tables = {
|
|
||||||
filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport 9989"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
#ssh workaround for make test
|
|
||||||
options.lass.build-ssh-privkey = mkOption {
|
|
||||||
type = types.secret-file;
|
|
||||||
default = {
|
|
||||||
path = "${config.users.users.buildbotSlave.home}/.ssh/id_rsa";
|
|
||||||
owner = { inherit (config.users.users.buildbotSlave ) name uid;};
|
|
||||||
source-path = toString <secrets> + "/build.ssh.key";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config.krebs.secret.files = {
|
|
||||||
build-ssh-privkey = config.lass.build-ssh-privkey;
|
|
||||||
};
|
|
||||||
config.users.users.buildbotSlave = {
|
|
||||||
useDefaultShell = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
@ -35,6 +35,7 @@ with import <stockholm/lib>;
|
|||||||
{ from = "polo@lassul.us"; to = lass.mail; }
|
{ from = "polo@lassul.us"; to = lass.mail; }
|
||||||
{ from = "shack@lassul.us"; to = lass.mail; }
|
{ from = "shack@lassul.us"; to = lass.mail; }
|
||||||
{ from = "nix@lassul.us"; to = lass.mail; }
|
{ from = "nix@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "c-base@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
Loading…
Reference in New Issue
Block a user