From 220e93ce8a490d74ebe36eb448453d2ffe174c04 Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 27 Jun 2017 17:38:23 +0200 Subject: nin nixpkgs: 0afb6d7 -> 6916f24 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 14ddb79..4c6f518 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "0afb6d7"; + ref = "6916f24"; }; } -- cgit v1.2.3 From c0a8320cb007ed6e2459ef35380a556857f107fd Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 4 Jul 2017 22:41:16 +0200 Subject: nin nixpkgs 6916f24 -> 01c3847 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 4c6f518..c46331b 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "6916f24"; + ref = "01c3847"; }; } -- cgit v1.2.3 From 72adbb324de927c8432642b729d436ff7087ce89 Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 27 Jun 2017 17:38:23 +0200 Subject: nin nixpkgs: 0afb6d7 -> 6916f24 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 14ddb79..4c6f518 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "0afb6d7"; + ref = "6916f24"; }; } -- cgit v1.2.3 From e5ab52e4280242507c7919dcd934dd3ba1993e5e Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 4 Jul 2017 22:41:16 +0200 Subject: nin nixpkgs 6916f24 -> 01c3847 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 4c6f518..c46331b 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "6916f24"; + ref = "01c3847"; }; } -- cgit v1.2.3 From 41d65979c5fa248ba787bc0702cd58e2296088d2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 11 Jul 2017 11:26:24 +0200 Subject: move source config from module system to 1systems/*/source.nix --- shared/1systems/test-all-krebs-modules.nix | 54 ----------- shared/1systems/test-all-krebs-modules/config.nix | 54 +++++++++++ shared/1systems/test-all-krebs-modules/source.nix | 3 + shared/1systems/test-arch.nix | 32 ------- shared/1systems/test-arch/config.nix | 32 +++++++ shared/1systems/test-arch/source.nix | 3 + shared/1systems/test-centos6.nix | 30 ------ shared/1systems/test-centos6/config.nix | 30 ++++++ shared/1systems/test-centos6/source.nix | 3 + shared/1systems/test-centos7.nix | 16 ---- shared/1systems/test-centos7/config.nix | 16 ++++ shared/1systems/test-centos7/source.nix | 3 + shared/1systems/test-failing.nix | 9 -- shared/1systems/test-failing/config.nix | 9 ++ shared/1systems/test-failing/source.nix | 3 + shared/1systems/test-minimal-deploy.nix | 16 ---- shared/1systems/test-minimal-deploy/config.nix | 16 ++++ shared/1systems/test-minimal-deploy/source.nix | 3 + shared/1systems/wolf.nix | 106 --------------------- shared/1systems/wolf/config.nix | 107 ++++++++++++++++++++++ shared/1systems/wolf/source.nix | 3 + shared/2configs/default.nix | 12 --- shared/source.nix | 19 ++++ 23 files changed, 304 insertions(+), 275 deletions(-) delete mode 100644 shared/1systems/test-all-krebs-modules.nix create mode 100644 shared/1systems/test-all-krebs-modules/config.nix create mode 100644 shared/1systems/test-all-krebs-modules/source.nix delete mode 100644 shared/1systems/test-arch.nix create mode 100644 shared/1systems/test-arch/config.nix create mode 100644 shared/1systems/test-arch/source.nix delete mode 100644 shared/1systems/test-centos6.nix create mode 100644 shared/1systems/test-centos6/config.nix create mode 100644 shared/1systems/test-centos6/source.nix delete mode 100644 shared/1systems/test-centos7.nix create mode 100644 shared/1systems/test-centos7/config.nix create mode 100644 shared/1systems/test-centos7/source.nix delete mode 100644 shared/1systems/test-failing.nix create mode 100644 shared/1systems/test-failing/config.nix create mode 100644 shared/1systems/test-failing/source.nix delete mode 100644 shared/1systems/test-minimal-deploy.nix create mode 100644 shared/1systems/test-minimal-deploy/config.nix create mode 100644 shared/1systems/test-minimal-deploy/source.nix delete mode 100644 shared/1systems/wolf.nix create mode 100644 shared/1systems/wolf/config.nix create mode 100644 shared/1systems/wolf/source.nix create mode 100644 shared/source.nix diff --git a/shared/1systems/test-all-krebs-modules.nix b/shared/1systems/test-all-krebs-modules.nix deleted file mode 100644 index 39d7c49..0000000 --- a/shared/1systems/test-all-krebs-modules.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, pkgs, lib, ... }: -let - en = { enable = true;}; -in { - imports = [ - ../. - ]; - krebs = { - enable = true; - build.user = config.krebs.users.shared; - build.host = config.krebs.hosts.test-all-krebs-modules; - Reaktor.test = {}; - apt-cacher-ng.enable = true; - backup.enable = true; - bepasty.enable = true; - # FIXME fast-tests / instantiate-test-all-modules fails at wolfbot - # http://wolf:8010/builders/fast-tests/builds/442 - #buildbot.master.enable = true; - buildbot.worker = { - enable = true; - username = "lol"; - password = "wut"; - }; - # XXX exim-retiolum and exim-smarthost are mutually exclusive - #exim-retiolum = { - # enable = true; - # primary_hostname = "test.r"; - #}; - exim-smarthost = { - enable = true; - primary_hostname = "test.r"; - system-aliases = [ { from = "dick"; to = "butt"; } ]; - }; - go.enable = true; - iptables = { - enable = true; - tables = {}; - }; - realwallpaper.enable = true; - tinc.retiolum.enable = true; - retiolum-bootstrap.enable = true; - tinc_graphs.enable = true; - urlwatch.enable = true; - fetchWallpaper = { - enable = true; - url ="localhost"; - }; - }; - # just get the system running - boot.loader.grub.devices = ["/dev/sda"]; - fileSystems."/" = { - device = "/dev/lol"; - }; -} diff --git a/shared/1systems/test-all-krebs-modules/config.nix b/shared/1systems/test-all-krebs-modules/config.nix new file mode 100644 index 0000000..7ebcf3b --- /dev/null +++ b/shared/1systems/test-all-krebs-modules/config.nix @@ -0,0 +1,54 @@ +{ config, pkgs, lib, ... }: +let + en = { enable = true;}; +in { + imports = [ + + ]; + krebs = { + enable = true; + build.user = config.krebs.users.shared; + build.host = config.krebs.hosts.test-all-krebs-modules; + Reaktor.test = {}; + apt-cacher-ng.enable = true; + backup.enable = true; + bepasty.enable = true; + # FIXME fast-tests / instantiate-test-all-modules fails at wolfbot + # http://wolf:8010/builders/fast-tests/builds/442 + #buildbot.master.enable = true; + buildbot.worker = { + enable = true; + username = "lol"; + password = "wut"; + }; + # XXX exim-retiolum and exim-smarthost are mutually exclusive + #exim-retiolum = { + # enable = true; + # primary_hostname = "test.r"; + #}; + exim-smarthost = { + enable = true; + primary_hostname = "test.r"; + system-aliases = [ { from = "dick"; to = "butt"; } ]; + }; + go.enable = true; + iptables = { + enable = true; + tables = {}; + }; + realwallpaper.enable = true; + tinc.retiolum.enable = true; + retiolum-bootstrap.enable = true; + tinc_graphs.enable = true; + urlwatch.enable = true; + fetchWallpaper = { + enable = true; + url ="localhost"; + }; + }; + # just get the system running + boot.loader.grub.devices = ["/dev/sda"]; + fileSystems."/" = { + device = "/dev/lol"; + }; +} diff --git a/shared/1systems/test-all-krebs-modules/source.nix b/shared/1systems/test-all-krebs-modules/source.nix new file mode 100644 index 0000000..58d7236 --- /dev/null +++ b/shared/1systems/test-all-krebs-modules/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-all-krebs-modules"; +} diff --git a/shared/1systems/test-arch.nix b/shared/1systems/test-arch.nix deleted file mode 100644 index a13fea4..0000000 --- a/shared/1systems/test-arch.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../. - { - boot.loader.grub = { - device = "/dev/sda"; - splashImage = null; - }; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "vmw_pvscsi" - ]; - - fileSystems."/" = { - device = "/dev/sda1"; - }; - } - { - networking.dhcpcd.allowInterfaces = [ - "enp*" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-arch; -} diff --git a/shared/1systems/test-arch/config.nix b/shared/1systems/test-arch/config.nix new file mode 100644 index 0000000..453483d --- /dev/null +++ b/shared/1systems/test-arch/config.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + imports = [ + + { + boot.loader.grub = { + device = "/dev/sda"; + splashImage = null; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "vmw_pvscsi" + ]; + + fileSystems."/" = { + device = "/dev/sda1"; + }; + } + { + networking.dhcpcd.allowInterfaces = [ + "enp*" + ]; + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.test-arch; +} diff --git a/shared/1systems/test-arch/source.nix b/shared/1systems/test-arch/source.nix new file mode 100644 index 0000000..ca23056 --- /dev/null +++ b/shared/1systems/test-arch/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-arch"; +} diff --git a/shared/1systems/test-centos6.nix b/shared/1systems/test-centos6.nix deleted file mode 100644 index ebcece3..0000000 --- a/shared/1systems/test-centos6.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) head; - - ip = "168.235.148.52"; - gw = "168.235.148.1"; -in { - imports = [ - ../. - ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix - { - networking.interfaces.enp11s0.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = gw; - networking.nameservers = [ - "8.8.8.8" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-centos6; -} diff --git a/shared/1systems/test-centos6/config.nix b/shared/1systems/test-centos6/config.nix new file mode 100644 index 0000000..a81ff7c --- /dev/null +++ b/shared/1systems/test-centos6/config.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) head; + + ip = "168.235.148.52"; + gw = "168.235.148.1"; +in { + imports = [ + + + { + networking.interfaces.enp11s0.ip4 = [ + { + address = ip; + prefixLength = 24; + } + ]; + networking.defaultGateway = gw; + networking.nameservers = [ + "8.8.8.8" + ]; + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.test-centos6; +} diff --git a/shared/1systems/test-centos6/source.nix b/shared/1systems/test-centos6/source.nix new file mode 100644 index 0000000..0c7c78e --- /dev/null +++ b/shared/1systems/test-centos6/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-centos6"; +} diff --git a/shared/1systems/test-centos7.nix b/shared/1systems/test-centos7.nix deleted file mode 100644 index 9ea063c..0000000 --- a/shared/1systems/test-centos7.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) head; - -in { - imports = [ - ../. - ../2configs/os-templates/CAC-CentOS-7-64bit.nix - ../2configs/temp/networking.nix - ../2configs/temp/dirs.nix - ]; - - sound.enable = false; - krebs.build.host = config.krebs.hosts.test-centos7; -} diff --git a/shared/1systems/test-centos7/config.nix b/shared/1systems/test-centos7/config.nix new file mode 100644 index 0000000..58f99e8 --- /dev/null +++ b/shared/1systems/test-centos7/config.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) head; + +in { + imports = [ + + + + + ]; + + sound.enable = false; + krebs.build.host = config.krebs.hosts.test-centos7; +} diff --git a/shared/1systems/test-centos7/source.nix b/shared/1systems/test-centos7/source.nix new file mode 100644 index 0000000..5144477 --- /dev/null +++ b/shared/1systems/test-centos7/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-centos7"; +} diff --git a/shared/1systems/test-failing.nix b/shared/1systems/test-failing.nix deleted file mode 100644 index fe1c2cb..0000000 --- a/shared/1systems/test-failing.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../. - ]; - programs.ssh.startAgent = true; - programs.ssh.startAgent = false; -} diff --git a/shared/1systems/test-failing/config.nix b/shared/1systems/test-failing/config.nix new file mode 100644 index 0000000..fb6a583 --- /dev/null +++ b/shared/1systems/test-failing/config.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + imports = [ + + ]; + programs.ssh.startAgent = true; + programs.ssh.startAgent = false; +} diff --git a/shared/1systems/test-failing/source.nix b/shared/1systems/test-failing/source.nix new file mode 100644 index 0000000..3e17d0b --- /dev/null +++ b/shared/1systems/test-failing/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-failing"; +} diff --git a/shared/1systems/test-minimal-deploy.nix b/shared/1systems/test-minimal-deploy.nix deleted file mode 100644 index bec2b38..0000000 --- a/shared/1systems/test-minimal-deploy.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - imports = [ - ../. - ]; - krebs = { - enable = true; - build.user = config.krebs.users.shared; - build.host = config.krebs.hosts.test-all-krebs-modules; - }; - # just get the system to eval in nixos without errors - boot.loader.grub.devices = ["/dev/sda"]; - fileSystems."/" = { - device = "/dev/lol"; - }; -} diff --git a/shared/1systems/test-minimal-deploy/config.nix b/shared/1systems/test-minimal-deploy/config.nix new file mode 100644 index 0000000..eab7036 --- /dev/null +++ b/shared/1systems/test-minimal-deploy/config.nix @@ -0,0 +1,16 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + + ]; + krebs = { + enable = true; + build.user = config.krebs.users.shared; + build.host = config.krebs.hosts.test-all-krebs-modules; + }; + # just get the system to eval in nixos without errors + boot.loader.grub.devices = ["/dev/sda"]; + fileSystems."/" = { + device = "/dev/lol"; + }; +} diff --git a/shared/1systems/test-minimal-deploy/source.nix b/shared/1systems/test-minimal-deploy/source.nix new file mode 100644 index 0000000..2368cdd --- /dev/null +++ b/shared/1systems/test-minimal-deploy/source.nix @@ -0,0 +1,3 @@ +import { + name = "test-minimal-deploy"; +} diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix deleted file mode 100644 index 584ee03..0000000 --- a/shared/1systems/wolf.nix +++ /dev/null @@ -1,106 +0,0 @@ -{ config, pkgs, ... }: -let - shack-ip = config.krebs.build.host.nets.shack.ip4.addr; -in -{ - imports = [ - ../. - - ../2configs/collectd-base.nix - ../2configs/central-stats-client.nix - ../2configs/save-diskspace.nix - - ../2configs/cgit-mirror.nix - ../2configs/graphite.nix - ../2configs/repo-sync.nix - ../2configs/shared-buildbot.nix - - ../2configs/shack/worlddomination.nix - ../2configs/shack/drivedroid.nix - # ../2configs/shack/nix-cacher.nix - ../2configs/shack/mqtt_sub.nix - ../2configs/shack/muell_caller.nix - ../2configs/shack/radioactive.nix - ../2configs/shack/share.nix - - ]; - # use your own binary cache, fallback use cache.nixos.org (which is used by - # apt-cacher-ng in first place) - - services.influxdb.enable = true; - - # local discovery in shackspace - nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; - krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; - services.grafana = { - enable = true; - addr = "0.0.0.0"; - users.allowSignUp = true; - users.allowOrgCreate = true; - users.autoAssignOrg = true; - auth.anonymous.enable = true; - security = import ; - }; - - nix = { - binaryCaches = [ - "http://cache.prism.r" - "https://cache.nixos.org/" - ]; - binaryCachePublicKeys = [ - "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" - "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" - ]; - }; - - networking = { - firewall.enable = false; - firewall.allowedTCPPorts = [ 8088 8086 8083 ]; - interfaces.enp0s3.ip4 = [{ - address = shack-ip; - prefixLength = 20; - }]; - - defaultGateway = "10.42.0.1"; - nameservers = [ "10.42.0.100" "10.42.0.200" ]; - }; - - ##################### - # uninteresting stuff - ##################### - krebs.build.host = config.krebs.hosts.wolf; - - boot.kernel.sysctl = { - # Enable IPv6 Privacy Extensions - "net.ipv6.conf.all.use_tempaddr" = 2; - "net.ipv6.conf.default.use_tempaddr" = 2; - }; - - boot.initrd.availableKernelModules = [ - "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" - ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/vda"; - - fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; - - swapDevices = [ - { device = "/dev/disk/by-label/swap"; } - ]; - # fallout of ipv6calypse - networking.extraHosts = '' - hass.shack 10.42.2.191 - heidi.shack 10.42.2.135 - ''; - - users.extraUsers.root.openssh.authorizedKeys.keys = [ - config.krebs.users.ulrich.pubkey - ]; - - time.timeZone = "Europe/Berlin"; - sound.enable = false; -} diff --git a/shared/1systems/wolf/config.nix b/shared/1systems/wolf/config.nix new file mode 100644 index 0000000..636f8e8 --- /dev/null +++ b/shared/1systems/wolf/config.nix @@ -0,0 +1,107 @@ +{ config, pkgs, ... }: +let + shack-ip = config.krebs.build.host.nets.shack.ip4.addr; +in +{ + imports = [ + + + + + + + + + + + + + + # + + + + + + ]; + # use your own binary cache, fallback use cache.nixos.org (which is used by + # apt-cacher-ng in first place) + + services.influxdb.enable = true; + + # local discovery in shackspace + nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; + services.grafana = { + enable = true; + addr = "0.0.0.0"; + users.allowSignUp = true; + users.allowOrgCreate = true; + users.autoAssignOrg = true; + auth.anonymous.enable = true; + security = import ; + }; + + nix = { + # use the up to date prism cache + binaryCaches = [ + "http://cache.prism.r" + "https://cache.nixos.org/" + ]; + binaryCachePublicKeys = [ + "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" + "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" + ]; + }; + + networking = { + firewall.enable = false; + firewall.allowedTCPPorts = [ 8088 8086 8083 ]; + interfaces.enp0s3.ip4 = [{ + address = shack-ip; + prefixLength = 20; + }]; + + defaultGateway = "10.42.0.1"; + nameservers = [ "10.42.0.100" "10.42.0.200" ]; + }; + + ##################### + # uninteresting stuff + ##################### + krebs.build.host = config.krebs.hosts.wolf; + + boot.kernel.sysctl = { + # Enable IPv6 Privacy Extensions + "net.ipv6.conf.all.use_tempaddr" = 2; + "net.ipv6.conf.default.use_tempaddr" = 2; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" + ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/vda"; + + fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; + + swapDevices = [ + { device = "/dev/disk/by-label/swap"; } + ]; + # fallout of ipv6calypse + networking.extraHosts = '' + hass.shack 10.42.2.191 + heidi.shack 10.42.2.135 + ''; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + config.krebs.users.ulrich.pubkey + ]; + + time.timeZone = "Europe/Berlin"; + sound.enable = false; +} diff --git a/shared/1systems/wolf/source.nix b/shared/1systems/wolf/source.nix new file mode 100644 index 0000000..d2bc495 --- /dev/null +++ b/shared/1systems/wolf/source.nix @@ -0,0 +1,3 @@ +import { + name = "wolf"; +} diff --git a/shared/2configs/default.nix b/shared/2configs/default.nix index 398f125..2146f42 100644 --- a/shared/2configs/default.nix +++ b/shared/2configs/default.nix @@ -7,18 +7,6 @@ with import ; # TODO rename shared user to "krebs" krebs.build.user = mkDefault config.krebs.users.shared; - krebs.build.source = let inherit (config.krebs.build) host user; in { - nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix"; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "72c9ed78d0b1d9d5f531805ddf5bf06bfd447614"; # nixos-17.03 @ 2017-06-17 - }; - secrets.file = - if getEnv "dummy_secrets" == "true" - then toString - else "${getEnv "HOME"}/secrets/krebs/${host.name}"; - stockholm.file = getEnv "PWD"; - }; networking.hostName = config.krebs.build.host.name; diff --git a/shared/source.nix b/shared/source.nix new file mode 100644 index 0000000..8ec9fbb --- /dev/null +++ b/shared/source.nix @@ -0,0 +1,19 @@ +with import ; +host@{ name, secure ? false }: let + builder = if getEnv "dummy_secrets" == "true" + then "buildbot" + else "shared"; + _file = + "/shared/1systems/${name}/source.nix"; +in + evalSource (toString _file) { + nixos-config.symlink = "stockholm/shared/1systems/${name}/config.nix"; + secrets.file = getAttr builder { + buildbot = toString ; + lass = "${getEnv "HOME"}/secrets/krebs/${host.name}"; + }; + stockholm.file = toString ; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + ref = "72c9ed78d0b1d9d5f531805ddf5bf06bfd447614"; # nixos-17.03 @ 2017-06-17 + }; + } -- cgit v1.2.3 From 4698c7733b63bc12072e7a2b29e870c459cf629c Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 12 Jul 2017 17:53:41 +0200 Subject: lib.eval-source: allow source to be a list --- lib/eval-source.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/eval-source.nix b/lib/eval-source.nix index de5f0b4..468fc92 100644 --- a/lib/eval-source.nix +++ b/lib/eval-source.nix @@ -3,13 +3,11 @@ let eval = _file: source: evalModules { modules = singleton { inherit _file; + imports = map (source: { inherit source; }) (toList source); options.source = mkOption { type = types.attrsOf types.source; default = {}; }; - config = { - inherit source; - }; }; }; in -- cgit v1.2.3 From b0811bd377bf12d3fc750a058268daa71d48d5f8 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 12 Jul 2017 18:00:23 +0200 Subject: tv source: make nixpkgs ref easily overridable --- tv/source.nix | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/tv/source.nix b/tv/source.nix index 7306cd9..4ede976 100644 --- a/tv/source.nix +++ b/tv/source.nix @@ -1,22 +1,27 @@ with import ; -host@{ name, secure ? false }: let +host@{ name, secure ? false, override ? {} }: let builder = if getEnv "dummy_secrets" == "true" then "buildbot" else "tv"; _file = + "/tv/1systems/${name}/source.nix"; in - evalSource (toString _file) { - nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; - secrets.file = getAttr builder { - buildbot = toString ; - tv = "/home/tv/secrets/${name}"; - }; - stockholm.file = toString ; - secrets-common.file = "/home/tv/secrets/common"; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "1b57bf274ae5c76e91b2b264d8aa8bfcecb72102"; # nixos-17.03 - }; - } // optionalAttrs secure { - secrets-master.file = "/home/tv/secrets/master"; - } + evalSource (toString _file) [ + { + nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; + nixpkgs.git = { + # nixos-17.03 + ref = mkDefault "1b57bf274ae5c76e91b2b264d8aa8bfcecb72102"; + url = https://github.com/NixOS/nixpkgs; + }; + secrets.file = getAttr builder { + buildbot = toString ; + tv = "/home/tv/secrets/${name}"; + }; + secrets-common.file = "/home/tv/secrets/common"; + stockholm.file = toString ; + } + (mkIf secure { + secrets-master.file = "/home/tv/secrets/master"; + }) + override + ] -- cgit v1.2.3 From b4d3d6c7ab2ff197b6dc47f366f698fceeb88242 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 12 Jul 2017 18:01:18 +0200 Subject: tv alnus source: overrid nixpkgs ref --- tv/1systems/alnus/config.nix | 1 - tv/1systems/alnus/source.nix | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix index d08a290..dd9e594 100644 --- a/tv/1systems/alnus/config.nix +++ b/tv/1systems/alnus/config.nix @@ -58,7 +58,6 @@ with import ; krebs.build = { host = config.krebs.hosts.alnus; user = mkForce config.krebs.users.dv; - source.nixpkgs.git.ref = mkForce "9b948ea439ddbaa26740ce35543e7e35d2aa6d18"; }; networking.networkmanager.enable = true; diff --git a/tv/1systems/alnus/source.nix b/tv/1systems/alnus/source.nix index f9dcefe..c3ed4dc 100644 --- a/tv/1systems/alnus/source.nix +++ b/tv/1systems/alnus/source.nix @@ -1,3 +1,4 @@ import { name = "alnus"; + override.nixpkgs.git.ref = "9b948ea439ddbaa26740ce35543e7e35d2aa6d18"; } -- cgit v1.2.3