summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <git@lassul.us>2024-06-25 22:27:47 +0200
committerlassulus <git@lassul.us>2024-06-25 22:27:47 +0200
commitf9dfebb1b50603367115d14cb1ed9eb6c862fcae (patch)
tree34d92b4784fd922a1ec3a15d7987bed55660d3ff
parent14c72d70908915e41554d0f24bd72f00a318b2a0 (diff)
parentb5ed6effc88c20eb1044edab103630099a7d1411 (diff)
Merge remote-tracking branch 'gum/master'
-rw-r--r--flake.lock65
-rw-r--r--flake.nix5
-rw-r--r--kartei/makefu/default.nix1
-rw-r--r--krebs/1systems/hotdog/config.nix5
-rw-r--r--krebs/2configs/buildbot/master.nix33
-rw-r--r--krebs/2configs/buildbot/worker.nix11
-rw-r--r--krebs/2configs/default.nix2
-rw-r--r--krebs/2configs/matterbridge.nix2
8 files changed, 120 insertions, 4 deletions
diff --git a/flake.lock b/flake.lock
index faadbeea2..21c3ae0b6 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,48 @@
{
"nodes": {
+ "buildbot-nix": {
+ "inputs": {
+ "flake-parts": "flake-parts",
+ "nixpkgs": [
+ "nixpkgs"
+ ],
+ "treefmt-nix": "treefmt-nix"
+ },
+ "locked": {
+ "lastModified": 1717033539,
+ "narHash": "sha256-vWQLnmZSipvaosXnGze8aSqlEzaAF9PhA5sh2QYNvTc=",
+ "owner": "Mic92",
+ "repo": "buildbot-nix",
+ "rev": "ad165ae64f877adc6156b8f21c31fc74144dc8e4",
+ "type": "github"
+ },
+ "original": {
+ "owner": "Mic92",
+ "repo": "buildbot-nix",
+ "type": "github"
+ }
+ },
+ "flake-parts": {
+ "inputs": {
+ "nixpkgs-lib": [
+ "buildbot-nix",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1715865404,
+ "narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
"nix-writers": {
"flake": false,
"locked": {
@@ -34,9 +77,31 @@
},
"root": {
"inputs": {
+ "buildbot-nix": "buildbot-nix",
"nix-writers": "nix-writers",
"nixpkgs": "nixpkgs"
}
+ },
+ "treefmt-nix": {
+ "inputs": {
+ "nixpkgs": [
+ "buildbot-nix",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1715940852,
+ "narHash": "sha256-wJqHMg/K6X3JGAE9YLM0LsuKrKb4XiBeVaoeMNlReZg=",
+ "owner": "numtide",
+ "repo": "treefmt-nix",
+ "rev": "2fba33a182602b9d49f0b2440513e5ee091d838b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "treefmt-nix",
+ "type": "github"
+ }
}
},
"root": "root",
diff --git a/flake.nix b/flake.nix
index 516648849..d4f8b2b33 100644
--- a/flake.nix
+++ b/flake.nix
@@ -7,15 +7,18 @@
};
# disko.url = "github:nix-community/disko";
# disko.inputs.nixpkgs.follows = "nixpkgs";
+ buildbot-nix.url = "github:Mic92/buildbot-nix";
+ buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";
};
description = "stockholm";
- outputs = { self, nixpkgs, nix-writers }: {
+ outputs = { self, nixpkgs, nix-writers, buildbot-nix, ... }@inputs: {
nixosConfigurations = nixpkgs.lib.mapAttrs (machineName: _: nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.stockholm = self;
specialArgs.nix-writers = nix-writers;
+ specialArgs.buildbot-nix = buildbot-nix;
modules = [
./krebs/1systems/${machineName}/config.nix
{
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix
index d6134cd8d..6dd59be55 100644
--- a/kartei/makefu/default.nix
+++ b/kartei/makefu/default.nix
@@ -211,6 +211,7 @@ in {
bookmark.euer IN A ${nets.internet.ip4.addr}
boot IN A ${nets.internet.ip4.addr}
boot.euer IN A ${nets.internet.ip4.addr}
+ build.euer IN A ${nets.internet.ip4.addr}
cache.euer IN A ${nets.internet.ip4.addr}
cache.gum IN A ${nets.internet.ip4.addr}
cgit.euer IN A ${nets.internet.ip4.addr}
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 0a103ed1a..91071ec85 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -6,7 +6,6 @@
../../../krebs/2configs
../../../krebs/2configs/nginx.nix
- ../../../krebs/2configs/buildbot-stockholm.nix
../../../krebs/2configs/binary-cache/nixos.nix
../../../krebs/2configs/ircd.nix
../../../krebs/2configs/reaktor2.nix
@@ -15,6 +14,10 @@
../../../krebs/2configs/mud.nix
../../../krebs/2configs/repo-sync.nix
+ ../../../krebs/2configs/buildbot-stockholm.nix
+ #../../../krebs/2configs/buildbot/master.nix
+ #../../../krebs/2configs/buildbot/worker.nix
+
../../../krebs/2configs/cal.nix
../../../krebs/2configs/mastodon.nix
diff --git a/krebs/2configs/buildbot/master.nix b/krebs/2configs/buildbot/master.nix
new file mode 100644
index 000000000..9598f6fa0
--- /dev/null
+++ b/krebs/2configs/buildbot/master.nix
@@ -0,0 +1,33 @@
+{buildbot-nix,...}:
+let
+ #domain = "buildbot.krebsco.de";
+ domain = "build.hotdog.r";
+in {
+ imports = [
+ buildbot-nix.nixosModules.buildbot-master
+ ];
+
+ #services.nginx.virtualHosts."${domain}" = {
+ # enableACME = true;
+ # forceSSL = true;
+ #};
+
+
+ services.buildbot-nix.master = {
+ enable = true;
+ admins = [ "makefu" ];
+ buildSystems = [ "x86_64-linux" "aarch64-linux" ];
+ inherit domain;
+ evalMaxMemorySize = "4096";
+ evalWorkerCount = 16;
+ workersFile = "/var/src/secrets/buildbot/nix-workers";
+ github = {
+ tokenFile = "/var/src/secrets/buildbot/github-token";
+ webhookSecretFile = "/var/src/secrets/buildbot/github-webhook-secret";
+ oauthSecretFile = "/var/src/secrets/buildbot/github-oauth-secret";
+ oauthId = "Ov23lizFP7t7qoE9FuDA";
+ user = "krebs-bob";
+ topic = "buildbot";
+ };
+ };
+}
diff --git a/krebs/2configs/buildbot/worker.nix b/krebs/2configs/buildbot/worker.nix
new file mode 100644
index 000000000..e96c6df14
--- /dev/null
+++ b/krebs/2configs/buildbot/worker.nix
@@ -0,0 +1,11 @@
+{ buildbot-nix, ... }:
+{
+ imports = [
+ buildbot-nix.nixosModules.buildbot-worker
+ ];
+
+ services.buildbot-nix.worker = {
+ enable = true;
+ workerPasswordFile = "/var/src/secrets/nix-worker-file";
+ };
+}
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 5d64555c8..6ca7c732a 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -28,7 +28,7 @@ with import ../../lib/pure.nix { inherit lib; };
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = 1;
- nix.useSandbox = true;
+ nix.settings.sandbox = true;
environment.systemPackages = with pkgs; [
git
diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix
index f42921824..aa33f748f 100644
--- a/krebs/2configs/matterbridge.nix
+++ b/krebs/2configs/matterbridge.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }: {
+{ pkgs, lib, config, ... }: {
services.matterbridge = {
enable = true;
configPath = let