summaryrefslogtreecommitdiffstats
path: root/krebs/2configs
diff options
context:
space:
mode:
authorjeschli <jeschli@gmail.com>2018-06-19 09:52:04 +0200
committerjeschli <jeschli@gmail.com>2018-06-19 09:52:04 +0200
commit324a8615f19c267d67b8a96d8e74b648c875ba04 (patch)
tree8f7444a8e69ae254354a83a119d1c62bfaf95989 /krebs/2configs
parent2a3f60d6fb3cd8d5f1ead4e5ff43fc9364eedad3 (diff)
parent8eca9165ce6ffaba1076a916bfa475eb935f0a6f (diff)
Merge remote-tracking branch 'origin/staging/jeschli'
Diffstat (limited to 'krebs/2configs')
-rw-r--r--krebs/2configs/buildbot-all.nix9
-rw-r--r--krebs/2configs/buildbot-krebs.nix12
-rw-r--r--krebs/2configs/buildbot-stockholm.nix178
-rw-r--r--krebs/2configs/default.nix1
-rw-r--r--krebs/2configs/news-spam.nix5
-rw-r--r--krebs/2configs/news.nix6
-rw-r--r--krebs/2configs/reaktor-krebs.nix11
-rw-r--r--krebs/2configs/reaktor-retiolum.nix4
-rw-r--r--krebs/2configs/shack/worlddomination.nix85
9 files changed, 252 insertions, 59 deletions
diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix
deleted file mode 100644
index d85cde175..000000000
--- a/krebs/2configs/buildbot-all.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-with import <stockholm/lib>;
-{ lib, config, pkgs, ... }:
-{
- networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
- krebs.ci.enable = true;
- krebs.ci.treeStableTimer = 1;
- krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts);
-}
-
diff --git a/krebs/2configs/buildbot-krebs.nix b/krebs/2configs/buildbot-krebs.nix
deleted file mode 100644
index a09b3b98b..000000000
--- a/krebs/2configs/buildbot-krebs.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-with import <stockholm/lib>;
-{ lib, config, pkgs, ... }:
-{
- imports = [
- <stockholm/krebs/2configs/repo-sync.nix>
- ];
-
- networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
- krebs.ci.enable = true;
- krebs.ci.treeStableTimer = 120;
- krebs.ci.hosts = [ config.krebs.build.host ];
-}
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
new file mode 100644
index 000000000..04b1c999f
--- /dev/null
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -0,0 +1,178 @@
+{ config, pkgs, ... }: with import <stockholm/lib>;
+
+let
+
+ hostname = config.networking.hostName;
+
+in
+{
+ networking.firewall.allowedTCPPorts = [ 80 ];
+ services.nginx = {
+ enable = true;
+ virtualHosts.build = {
+ serverAliases = [ "build.${hostname}.r" ];
+ locations."/".extraConfig = ''
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass http://127.0.0.1:${toString config.krebs.buildbot.master.web.port};
+ '';
+ };
+ };
+
+ krebs.buildbot.master = {
+ slaves = {
+ testslave = "lasspass";
+ };
+ change_source.stockholm = ''
+ stockholm_repo = 'http://cgit.prism.r/stockholm'
+ cs.append(
+ changes.GitPoller(
+ stockholm_repo,
+ workdir='stockholm-poller', branches=True,
+ project='stockholm',
+ pollinterval=10
+ )
+ )
+ '';
+ scheduler = {
+ auto-scheduler = ''
+ sched.append(
+ schedulers.SingleBranchScheduler(
+ change_filter=util.ChangeFilter(branch_re=".*"),
+ treeStableTimer=60,
+ name="build-all-branches",
+ builderNames=[
+ "hosts",
+ ]
+ )
+ )
+ '';
+ force-scheduler = ''
+ sched.append(
+ schedulers.ForceScheduler(
+ name="hosts",
+ builderNames=[
+ "hosts",
+ ]
+ )
+ )
+ '';
+ };
+ builder_pre = ''
+ # prepare grab_repo step for stockholm
+ grab_repo = steps.Git(
+ repourl=stockholm_repo,
+ mode='full',
+ )
+ '';
+ builder = {
+ hosts = ''
+ from buildbot import interfaces
+ from buildbot.steps.shell import ShellCommand
+
+ class StepToStartMoreSteps(ShellCommand):
+ def __init__(self, **kwargs):
+ ShellCommand.__init__(self, **kwargs)
+
+ def addBuildSteps(self, steps_factories):
+ for sf in steps_factories:
+ step = interfaces.IBuildStepFactory(sf).buildStep()
+ step.setBuild(self.build)
+ step.setBuildSlave(self.build.slavebuilder.slave)
+ step_status = self.build.build_status.addStepWithName(step.name)
+ step.setStepStatus(step_status)
+ self.build.steps.append(step)
+
+ def start(self):
+ props = self.build.getProperties()
+ hosts = json.loads(props.getProperty('hosts_json'))
+ for host in hosts:
+ user = hosts[host]['owner']
+
+ self.addBuildSteps([steps.ShellCommand(
+ name=str(host),
+ env={
+ "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src",
+ "NIX_REMOTE": "daemon",
+ "dummy_secrets": "true",
+ },
+ command=[
+ "nix-shell", "-I", "stockholm=.", "--run", " ".join(["test",
+ "--user={}".format(user),
+ "--system={}".format(host),
+ "--force-populate",
+ "--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user),
+ ])
+ ],
+ timeout=90001,
+ workdir='build', # TODO figure out why we need this?
+ )])
+
+ ShellCommand.start(self)
+
+
+ f = util.BuildFactory()
+ f.addStep(grab_repo)
+
+ f.addStep(steps.SetPropertyFromCommand(
+ env={
+ "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src",
+ "NIX_REMOTE": "daemon",
+ },
+ name="get_hosts",
+ command=["nix-instantiate", "--json", "--strict", "--eval", "-E", """
+ with import <nixpkgs> {};
+ let
+ eval-config = cfg:
+ import <nixpkgs/nixos/lib/eval-config.nix> {
+ modules = [
+ (import cfg)
+ ];
+ }
+ ;
+
+ system = eval-config ./krebs/1systems/hotdog/config.nix; # TODO put a better config here
+
+ ci-systems = lib.filterAttrs (_: v: v.ci) system.config.krebs.hosts;
+
+ filtered-attrs = lib.mapAttrs ( n: v: {
+ owner = v.owner.name;
+ }) ci-systems;
+
+ in filtered-attrs
+ """],
+ property="hosts_json"
+ ))
+ f.addStep(StepToStartMoreSteps(command=["echo"])) # TODO remove dummy command from here
+
+ bu.append(
+ util.BuilderConfig(
+ name="hosts",
+ slavenames=slavenames,
+ factory=f
+ )
+ )
+ '';
+ };
+ enable = true;
+ web.enable = true;
+ irc = {
+ enable = true;
+ nick = "build|${hostname}";
+ server = "irc.r";
+ channels = [ "noise" "xxx" ];
+ allowForce = true;
+ };
+ extraConfig = ''
+ c['buildbotURL'] = "http://build.${hostname}.r/"
+ '';
+ };
+
+ krebs.buildbot.slave = {
+ enable = true;
+ masterhost = "localhost";
+ username = "testslave";
+ password = "lasspass";
+ packages = with pkgs; [ gnumake jq nix populate ];
+ };
+}
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 90aaa254a..7b970923d 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -50,6 +50,7 @@ with import <stockholm/lib>;
users.extraUsers.root.openssh.authorizedKeys.keys = [
# TODO
config.krebs.users.lass.pubkey
+ config.krebs.users.lass-mors.pubkey
config.krebs.users.makefu.pubkey
# TODO HARDER:
config.krebs.users.makefu-omo.pubkey
diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix
index 63848c234..a3f39b40e 100644
--- a/krebs/2configs/news-spam.nix
+++ b/krebs/2configs/news-spam.nix
@@ -2,6 +2,7 @@
{
krebs.newsbot-js.news-spam = {
+ urlShortenerHost = "go.lassul.us";
feeds = pkgs.writeText "feeds" ''
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
@@ -93,7 +94,7 @@
[SPAM]npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
[SPAM]nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
[SPAM]nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
- [SPAM]painload|https://github.com/krebscode/painload/commits/master.atom|#snews
+ [SPAM]painload|https://github.com/krebs/painload/commits/master.atom|#snews
[SPAM]phys|http://phys.org/rss-feed/|#snews
[SPAM]piraten|https://www.piratenpartei.de/feed/|#snews
[SPAM]polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
@@ -120,7 +121,7 @@
[SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
[SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews
[SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
- [SPAM]shackspace|http://blog.shackspace.de/?feed=rss2|#snews
+ [SPAM]shackspace|http://shackspace.de/atom.xml|#snews
[SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
[SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
[SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
index 2628c7986..6c59f4d84 100644
--- a/krebs/2configs/news.nix
+++ b/krebs/2configs/news.nix
@@ -8,15 +8,15 @@
ethereum|http://blog.ethereum.org/feed|#news
LtU|http://lambda-the-ultimate.org/rss.xml|#news
mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#news
- painload|https://github.com/krebscode/painload/commits/master.atom|#news
+ painload|https://github.com/krebs/painload/commits/master.atom|#news
reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
- shackspace|http://blog.shackspace.de/?feed=rss2|#news
+ shackspace|http://shackspace.de/atom.xml|#news
tinc|http://tinc-vpn.org/news/index.rss|#news
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
weechat|http://dev.weechat.org/feed/atom|#news
xkcd|https://xkcd.com/rss.xml|#news
- painload|https://github.com/krebscode/painload/commits/master.atom|#news
+ painload|https://github.com/krebs/painload/commits/master.atom|#news
'';
};
}
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index 6b17b457d..fa51b84f0 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -13,13 +13,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- wiki-todo-add
- wiki-todo-done
- wiki-todo-show
- ];
+ ] ++
+ (attrValues (todo "agenda"))
+ ;
};
- services.nginx.virtualHosts."lassul.us".locations."/wiki-todo".extraConfig = ''
- default_type "text/plain";
- alias /var/lib/Reaktor/state/wiki-todo;
- '';
}
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
index 144b7d484..b32d39b7e 100644
--- a/krebs/2configs/reaktor-retiolum.nix
+++ b/krebs/2configs/reaktor-retiolum.nix
@@ -10,6 +10,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- ];
+ ] ++
+ (attrValues (todo "agenda"))
+ ;
};
}
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index 828b6cd70..44176a341 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -2,8 +2,56 @@
with import <stockholm/lib>;
let
+ pkg = pkgs.stdenv.mkDerivation {
+ name = "worlddomination-2018-04-21";
+ src = pkgs.fetchgit {
+ url = "https://github.com/shackspace/worlddomination/";
+ rev = "1b32403b9";
+ sha256 = "10x7aiil13k3x9wqy95mi1ys999d6fxg5sys3jwv7a1p930gkl1i";
+ };
+ buildInputs = [
+ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+ docopt
+ LinkHeader
+ aiocoap
+ grequests
+ paramiko
+ python
+ ]))
+ ];
+ installPhase = ''
+ install -m755 -D backend/push_led.py $out/bin/push-led
+ install -m755 -D backend/loop_single.py $out/bin/loop-single
+ # copy the provided file to the package
+ install -m755 -D backend/wd.lst $out/${wdpath}
+ '';
+ };
pythonPackages = pkgs.python3Packages;
# https://github.com/chrysn/aiocoap
+ grequests = pythonPackages.buildPythonPackage rec {
+ pname = "grequests";
+ version = "0.3.1";
+ name = "${pname}-${version}";
+
+ src = pkgs.fetchFromGitHub {
+ owner = "kennethreitz";
+ repo = "grequests";
+ rev = "d1e70eb";
+ sha256 = "0drfx4fx65k0g5sj0pw8z3q1s0sp7idn2yz8xfb45nd6v82i37hc";
+ };
+
+ doCheck = false;
+
+ propagatedBuildInputs = with pythonPackages; [ requests gevent ];
+
+ meta = with lib;{
+ description = "Asynchronous HTTP requests";
+ homepage = https://github.com/kennethreitz/grequests;
+ license = with licenses; [ bsd2 ];
+ maintainers = with maintainers; [ matejc ];
+ };
+ };
+
aiocoap = pythonPackages.buildPythonPackage {
name = "aiocoap-0.3";
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
@@ -25,32 +73,9 @@ let
description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
};
};
- pkg = pkgs.stdenv.mkDerivation {
- name = "worlddomination-2017-06-10";
- src = pkgs.fetchgit {
- url = "https://github.com/shackspace/worlddomination/";
- rev = "72fc9b5";
- sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf";
- };
- buildInputs = [
- (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
- docopt
- LinkHeader
- aiocoap
- requests
- paramiko
- python
- ]))
- ];
- installPhase = ''
- install -m755 -D backend/push_led.py $out/bin/push-led
- install -m755 -D backend/loop_single.py $out/bin/loop-single
- # copy the provided file to the package
- install -m755 -D backend/wd.lst $out/${wdpath}
- '';
- };
wdpath = "/usr/worlddomination/wd.lst";
esphost = "10.42.24.7"; # esp8266
+ afrihost = "10.42.25.201"; # africa
timeout = 10; # minutes
in {
systemd.services.worlddomination = {
@@ -64,4 +89,16 @@ in {
PermissionsStartOnly = true;
};
};
+
+ systemd.services.worlddomination-africa = {
+ description = "run worlddomination africa";
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody"; # TODO separate user
+ ExecStart = "${pkg}/bin/push-led ${afrihost} ${pkg}/${wdpath} loop ${toString timeout}";
+ Restart = "always";
+ PrivateTmp = true;
+ PermissionsStartOnly = true;
+ };
+ };
}