From f8fabf4ea6f15b0c7613846e38051f83ef887933 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 13:03:48 +0100 Subject: shared: move stuff from 1/wolf.nix to 2/base.nix --- shared/1systems/wolf.nix | 71 +--------------------------------------------- shared/2configs/base.nix | 74 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+), 70 deletions(-) create mode 100644 shared/2configs/base.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 60d1e8ce8..4fe3388c8 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -1,9 +1,8 @@ { config, lib, pkgs, ... }: -with lib; - { imports = [ + ../2configs/base.nix ../2configs/collectd-base.nix ]; @@ -13,34 +12,6 @@ with lib; krebs.build.user = config.krebs.users.shared; krebs.build.target = "wolf"; - krebs.enable = true; - krebs.retiolum = { - enable = true; - connectTo = [ - # TODO remove connectTo cd, this was only used for bootstrapping - "cd" - "gum" - "pigstarter" - ]; - }; - - krebs.build.source = { - git.nixpkgs = { - url = https://github.com/NixOS/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; - }; - dir.secrets = { - host = config.krebs.current.host; - path = "${getEnv "HOME"}/secrets/krebs/wolf"; - }; - dir.stockholm = { - host = config.krebs.current.host; - path = "${getEnv "HOME"}/stockholm"; - }; - }; - - networking.hostName = config.krebs.build.host.name; - boot.kernel.sysctl = { # Enable IPv6 Privacy Extensions "net.ipv6.conf.all.use_tempaddr" = 2; @@ -63,45 +34,5 @@ with lib; { device = "/dev/disk/by-label/swap"; } ]; - nix.maxJobs = 1; - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - "http://cache.nixos.org" - "http://hydra.nixos.org" - ]; - nix.useChroot = true; - - nixpkgs.config.packageOverrides = pkgs: { - nano = pkgs.vim; - }; - - environment.systemPackages = with pkgs; [ - git - rxvt_unicode.terminfo - ]; - time.timeZone = "Europe/Berlin"; - - programs.ssh.startAgent = false; - - services.openssh = { - enable = true; - hostKeys = [ - { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - services.cron.enable = false; - services.nscd.enable = false; - services.ntp.enable = false; - - users.mutableUsers = false; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - # TODO - config.krebs.users.lass.pubkey - config.krebs.users.makefu.pubkey - config.krebs.users.tv.pubkey - ]; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "15.09"; } diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix new file mode 100644 index 000000000..c9f4ffa8d --- /dev/null +++ b/shared/2configs/base.nix @@ -0,0 +1,74 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + krebs.enable = true; + krebs.retiolum = { + enable = true; + connectTo = [ + # TODO remove connectTo cd, this was only used for bootstrapping + "cd" + "gum" + "pigstarter" + ]; + }; + + krebs.build.source = { + git.nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + }; + dir.secrets = { + host = config.krebs.current.host; + path = "${getEnv "HOME"}/secrets/krebs/wolf"; + }; + dir.stockholm = { + host = config.krebs.current.host; + path = "${getEnv "HOME"}/stockholm"; + }; + }; + + networking.hostName = config.krebs.build.host.name; + + nix.maxJobs = 1; + nix.trustedBinaryCaches = [ + "https://cache.nixos.org" + "http://cache.nixos.org" + "http://hydra.nixos.org" + ]; + nix.useChroot = true; + + nixpkgs.config.packageOverrides = pkgs: { + nano = pkgs.vim; + }; + + environment.systemPackages = with pkgs; [ + git + rxvt_unicode.terminfo + ]; + + programs.ssh.startAgent = false; + + services.openssh = { + enable = true; + hostKeys = [ + { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + services.cron.enable = false; + services.nscd.enable = false; + services.ntp.enable = false; + + users.mutableUsers = false; + users.extraUsers.root.openssh.authorizedKeys.keys = [ + # TODO + config.krebs.users.lass.pubkey + config.krebs.users.makefu.pubkey + config.krebs.users.tv.pubkey + ]; + + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "15.09"; + +} -- cgit v1.2.3 From a204949071a964584bf27889277c8890ed724979 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 13:05:19 +0100 Subject: move testhosts to shared from lass --- shared/1systems/test-arch.nix | 32 ++++++++++++++++++++++++++++++++ shared/1systems/test-centos6.nix | 30 ++++++++++++++++++++++++++++++ shared/1systems/test-centos7.nix | 31 +++++++++++++++++++++++++++++++ 3 files changed, 93 insertions(+) create mode 100644 shared/1systems/test-arch.nix create mode 100644 shared/1systems/test-centos6.nix create mode 100644 shared/1systems/test-centos7.nix (limited to 'shared') diff --git a/shared/1systems/test-arch.nix b/shared/1systems/test-arch.nix new file mode 100644 index 000000000..ece209490 --- /dev/null +++ b/shared/1systems/test-arch.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../2configs/base.nix + { + boot.loader.grub = { + device = "/dev/sda"; + splashImage = null; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "vmw_pvscsi" + ]; + + fileSystems."/" = { + device = "/dev/sda1"; + }; + } + { + networking.dhcpcd.allowInterfaces = [ + "enp*" + ]; + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.test-arch; +} diff --git a/shared/1systems/test-centos6.nix b/shared/1systems/test-centos6.nix new file mode 100644 index 000000000..a8b5f9b9c --- /dev/null +++ b/shared/1systems/test-centos6.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) head; + + ip = "168.235.148.52"; + gw = "168.235.148.1"; +in { + imports = [ + ../2configs/base.nix + ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix + { + networking.interfaces.enp11s0.ip4 = [ + { + address = ip; + prefixLength = 24; + } + ]; + networking.defaultGateway = gw; + networking.nameservers = [ + "8.8.8.8" + ]; + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.test-centos6; +} diff --git a/shared/1systems/test-centos7.nix b/shared/1systems/test-centos7.nix new file mode 100644 index 000000000..51e99600c --- /dev/null +++ b/shared/1systems/test-centos7.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) head; + + ip = "168.235.145.85"; + gw = "168.235.145.1"; +in { + imports = [ + ../2configs/base.nix + ../2configs/os-templates/CAC-CentOS-7-64bit.nix + { + networking.interfaces.enp2s1.ip4 = [ + { + address = ip; + prefixLength = 24; + } + ]; + networking.defaultGateway = gw; + networking.nameservers = [ + "8.8.8.8" + ]; + + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.test-centos7; +} -- cgit v1.2.3 From e7d22252dcad25fd5594e9a431f5a39aa620906d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:59:48 +0100 Subject: shared: add os templates to 2 --- .../2configs/os-templates/CAC-CentOS-6.5-64bit.nix | 47 ++++++++++++++++++++++ .../2configs/os-templates/CAC-CentOS-7-64bit.nix | 47 ++++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix create mode 100644 shared/2configs/os-templates/CAC-CentOS-7-64bit.nix (limited to 'shared') diff --git a/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix new file mode 100644 index 000000000..b5ec722a0 --- /dev/null +++ b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix @@ -0,0 +1,47 @@ +_: + +{ + boot.loader.grub = { + device = "/dev/sda"; + splashImage = null; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "vmw_pvscsi" + ]; + + fileSystems."/" = { + device = "/dev/VolGroup/lv_root"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; + + swapDevices = [ + { device = "/dev/VolGroup/lv_swap"; } + ]; + + users.extraGroups = { + # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories + # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service) + # Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago + # Docs: man:tmpfiles.d(5) + # man:systemd-tmpfiles(8) + # Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE) + # Main PID: 19272 (code=exited, status=1/FAILURE) + # + # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'. + # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring. + # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring. + # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE + # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories. + # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state. + # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed. + # warning: error(s) occured while switching to the new configuration + lock.gid = 10001; + }; +} diff --git a/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix new file mode 100644 index 000000000..168d1d97b --- /dev/null +++ b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix @@ -0,0 +1,47 @@ +_: + +{ + boot.loader.grub = { + device = "/dev/sda"; + splashImage = null; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "vmw_pvscsi" + ]; + + fileSystems."/" = { + device = "/dev/centos/root"; + fsType = "xfs"; + }; + + fileSystems."/boot" = { + device = "/dev/sda1"; + fsType = "xfs"; + }; + + swapDevices = [ + { device = "/dev/centos/swap"; } + ]; + + users.extraGroups = { + # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories + # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service) + # Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago + # Docs: man:tmpfiles.d(5) + # man:systemd-tmpfiles(8) + # Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE) + # Main PID: 19272 (code=exited, status=1/FAILURE) + # + # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'. + # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring. + # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring. + # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE + # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories. + # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state. + # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed. + # warning: error(s) occured while switching to the new configuration + lock.gid = 10001; + }; +} -- cgit v1.2.3 From a4ab19181b312a64a14f7da694e994959ce2b147 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 13:57:43 +0100 Subject: shared 2 base: add makefu_omo to allowed pubkeys --- shared/2configs/base.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'shared') diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix index c9f4ffa8d..df41eae1a 100644 --- a/shared/2configs/base.nix +++ b/shared/2configs/base.nix @@ -64,6 +64,8 @@ with lib; # TODO config.krebs.users.lass.pubkey config.krebs.users.makefu.pubkey + # TODO HARDER: + (readFile ../../krebs/Zpubkeys/makefu_omo.ssh.pub) config.krebs.users.tv.pubkey ]; -- cgit v1.2.3 From 5aed0a395b2f78216bc02a7178527034bb079d28 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 22:15:07 +0100 Subject: shared wolf: static ip, fix todo --- shared/1systems/wolf.nix | 21 ++++++++++++++++++++- shared/2configs/shack-drivedroid.nix | 18 ++++++++++++++++++ shared/2configs/shack-nix-cacher.nix | 25 +++++++++++++++++++++++++ 3 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 shared/2configs/shack-drivedroid.nix create mode 100644 shared/2configs/shack-nix-cacher.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 4fe3388c8..30e6e1d07 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -1,12 +1,31 @@ { config, lib, pkgs, ... }: +let + shack-ip = lib.head config.krebs.build.host.nets.shack.addrs4; + internal-ip = lib.head config.krebs.build.host.nets.retiolum.addrs4; +in { imports = [ ../2configs/base.nix ../2configs/collectd-base.nix + ../2configs/shack-nix-cacher.nix + ../2configs/shack-drivedroid.nix ]; + networking = { + interfaces.eth0.ip4 = [{ + address = shack-ip; + prefixLength = 20; + }]; + + defaultGateway = "10.42.0.1"; + nameservers = [ "8.8.8.8" ]; + }; + + ##################### + # uninteresting stuff + ##################### krebs.build.host = config.krebs.hosts.wolf; # TODO rename shared user to "krebs" krebs.build.user = config.krebs.users.shared; @@ -31,7 +50,7 @@ fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; swapDevices = [ - { device = "/dev/disk/by-label/swap"; } + { device = "/dev/disk/by-label/swap"; } ]; time.timeZone = "Europe/Berlin"; diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix new file mode 100644 index 000000000..294f3a369 --- /dev/null +++ b/shared/2configs/shack-drivedroid.nix @@ -0,0 +1,18 @@ +{ pkgs, lib, ... }: + +{ + krebs.nginx = { + enable = lib.mkDefault true; + servers = { + drivedroid-repo = { + server-names = [ "drivedroid.shack" ]; + # TODO: prepare this somehow + locations = lib.singleton (lib.nameValuePair "/" '' + root /var/srv/drivedroid + index main.json + ''); + }; + }; + }; + +} diff --git a/shared/2configs/shack-nix-cacher.nix b/shared/2configs/shack-nix-cacher.nix new file mode 100644 index 000000000..7519bb3ac --- /dev/null +++ b/shared/2configs/shack-nix-cacher.nix @@ -0,0 +1,25 @@ +{ pkgs, lib, ... }: + +{ + krebs.nginx = { + enable = lib.mkDefault true; + servers = { + apt-cacher-ng = { + server-names = [ "acng.shack" ]; + locations = lib.singleton (lib.nameValuePair "/" '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:3142/; + ''); + }; + }; + }; + + krebs.apt-cacher-ng = { + enable = true; + port = 3142; + bindAddress = "localhost"; + cacheExpiration = 30; + }; +} -- cgit v1.2.3 From 7e4eefa91bb3d06baf8c2bd53c26d5b5337b66d8 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 23:11:55 +0100 Subject: s 2 drivedroid: fix syntax error --- shared/2configs/shack-drivedroid.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'shared') diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix index 294f3a369..44b62a807 100644 --- a/shared/2configs/shack-drivedroid.nix +++ b/shared/2configs/shack-drivedroid.nix @@ -8,8 +8,8 @@ server-names = [ "drivedroid.shack" ]; # TODO: prepare this somehow locations = lib.singleton (lib.nameValuePair "/" '' - root /var/srv/drivedroid - index main.json + root /var/srv/drivedroid; + index main.json; ''); }; }; -- cgit v1.2.3 From e4c46c2ec22613830c5839001550f5fa155e260d Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 23:13:09 +0100 Subject: shared 1 wolf: add self to binaryCache --- shared/1systems/wolf.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 30e6e1d07..8c5295bb3 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -12,8 +12,12 @@ in ../2configs/shack-nix-cacher.nix ../2configs/shack-drivedroid.nix ]; + # use your own binary cache, fallback use cache.nixos.org (which is used by + # apt-cacher-ng in first place) + nix.binaryCaches = [ "http://localhost:3142/nixos" "https://cache.nixos.org" ]; networking = { + firewall.enable = false; interfaces.eth0.ip4 = [{ address = shack-ip; prefixLength = 20; -- cgit v1.2.3 From a8d007868342517c235963a8ab13cff7c0e5d59e Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 18 Nov 2015 14:05:54 +0100 Subject: unstable -> s 2 shack-drivedroid --- shared/2configs/shack-drivedroid.nix | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'shared') diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix index 44b62a807..66940bc08 100644 --- a/shared/2configs/shack-drivedroid.nix +++ b/shared/2configs/shack-drivedroid.nix @@ -1,6 +1,30 @@ -{ pkgs, lib, ... }: - +{ pkgs, lib, config, ... }: +let + repodir = "/var/srv/drivedroid"; + srepodir = lib.shell.escape repodir; +in { + systemd.paths.drivedroid = { + wantedBy = [ "multi-user.target" ]; + Description = "triggers for changes in drivedroid dir"; + pathConfig = { + PathModified = repodir; + }; + }; + + systemd.services.drivedroid = { + ServiceConfig = { + ExecStartPre = pkgs.writeScript "prepare-drivedroid-repo-gen" '' + #!/bin/sh + mkdir -p ${srepodir}/repos + ''; + ExecStart = pkgs.writeScript "start-drivedroid-repo-gen" '' + #!/bin/sh + {pkgs.drivedroid-gen-repo}/bin/drivedroid-gen-repo --chdir "${srepodir}" repos/ > "${srepodir}/main.json" + ''; + }; + }; + krebs.nginx = { enable = lib.mkDefault true; servers = { @@ -8,7 +32,7 @@ server-names = [ "drivedroid.shack" ]; # TODO: prepare this somehow locations = lib.singleton (lib.nameValuePair "/" '' - root /var/srv/drivedroid; + root ${repodir}; index main.json; ''); }; -- cgit v1.2.3 From f9aceee5cce66503c069be2e01510f2a6215fb62 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 4 Dec 2015 10:22:18 +0100 Subject: s 2 drivedroid: update service --- shared/2configs/shack-drivedroid.nix | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'shared') diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix index 66940bc08..08a6b0697 100644 --- a/shared/2configs/shack-drivedroid.nix +++ b/shared/2configs/shack-drivedroid.nix @@ -4,23 +4,25 @@ let srepodir = lib.shell.escape repodir; in { - systemd.paths.drivedroid = { - wantedBy = [ "multi-user.target" ]; - Description = "triggers for changes in drivedroid dir"; - pathConfig = { - PathModified = repodir; - }; - }; + environment.systemPackages = [ pkgs.drivedroid-gen-repo ]; systemd.services.drivedroid = { - ServiceConfig = { - ExecStartPre = pkgs.writeScript "prepare-drivedroid-repo-gen" '' + description = "generates drivedroid repo file"; + restartIfChanged = true; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + Restart = "always"; + ExecStartPre = pkgs.writeScript "prepare-drivedroid-gen-repo" '' #!/bin/sh mkdir -p ${srepodir}/repos ''; - ExecStart = pkgs.writeScript "start-drivedroid-repo-gen" '' + ExecStart = pkgs.writeScript "start-drivedroid-gen-repo" '' #!/bin/sh - {pkgs.drivedroid-gen-repo}/bin/drivedroid-gen-repo --chdir "${srepodir}" repos/ > "${srepodir}/main.json" + while sleep 60; do + ${pkgs.inotify-tools}/bin/inotifywait -r ${srepodir} && ${pkgs.drivedroid-gen-repo}/bin/drivedroid-gen-repo --chdir "${srepodir}" repos/ > "${srepodir}/main.json" + done ''; }; }; -- cgit v1.2.3 From 55ad05879b8ba97e369bfd72810028dd4622e356 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 14 Dec 2015 19:36:06 +0100 Subject: s 1 wolf: initial preparation of ci packaging --- shared/1systems/wolf.nix | 3 ++- shared/2configs/cac-ci.nix | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 shared/2configs/cac-ci.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 8c5295bb3..a3e527a3b 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -11,6 +11,7 @@ in ../2configs/collectd-base.nix ../2configs/shack-nix-cacher.nix ../2configs/shack-drivedroid.nix + ../2configs/cac-ci.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) @@ -24,7 +25,7 @@ in }]; defaultGateway = "10.42.0.1"; - nameservers = [ "8.8.8.8" ]; + nameservers = [ "10.42.0.100" "10.42.0.200" ]; }; ##################### diff --git a/shared/2configs/cac-ci.nix b/shared/2configs/cac-ci.nix new file mode 100644 index 000000000..06cce2746 --- /dev/null +++ b/shared/2configs/cac-ci.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + environment.systemPackages = with pkgs;[ + get + cac + cacpanel + jq + ]; +} -- cgit v1.2.3 From edf646ee9211920a7eb85c13e567ecc748d014f4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Dec 2015 11:59:26 +0100 Subject: s 2 graphite: init config --- shared/2configs/graphite.nix | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 shared/2configs/graphite.nix (limited to 'shared') diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix new file mode 100644 index 000000000..707ec6e9a --- /dev/null +++ b/shared/2configs/graphite.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: + +# graphite-web on port 8080 +# carbon cache on port 2003 (tcp/udp) + +# TODO: krebs.graphite.minimal.enable +# TODO: configure firewall +with lib; +{ + imports = [ ]; + + services.graphite = { + web = { + enable = true; + host = "0.0.0.0"; + }; + carbon = { + enableCache = true; + # save disk usage by restricting to 1 bulk update per second + config = '' + [cache] + MAX_CACHE_SIZE = inf + MAX_UPDATES_PER_SECOND = 1 + MAX_CREATES_PER_MINUTE = 50 + ''; + storageSchemas = '' + [carbon] + pattern = ^carbon\. + retentions = 60:90d + + [default] + pattern = .* + retentions = 60s:30d,300s:1y + ''; + }; + }; +} -- cgit v1.2.3 From c2fd296ad671a73e85f830c84d860e988587d9ac Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 16 Dec 2015 17:01:22 +0100 Subject: s 1 wolf: provide graphite --- shared/1systems/wolf.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index a3e527a3b..2c51ac8fe 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -12,6 +12,7 @@ in ../2configs/shack-nix-cacher.nix ../2configs/shack-drivedroid.nix ../2configs/cac-ci.nix + ../2configs/graphite.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) -- cgit v1.2.3 From 5821d8438578db623a3e248c52fefa424fad0b51 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 19 Dec 2015 16:02:52 +0100 Subject: s 1 test-centos7: prepare to use generated networking --- shared/1systems/test-centos7.nix | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) (limited to 'shared') diff --git a/shared/1systems/test-centos7.nix b/shared/1systems/test-centos7.nix index 51e99600c..077a5d61b 100644 --- a/shared/1systems/test-centos7.nix +++ b/shared/1systems/test-centos7.nix @@ -3,29 +3,13 @@ let inherit (lib) head; - ip = "168.235.145.85"; - gw = "168.235.145.1"; in { imports = [ ../2configs/base.nix ../2configs/os-templates/CAC-CentOS-7-64bit.nix - { - networking.interfaces.enp2s1.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = gw; - networking.nameservers = [ - "8.8.8.8" - ]; - - } - { - sound.enable = false; - } + ../2configs/os-templates/temp-networking.nix ]; + sound.enable = false; krebs.build.host = config.krebs.hosts.test-centos7; } -- cgit v1.2.3