add buildbot

This commit is contained in:
Jörg Thalheim 2024-04-30 13:17:19 +02:00
parent 34f17d8dac
commit d3afa7f13d
4 changed files with 81 additions and 1 deletions

View File

@ -1,5 +1,31 @@
{
"nodes": {
"buildbot-nix": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": [
"treefmt-nix"
]
},
"locked": {
"lastModified": 1714469730,
"narHash": "sha256-jdTHiOGnqo9S4lzSPsGZECUIePrOE0/COCCP4lzBW9A=",
"owner": "Mic92",
"repo": "buildbot-nix",
"rev": "508ceb885636a0a949793f5c7924091b532fa10f",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "buildbot-nix",
"type": "github"
}
},
"clan-core": {
"inputs": {
"disko": "disko",
@ -148,6 +174,7 @@
},
"root": {
"inputs": {
"buildbot-nix": "buildbot-nix",
"clan-core": "clan-core",
"disko": "disko_2",
"flake-parts": "flake-parts",

View File

@ -24,11 +24,16 @@
# Use the version of nixpkgs that has been tested to work with SrvOS
srvos.inputs.nixpkgs.follows = "nixpkgs";
clan-core.url = "git+https://git.clan.lol/clan/clan-core?ref=synapse";
clan-core.url = "git+https://git.clan.lol/clan/clan-core?ref=error-handling";
clan-core.inputs.flake-parts.follows = "flake-parts";
clan-core.inputs.nixpkgs.follows = "nixpkgs";
clan-core.inputs.treefmt-nix.follows = "treefmt-nix";
clan-core.inputs.sops-nix.follows = "sops-nix";
buildbot-nix.url = "github:Mic92/buildbot-nix";
buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";
buildbot-nix.inputs.flake-parts.follows = "flake-parts";
buildbot-nix.inputs.treefmt-nix.follows = "treefmt-nix";
};
outputs = inputs@{ flake-parts, ... }:

42
modules/buildbot.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, ... }:
{
services.buildbot-nix.master = {
enable = true;
# Domain name under which the buildbot frontend is reachable
domain = "buildbot.clan.lol";
# The workers file configures credentials for the buildbot workers to connect to the master.
# "name" is the configured worker name in services.buildbot-nix.worker.name of a worker
# (defaults to the hostname of the machine)
# "pass" is the password for the worker configured in `services.buildbot-nix.worker.workerPasswordFile`
# "cores" is the number of cpu cores the worker has.
# The number must match as otherwise potentially not enought buildbot-workers are created.
workersFile = config.sops.secrets.buildbot-workers-file.path;
gitea = {
enable = true;
instanceUrl = "https://git.clan.lol";
oauthSecretFile = config.sops.secrets.oauth-secret-file.path;
oauthId = "adb3425c-490f-4558-9487-8f8940d2925b";
topic = "buildbot-clan";
};
# optional nix-eval-jobs settings
evalWorkerCount = 10; # limit number of concurrent evaluations
evalMaxMemorySize = "4096"; # limit memory usage per evaluation
};
# Optional: Enable acme/TLS in nginx (recommended)
services.nginx.virtualHosts.${config.services.buildbot-nix.master.domain} = {
forceSSL = true;
useACME = true;
};
services.buildbot-nix.worker = {
enable = true;
workerPasswordFile = config.sops.secrets.buildbot-worker-password-file.path;
};
sops.secrets.oauth-secret-file = { };
sops.secrets.workers-file = { };
sops.secrets.worker-password-file = { };
}

View File

@ -15,6 +15,12 @@
./initrd-networking.nix
];
buildbot.imports = [
inputs.buildbot-nix.nixosModules.master
inputs.buildbot-nix.nixosModules.worker
./buildbot.nix
];
web01.imports = [
self.nixosModules.server
inputs.srvos.nixosModules.mixins-nginx