add buildbot
This commit is contained in:
parent
34f17d8dac
commit
d3afa7f13d
27
flake.lock
27
flake.lock
|
@ -1,5 +1,31 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"buildbot-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": [
|
||||||
|
"flake-parts"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"treefmt-nix": [
|
||||||
|
"treefmt-nix"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1714469730,
|
||||||
|
"narHash": "sha256-jdTHiOGnqo9S4lzSPsGZECUIePrOE0/COCCP4lzBW9A=",
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "buildbot-nix",
|
||||||
|
"rev": "508ceb885636a0a949793f5c7924091b532fa10f",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "buildbot-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"clan-core": {
|
"clan-core": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
|
@ -148,6 +174,7 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"buildbot-nix": "buildbot-nix",
|
||||||
"clan-core": "clan-core",
|
"clan-core": "clan-core",
|
||||||
"disko": "disko_2",
|
"disko": "disko_2",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts",
|
||||||
|
|
|
@ -24,11 +24,16 @@
|
||||||
# Use the version of nixpkgs that has been tested to work with SrvOS
|
# Use the version of nixpkgs that has been tested to work with SrvOS
|
||||||
srvos.inputs.nixpkgs.follows = "nixpkgs";
|
srvos.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
clan-core.url = "git+https://git.clan.lol/clan/clan-core?ref=synapse";
|
clan-core.url = "git+https://git.clan.lol/clan/clan-core?ref=error-handling";
|
||||||
clan-core.inputs.flake-parts.follows = "flake-parts";
|
clan-core.inputs.flake-parts.follows = "flake-parts";
|
||||||
clan-core.inputs.nixpkgs.follows = "nixpkgs";
|
clan-core.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
clan-core.inputs.treefmt-nix.follows = "treefmt-nix";
|
clan-core.inputs.treefmt-nix.follows = "treefmt-nix";
|
||||||
clan-core.inputs.sops-nix.follows = "sops-nix";
|
clan-core.inputs.sops-nix.follows = "sops-nix";
|
||||||
|
|
||||||
|
buildbot-nix.url = "github:Mic92/buildbot-nix";
|
||||||
|
buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
buildbot-nix.inputs.flake-parts.follows = "flake-parts";
|
||||||
|
buildbot-nix.inputs.treefmt-nix.follows = "treefmt-nix";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ flake-parts, ... }:
|
outputs = inputs@{ flake-parts, ... }:
|
||||||
|
|
42
modules/buildbot.nix
Normal file
42
modules/buildbot.nix
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
{ config, ... }:
|
||||||
|
{
|
||||||
|
services.buildbot-nix.master = {
|
||||||
|
enable = true;
|
||||||
|
# Domain name under which the buildbot frontend is reachable
|
||||||
|
domain = "buildbot.clan.lol";
|
||||||
|
# The workers file configures credentials for the buildbot workers to connect to the master.
|
||||||
|
# "name" is the configured worker name in services.buildbot-nix.worker.name of a worker
|
||||||
|
# (defaults to the hostname of the machine)
|
||||||
|
# "pass" is the password for the worker configured in `services.buildbot-nix.worker.workerPasswordFile`
|
||||||
|
# "cores" is the number of cpu cores the worker has.
|
||||||
|
# The number must match as otherwise potentially not enought buildbot-workers are created.
|
||||||
|
workersFile = config.sops.secrets.buildbot-workers-file.path;
|
||||||
|
|
||||||
|
gitea = {
|
||||||
|
enable = true;
|
||||||
|
instanceUrl = "https://git.clan.lol";
|
||||||
|
oauthSecretFile = config.sops.secrets.oauth-secret-file.path;
|
||||||
|
oauthId = "adb3425c-490f-4558-9487-8f8940d2925b";
|
||||||
|
topic = "buildbot-clan";
|
||||||
|
};
|
||||||
|
|
||||||
|
# optional nix-eval-jobs settings
|
||||||
|
evalWorkerCount = 10; # limit number of concurrent evaluations
|
||||||
|
evalMaxMemorySize = "4096"; # limit memory usage per evaluation
|
||||||
|
};
|
||||||
|
|
||||||
|
# Optional: Enable acme/TLS in nginx (recommended)
|
||||||
|
services.nginx.virtualHosts.${config.services.buildbot-nix.master.domain} = {
|
||||||
|
forceSSL = true;
|
||||||
|
useACME = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.buildbot-nix.worker = {
|
||||||
|
enable = true;
|
||||||
|
workerPasswordFile = config.sops.secrets.buildbot-worker-password-file.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
sops.secrets.oauth-secret-file = { };
|
||||||
|
sops.secrets.workers-file = { };
|
||||||
|
sops.secrets.worker-password-file = { };
|
||||||
|
}
|
|
@ -15,6 +15,12 @@
|
||||||
./initrd-networking.nix
|
./initrd-networking.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
buildbot.imports = [
|
||||||
|
inputs.buildbot-nix.nixosModules.master
|
||||||
|
inputs.buildbot-nix.nixosModules.worker
|
||||||
|
./buildbot.nix
|
||||||
|
];
|
||||||
|
|
||||||
web01.imports = [
|
web01.imports = [
|
||||||
self.nixosModules.server
|
self.nixosModules.server
|
||||||
inputs.srvos.nixosModules.mixins-nginx
|
inputs.srvos.nixosModules.mixins-nginx
|
||||||
|
|
Loading…
Reference in New Issue
Block a user