43 lines
1.6 KiB
Nix
43 lines
1.6 KiB
Nix
{ config, ... }:
|
|
{
|
|
services.buildbot-nix.master = {
|
|
enable = true;
|
|
# Domain name under which the buildbot frontend is reachable
|
|
domain = "buildbot.clan.lol";
|
|
# The workers file configures credentials for the buildbot workers to connect to the master.
|
|
# "name" is the configured worker name in services.buildbot-nix.worker.name of a worker
|
|
# (defaults to the hostname of the machine)
|
|
# "pass" is the password for the worker configured in `services.buildbot-nix.worker.workerPasswordFile`
|
|
# "cores" is the number of cpu cores the worker has.
|
|
# The number must match as otherwise potentially not enought buildbot-workers are created.
|
|
workersFile = config.sops.secrets.buildbot-workers-file.path;
|
|
|
|
gitea = {
|
|
enable = true;
|
|
instanceUrl = "https://git.clan.lol";
|
|
oauthSecretFile = config.sops.secrets.oauth-secret-file.path;
|
|
oauthId = "adb3425c-490f-4558-9487-8f8940d2925b";
|
|
topic = "buildbot-clan";
|
|
};
|
|
|
|
# optional nix-eval-jobs settings
|
|
evalWorkerCount = 10; # limit number of concurrent evaluations
|
|
evalMaxMemorySize = "4096"; # limit memory usage per evaluation
|
|
};
|
|
|
|
# Optional: Enable acme/TLS in nginx (recommended)
|
|
services.nginx.virtualHosts.${config.services.buildbot-nix.master.domain} = {
|
|
forceSSL = true;
|
|
useACME = true;
|
|
};
|
|
|
|
services.buildbot-nix.worker = {
|
|
enable = true;
|
|
workerPasswordFile = config.sops.secrets.buildbot-worker-password-file.path;
|
|
};
|
|
|
|
sops.secrets.oauth-secret-file = { };
|
|
sops.secrets.workers-file = { };
|
|
sops.secrets.worker-password-file = { };
|
|
}
|