Merge remote-tracking branch 'gum/master' into HEAD
This commit is contained in:
commit
5ff77c7c64
|
@ -12,6 +12,7 @@
|
|||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.puyak;
|
||||
sound.enable = false;
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
|
|
|
@ -4,8 +4,7 @@ with import <stockholm/lib>;
|
|||
let
|
||||
|
||||
cfg = config.krebs.Reaktor;
|
||||
|
||||
workdir = "/var/lib/Reaktor";
|
||||
homedir = "/var/lib/Reaktor";
|
||||
|
||||
out = {
|
||||
options.krebs.Reaktor = api;
|
||||
|
@ -38,6 +37,14 @@ let
|
|||
default = [pkgs.ReaktorPlugins.nixos-version];
|
||||
};
|
||||
|
||||
workdir = mkOption {
|
||||
default = "/var/lib/Reaktor";
|
||||
type = types.path;
|
||||
description = ''
|
||||
path to be used as workdir (home dir is still /var/lib/Reaktor)
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
default = "";
|
||||
type = types.string;
|
||||
|
@ -84,7 +91,7 @@ let
|
|||
name = "Reaktor";
|
||||
uid = genid name;
|
||||
description = "Reaktor user";
|
||||
home = workdir;
|
||||
home = homedir;
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
|
@ -118,7 +125,7 @@ let
|
|||
REAKTOR_NICKNAME = botcfg.nickname;
|
||||
REAKTOR_DEBUG = (if botcfg.debug then "True" else "False");
|
||||
REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels;
|
||||
state_dir = workdir;
|
||||
state_dir = botcfg.workdir;
|
||||
|
||||
} // botcfg.extraEnviron;
|
||||
serviceConfig= {
|
||||
|
@ -129,6 +136,7 @@ let
|
|||
else
|
||||
''(${pkgs.Reaktor}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/reaktor-${name}-config.py''
|
||||
}
|
||||
mkdir -p ${botcfg.workdir}
|
||||
'';
|
||||
ExecStart = "${pkgs.Reaktor}/bin/reaktor run /tmp/reaktor-${name}-config.py";
|
||||
PrivateTmp = "true";
|
||||
|
|
|
@ -1,16 +1,15 @@
|
|||
{ coreutils, fetchgit, fetchFromGitHub, buildbot-classic, python2Packages, ... }:
|
||||
{ coreutils, fetchgit, git, buildbot-classic, python2Packages, ... }:
|
||||
|
||||
python2Packages.buildPythonApplication {
|
||||
name = "buildbot-classic-slave-0.8.12";
|
||||
name = "buildbot-classic-slave-0.8.13";
|
||||
namePrefix = "";
|
||||
|
||||
src = buildbot-classic.src;
|
||||
postUnpack = "sourceRoot=\${sourceRoot}/slave";
|
||||
|
||||
patchPhase = ''
|
||||
substituteInPlace buildslave/scripts/logwatcher.py --replace /usr/bin/tail ${coreutils}/bin/tail
|
||||
'';
|
||||
patchPhase = ":";
|
||||
|
||||
nativeBuildInputs = [ git ];
|
||||
propagatedBuildInputs = [ python2Packages.twisted ];
|
||||
doCheck = false;
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ fetchgit, fetchFromGitHub, python2Packages, ... }:
|
||||
{ fetchgit, fetchFromGitHub, python2Packages, git, ... }:
|
||||
let
|
||||
# https://github.com/NixOS/nixpkgs/issues/14026
|
||||
nixpkgs-fix = import (fetchgit {
|
||||
|
@ -8,18 +8,19 @@ let
|
|||
}) {};
|
||||
|
||||
in nixpkgs-fix.buildPythonApplication {
|
||||
name = "buildbot-classic-0.8.12";
|
||||
name = "buildbot-classic-0.8.13";
|
||||
namePrefix = "";
|
||||
patches = [];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "krebscode";
|
||||
repo = "buildbot-classic";
|
||||
rev = "5b4f5f6f1";
|
||||
sha256 = "1j3xn1gjzvsf90jvfmyln71fzlhjx642ivrqf47zfxpkacljja93";
|
||||
src = fetchgit {
|
||||
url = "https://github.com/krebscode/buildbot-classic";
|
||||
rev = "211ec7815";
|
||||
sha256 = "0cyn406r31qdqhpsih7w83x47b443svpgfhxqd6w3iryv0y1z95i";
|
||||
leaveDotGit = true;
|
||||
|
||||
};
|
||||
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
||||
|
||||
buildInputs = [ git ];
|
||||
patchPhase =
|
||||
# The code insists on /usr/bin/tail, /usr/bin/make, etc.
|
||||
'' echo "patching erroneous absolute path references..."
|
||||
|
@ -32,11 +33,11 @@ in nixpkgs-fix.buildPythonApplication {
|
|||
sed -i 's/==/>=/' setup.py
|
||||
'';
|
||||
|
||||
propagatedBuildInputs = [
|
||||
python2Packages.jinja2
|
||||
python2Packages.twisted
|
||||
nixpkgs-fix.pythonPackages.dateutil_1_5
|
||||
nixpkgs-fix.pythonPackages.sqlalchemy_migrate_0_7
|
||||
propagatedBuildInputs = with nixpkgs-fix.pythonPackages; [
|
||||
jinja2
|
||||
twisted
|
||||
dateutil_1_5
|
||||
sqlalchemy_migrate_0_7
|
||||
];
|
||||
doCheck = false;
|
||||
postInstall = ''
|
||||
|
|
|
@ -18,7 +18,7 @@ in {
|
|||
<stockholm/makefu/2configs/virtualization.nix>
|
||||
|
||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||
<stockholm/makefu/2configs/temp-share-samba.nix>
|
||||
<stockholm/makefu/2configs/share/temp-share-samba.nix>
|
||||
];
|
||||
services.samba.shares = {
|
||||
isos = {
|
||||
|
|
|
@ -44,7 +44,7 @@ in {
|
|||
kernelModules = [ "kvm-amd" ];
|
||||
extraModulePackages = [ ];
|
||||
};
|
||||
hardware.enableAllFirmware = true;
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
zramSwap.enable = true;
|
||||
|
@ -73,9 +73,9 @@ in {
|
|||
xfsmount = name: dev:
|
||||
{ "/media/${name}" = { device = dev; fsType = "xfs"; }; };
|
||||
in
|
||||
# (xfsmount "j0" (part1 jDisk0)) <stockholm/makefu>
|
||||
(xfsmount "j1" (part1 jDisk1)) <stockholm/makefu>
|
||||
(xfsmount "j2" (part1 jDisk2)) <stockholm/makefu>
|
||||
# (xfsmount "j0" (part1 jDisk0)) //
|
||||
(xfsmount "j1" (part1 jDisk1)) //
|
||||
(xfsmount "j2" (part1 jDisk2)) //
|
||||
(xfsmount "par0" (part1 jDisk3))
|
||||
;
|
||||
|
||||
|
|
|
@ -8,7 +8,6 @@
|
|||
[
|
||||
<stockholm/makefu>
|
||||
<stockholm/makefu/2configs/headless.nix>
|
||||
../../krebs/3modules/Reaktor.nix
|
||||
|
||||
# these will be overwritten by qemu-vm.nix but will be used if the system
|
||||
# is directly deployed
|
||||
|
|
|
@ -10,7 +10,8 @@
|
|||
<stockholm/makefu/2configs/gui/base.nix>
|
||||
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
|
||||
# hardware specifics are in here
|
||||
<stockholm/makefu/2configs/hw/tp-x200.nix #< imports tp-x2x0.nix>
|
||||
# imports tp-x2x0.nix
|
||||
<stockholm/makefu/2configs/hw/tp-x200.nix>
|
||||
|
||||
<stockholm/makefu/2configs/disable_v6.nix>
|
||||
<stockholm/makefu/2configs/rad1o.nix>
|
||||
|
|
|
@ -140,10 +140,10 @@ in {
|
|||
enable = false;
|
||||
databases = [ "nextcloud" ];
|
||||
};
|
||||
|
||||
krebs.secret.files.mysql_rootPassword = {
|
||||
path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
||||
owner.name = "root";
|
||||
source-path = toString <secrets> + "/mysql_rootPassword";
|
||||
};
|
||||
# dataDir is only defined after mysql is enabled
|
||||
# krebs.secret.files.mysql_rootPassword = {
|
||||
# path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
||||
# owner.name = "root";
|
||||
# source-path = toString <secrets> + "/mysql_rootPassword";
|
||||
# };
|
||||
}
|
||||
|
|
5
makefu/6tests/data/secrets/grafana_security.nix
Normal file
5
makefu/6tests/data/secrets/grafana_security.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
adminUser = "dick";
|
||||
adminPassword = "butt";
|
||||
}
|
||||
|
4
makefu/6tests/data/secrets/kibana-auth.nix
Normal file
4
makefu/6tests/data/secrets/kibana-auth.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
"dick" = "butt";
|
||||
}
|
||||
|
3
makefu/6tests/data/secrets/nsupdate-search.nix
Normal file
3
makefu/6tests/data/secrets/nsupdate-search.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
{
|
||||
"dick.nsupdate.info" = "butt";
|
||||
}
|
0
makefu/6tests/data/secrets/ssh.id_ed25519
Normal file
0
makefu/6tests/data/secrets/ssh.id_ed25519
Normal file
Loading…
Reference in a new issue