Merge remote-tracking branch 'gum/master'
This commit is contained in:
lassulus
commit
92c4fee6dc
krebs/3modules
makefu
shared/2configs
|
|
@ -132,6 +132,16 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
secrets = mkOption {
|
||||
default = [];
|
||||
type = types.listOf types.str;
|
||||
example = [ "cac.json" ];
|
||||
description = ''
|
||||
List of all the secrets in <secrets> which should be copied into the
|
||||
buildbot master directory.
|
||||
'';
|
||||
};
|
||||
|
||||
slaves = mkOption {
|
||||
default = {};
|
||||
type = types.attrsOf types.str;
|
||||
|
|
@ -344,10 +354,10 @@ let
|
|||
fi
|
||||
# always override the master.cfg
|
||||
cp ${buildbot-master-config} ${workdir}/master.cfg
|
||||
|
||||
# copy secrets
|
||||
cp ${secretsdir}/cac.json ${workdir}
|
||||
cp ${secretsdir}/retiolum-ci.rsa_key.priv \
|
||||
${workdir}/retiolum.rsa_key.priv
|
||||
${ concatMapStringsSep "\n"
|
||||
(f: "cp ${secretsdir}/${f} ${workdir}/${f}" ) cfg.secrets }
|
||||
# sanity
|
||||
${buildbot}/bin/buildbot checkconfig ${workdir}
|
||||
|
||||
|
|
|
|||
|
|
@ -83,6 +83,9 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@pornocauster";
|
||||
|
||||
};
|
||||
|
||||
vbob = {
|
||||
|
|
@ -108,6 +111,8 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPLTMl+thSq77cjYa2XF7lz5fA7JMftrLo8Dy/OBXSg root@nixos";
|
||||
};
|
||||
flap = rec {
|
||||
cores = 1;
|
||||
|
|
@ -238,6 +243,8 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry";
|
||||
};
|
||||
filepimp = rec {
|
||||
cores = 1;
|
||||
|
|
@ -287,6 +294,8 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch";
|
||||
};
|
||||
gum = rec {
|
||||
cores = 1;
|
||||
|
|
@ -327,6 +336,8 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
|
||||
};
|
||||
};
|
||||
users = addNames rec {
|
||||
|
|
|
|||
|
|
@ -6,11 +6,11 @@ let
|
|||
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
|
||||
in {
|
||||
imports = [
|
||||
# TODO: copy this config or move to krebs
|
||||
../2configs/tinc-basic-retiolum.nix
|
||||
../2configs/headless.nix
|
||||
../2configs/fs/simple-swap.nix
|
||||
../2configs/fs/single-partition-ext4.nix
|
||||
../2configs/smart-monitor.nix
|
||||
# ../2configs/iodined.nix
|
||||
../2configs/git/cgit-retiolum.nix
|
||||
../2configs/mattermost-docker.nix
|
||||
|
|
@ -18,6 +18,7 @@ in {
|
|||
|
||||
../2configs/exim-retiolum.nix
|
||||
../2configs/urlwatch.nix
|
||||
|
||||
];
|
||||
|
||||
|
||||
|
|
|
|||
18
makefu/2configs/smart-monitor.nix
Normal file
18
makefu/2configs/smart-monitor.nix
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
services.smartd = {
|
||||
enable = true;
|
||||
notifications = {
|
||||
mail = {
|
||||
enable = true;
|
||||
recipient = config.krebs.users.makefu.mail;
|
||||
};
|
||||
};
|
||||
# short daily, long weekly, check on boot
|
||||
defaults.monitored = "-a -o on -s (S/../.././02|L/../../7/04)";
|
||||
|
||||
devices = [{
|
||||
device = "/dev/sda";
|
||||
}];
|
||||
};
|
||||
}
|
||||
|
|
@ -1,6 +1,22 @@
|
|||
{ config, ... }:
|
||||
{ config, lib, ... }:
|
||||
|
||||
{
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
urlwatch = with pkgs.pythonPackages; buildPythonPackage rec {
|
||||
name = "urlwatch-1.18";
|
||||
|
||||
propagatedBuildInputs = [ futures ];
|
||||
|
||||
src = pkgs.fetchurl {
|
||||
url = "http://thp.io/2008/urlwatch/${name}.tar.gz";
|
||||
sha256 = "090qfgx249ks7103sap6w47f8302ix2k46wxhfssxwsqcqdl25vb";
|
||||
};
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram "$out/bin/urlwatch" --prefix "PYTHONPATH" : "$PYTHONPATH"
|
||||
'';
|
||||
};
|
||||
};
|
||||
krebs.urlwatch = {
|
||||
enable = true;
|
||||
mailto = config.krebs.users.makefu.mail;
|
||||
|
|
@ -12,7 +28,7 @@
|
|||
http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release
|
||||
https://pypi.python.org/simple/bepasty/
|
||||
https://pypi.python.org/simple/xstatic/
|
||||
http://cvs2svn.tigris.org/svn/cvs2svn/tags/
|
||||
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ in {
|
|||
};
|
||||
networking.firewall.allowedTCPPorts = [ 8010 9989 ];
|
||||
krebs.buildbot.master = {
|
||||
secrets = [
|
||||
"cac.json"
|
||||
];
|
||||
slaves = {
|
||||
testslave = "krebspass";
|
||||
omo = "krebspass";
|
||||
|
|
@ -93,9 +96,8 @@ in {
|
|||
# slave needs 2 files:
|
||||
# * cac.json
|
||||
# * retiolum
|
||||
for file in ["cac.json", "retiolum.rsa_key.priv"]:
|
||||
s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/{}".format(file),
|
||||
slavedest=file))
|
||||
s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", slavedest="cac.json"))
|
||||
s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", slavedest="retiolum.rsa_key.priv"))
|
||||
|
||||
addShell(s, name="infest-cac-centos7",env=env,
|
||||
sigtermTime=60, # SIGTERM 1 minute before SIGKILL
|
||||
|
|
|
|||
Loading…
Reference in a new issue