server7: switch to flake, re-enable hydra
This commit is contained in:
parent
cf11f394b9
commit
6c84fc4ebf
27
flake.lock
Normal file
27
flake.lock
Normal file
|
@ -0,0 +1,27 @@
|
|||
{
|
||||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"info": {
|
||||
"lastModified": 1586508340,
|
||||
"narHash": "sha256-d5jSxQw5h2N72iLnMP1ri5atw5oTsjLvgO4cTe1C2IM="
|
||||
},
|
||||
"locked": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "807ca93fadd5197c2260490de0c76e500562dc05",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 5
|
||||
}
|
13
flake.nix
Normal file
13
flake.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
description = "C3D2 NixOS configurations";
|
||||
|
||||
edition = 201909;
|
||||
|
||||
outputs = { self, nixpkgs }: {
|
||||
nixosConfigurations.server7 = nixpkgs.lib.nixosSystem {
|
||||
modules =
|
||||
[ ./hosts/server7 ];
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -8,11 +8,12 @@ in {
|
|||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
|
||||
localAddress6 = with builtins; let
|
||||
hash = hashString "sha256" name;
|
||||
hextet0 = substring 0 4 hash;
|
||||
hextet1 = substring 4 4 hash;
|
||||
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
||||
localAddress6 = with builtins;
|
||||
let
|
||||
hash = hashString "sha256" name;
|
||||
hextet0 = substring 0 4 hash;
|
||||
hextet1 = substring 4 4 hash;
|
||||
in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
|
||||
# Generate a deterministic IPv6 address for the container.
|
||||
# This address is accessible within HQ and Yggdrasil but not from ARPANET.
|
||||
}
|
||||
|
|
|
@ -45,7 +45,7 @@ name:
|
|||
fancyindex on;
|
||||
# autoindex on;
|
||||
dav_access all:r;
|
||||
'';
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
let yggaddr = import ./yggaddr.nix;
|
||||
in {
|
||||
imports = [
|
||||
<nixpkgs/nixos/modules/profiles/minimal.nix>
|
||||
# <nixpkgs/nixos/modules/profiles/minimal.nix>
|
||||
../../lib
|
||||
../../lib/default-gateway.nix
|
||||
./borgbackup.nix
|
||||
|
@ -40,6 +40,7 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedGzipSettings = true;
|
||||
|
@ -54,6 +55,7 @@ in {
|
|||
boot.kernel.sysctl."net.ipv6.conf.eth0.accept_ra" = 2;
|
||||
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
configFile = "/var/lib/yggdrasil/keys";
|
||||
config.Peers = [
|
||||
"tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
|
|
@ -4,7 +4,7 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
||||
# imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
||||
|
||||
boot.initrd.availableKernelModules =
|
||||
[ "ehci_pci" "ahci" "nvme" "usbhid" "sd_mod" ];
|
||||
|
|
|
@ -1,173 +1,18 @@
|
|||
let
|
||||
hydraFlakes = pkgs:
|
||||
with pkgs;
|
||||
let
|
||||
perlDeps = buildEnv {
|
||||
name = "hydra-perl-deps";
|
||||
paths = with perlPackages; [
|
||||
ModulePluggable
|
||||
CatalystActionREST
|
||||
CatalystAuthenticationStoreDBIxClass
|
||||
CatalystDevel
|
||||
CatalystDispatchTypeRegex
|
||||
CatalystPluginAccessLog
|
||||
CatalystPluginAuthorizationRoles
|
||||
CatalystPluginCaptcha
|
||||
CatalystPluginSessionStateCookie
|
||||
CatalystPluginSessionStoreFastMmap
|
||||
CatalystPluginStackTrace
|
||||
CatalystPluginUnicodeEncoding
|
||||
CatalystTraitForRequestProxyBase
|
||||
CatalystViewDownload
|
||||
CatalystViewJSON
|
||||
CatalystViewTT
|
||||
CatalystXScriptServerStarman
|
||||
CatalystXRoleApplicator
|
||||
CryptRandPasswd
|
||||
DBDPg
|
||||
DBDSQLite
|
||||
DataDump
|
||||
DateTime
|
||||
DigestSHA1
|
||||
EmailMIME
|
||||
EmailSender
|
||||
FileSlurp
|
||||
IOCompress
|
||||
IPCRun
|
||||
JSON
|
||||
JSONAny
|
||||
JSONXS
|
||||
LWP
|
||||
LWPProtocolHttps
|
||||
NetAmazonS3
|
||||
NetPrometheus
|
||||
NetStatsd
|
||||
PadWalker
|
||||
Readonly
|
||||
SQLSplitStatement
|
||||
SetScalar
|
||||
Starman
|
||||
SysHostnameLong
|
||||
TermSizeAny
|
||||
TestMore
|
||||
TextDiff
|
||||
TextTable
|
||||
XMLSimple
|
||||
pkgs.nixFlakes
|
||||
pkgs.nixFlakes.perl-bindings
|
||||
git
|
||||
boehmgc
|
||||
];
|
||||
};
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
|
||||
name = "hydra-flake";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "NixOS";
|
||||
repo = "hydra";
|
||||
rev = "47797576838974c8209536b67bb45e953a50900f";
|
||||
sha256 = "1vqib99d7wgnl3c6ccx0xx2q88qmdkpydkb6gd0pik9wg2nn3jng";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
makeWrapper
|
||||
autoconf
|
||||
automake
|
||||
libtool
|
||||
unzip
|
||||
nukeReferences
|
||||
pkgconfig
|
||||
sqlite
|
||||
libpqxx
|
||||
gitAndTools.topGit
|
||||
mercurial
|
||||
darcs
|
||||
subversion
|
||||
bazaar
|
||||
openssl
|
||||
bzip2
|
||||
libxslt
|
||||
guile # optional, for Guile + Guix support
|
||||
perlDeps
|
||||
perl
|
||||
pkgs.nixFlakes
|
||||
postgresql95 # for running the tests
|
||||
boost
|
||||
(nlohmann_json.override { multipleHeaders = true; })
|
||||
];
|
||||
|
||||
hydraPath = lib.makeBinPath ([
|
||||
sqlite
|
||||
subversion
|
||||
openssh
|
||||
pkgs.nixFlakes
|
||||
coreutils
|
||||
findutils
|
||||
pixz
|
||||
gzip
|
||||
bzip2
|
||||
lzma
|
||||
gnutar
|
||||
unzip
|
||||
git
|
||||
gitAndTools.topGit
|
||||
mercurial
|
||||
darcs
|
||||
gnused
|
||||
bazaar
|
||||
] ++ lib.optionals stdenv.isLinux [ rpm dpkg cdrkit ]);
|
||||
|
||||
configureFlags = [ "--with-docbook-xsl=${docbook_xsl}/xml/xsl/docbook" ];
|
||||
|
||||
shellHook = ''
|
||||
PATH=$(pwd)/src/hydra-evaluator:$(pwd)/src/script:$(pwd)/src/hydra-eval-jobs:$(pwd)/src/hydra-queue-runner:$PATH
|
||||
PERL5LIB=$(pwd)/src/lib:$PERL5LIB
|
||||
'';
|
||||
|
||||
preConfigure = "autoreconf -vfi";
|
||||
|
||||
NIX_LDFLAGS = [ "-lpthread" ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
preCheck = ''
|
||||
patchShebangs .
|
||||
export LOGNAME=''${LOGNAME:-foo}
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/nix-support
|
||||
|
||||
for i in $out/bin/*; do
|
||||
read -n 4 chars < $i
|
||||
if [[ $chars =~ ELF ]]; then continue; fi
|
||||
wrapProgram $i \
|
||||
--prefix PERL5LIB ':' $out/libexec/hydra/lib:$PERL5LIB \
|
||||
--prefix PATH ':' $out/bin:$hydraPath \
|
||||
--set HYDRA_RELEASE 0.1 \
|
||||
--set HYDRA_HOME $out/libexec/hydra \
|
||||
--set NIX_RELEASE ${pkgs.nixFlakes.name or "unknown"}
|
||||
done
|
||||
'';
|
||||
|
||||
dontStrip = true;
|
||||
|
||||
meta.description = "Build of Hydra on ${system}";
|
||||
passthru.perlDeps = perlDeps;
|
||||
};
|
||||
in { config, pkgs, ... }: {
|
||||
{
|
||||
|
||||
services.hydra = {
|
||||
enable = true;
|
||||
hydraURL = "https://server7.hq.c3d2.de";
|
||||
logo = ./hydra.svg;
|
||||
notificationSender = "hydra@spam.works";
|
||||
package = hydraFlakes pkgs;
|
||||
package = pkgs.hydra-unstable;
|
||||
listenHost = "127.0.0.1";
|
||||
};
|
||||
|
||||
nix.trustedUsers = [ "hydra" ];
|
||||
|
||||
nix.buildMachines = [{
|
||||
hostName = "localhost";
|
||||
system = "x86_64-linux";
|
||||
|
|
|
@ -15,7 +15,9 @@
|
|||
addSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass =
|
||||
"http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
|
||||
"http://${config.services.nix-serve.bindAddress}:${
|
||||
toString config.services.nix-serve.port
|
||||
}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -3,8 +3,11 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
nixcloud-webservices = builtins.fetchGit {
|
||||
url = "https://github.com/nixcloud/nixcloud-webservices.git";
|
||||
nixcloud-webservices = pkgs.fetchFromGitHub {
|
||||
owner = "nixcloud";
|
||||
repo = "nixcloud-webservices";
|
||||
rev = "3a0767f0536fac811065eb87e6342f27eac085aa";
|
||||
sha256 = "vC0vBu+0HchrevuWsmE7giouKnSt/q4F0TffwhuNJv8=";
|
||||
};
|
||||
nixcloud = (
|
||||
import "${nixcloud-webservices}/pkgs" { inherit pkgs; }
|
||||
|
|
Loading…
Reference in New Issue
Block a user