hydra: add harmonia on https://nix-serve.hq.c3d2.de
This commit is contained in:
parent
73d3076573
commit
9e7a7c9ee6
|
@ -157,7 +157,7 @@ in {
|
||||||
(builtins.readFile ../hosts/hydra/cache-pub.key)
|
(builtins.readFile ../hosts/hydra/cache-pub.key)
|
||||||
];
|
];
|
||||||
substituters = lib.mkIf (config.networking.hostName != "hydra") (
|
substituters = lib.mkIf (config.networking.hostName != "hydra") (
|
||||||
lib.mkBefore [ "https://hydra.hq.c3d2.de" ]
|
lib.mkBefore [ "https://nix-serve.hq.c3d2.de" ]
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
gc = {
|
gc = {
|
||||||
|
|
18
flake.lock
18
flake.lock
|
@ -132,6 +132,23 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"harmonia": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1664135560,
|
||||||
|
"narHash": "sha256-ODQX5+NTqztVtbqdubD1ED+0t6MDeQYnhqhgmUA5IGM=",
|
||||||
|
"owner": "astro",
|
||||||
|
"repo": "harmonia",
|
||||||
|
"rev": "ee0915762c43c71e3c76bd9d777ae7d99992a65f",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "astro",
|
||||||
|
"ref": "flake",
|
||||||
|
"repo": "harmonia",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"heliwatch": {
|
"heliwatch": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"fenix": [
|
"fenix": [
|
||||||
|
@ -623,6 +640,7 @@
|
||||||
"eris": "eris",
|
"eris": "eris",
|
||||||
"fenix": "fenix",
|
"fenix": "fenix",
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
|
"harmonia": "harmonia",
|
||||||
"heliwatch": "heliwatch",
|
"heliwatch": "heliwatch",
|
||||||
"hydra": "hydra",
|
"hydra": "hydra",
|
||||||
"hydra-ca": "hydra-ca",
|
"hydra-ca": "hydra-ca",
|
||||||
|
|
15
flake.nix
15
flake.nix
|
@ -43,6 +43,12 @@
|
||||||
inputs.nixpkgs.follows = "nixos";
|
inputs.nixpkgs.follows = "nixos";
|
||||||
};
|
};
|
||||||
flake-utils.url = "github:numtide/flake-utils";
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
|
harmonia = {
|
||||||
|
# TODO: pending https://github.com/helsinki-systems/harmonia/pull/39
|
||||||
|
# url = "github:helsinki-systems/harmonia";
|
||||||
|
url = "github:astro/harmonia/flake";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
heliwatch = {
|
heliwatch = {
|
||||||
url = "git+https://gitea.c3d2.de/astro/heliwatch.git";
|
url = "git+https://gitea.c3d2.de/astro/heliwatch.git";
|
||||||
inputs = {
|
inputs = {
|
||||||
|
@ -166,7 +172,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ self, eris, fenix, heliwatch, microvm, naersk, nixos, nixos-hardware, nixos-unstable, oparl-scraper, riscv64, scrapers, secrets, sshlogd, sops-nix, spacemsg, syndicate, ticker, tigger, yammat, zentralwerk, ... }:
|
outputs = inputs@{ self, eris, fenix, harmonia, heliwatch, microvm, naersk, nixos, nixos-hardware, nixos-unstable, oparl-scraper, riscv64, scrapers, secrets, sshlogd, sops-nix, spacemsg, syndicate, ticker, tigger, yammat, zentralwerk, ... }:
|
||||||
let
|
let
|
||||||
inherit (nixos) lib;
|
inherit (nixos) lib;
|
||||||
forAllSystems = lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
|
forAllSystems = lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
|
||||||
|
@ -312,7 +318,7 @@
|
||||||
let
|
let
|
||||||
host = getHostAddr name;
|
host = getHostAddr name;
|
||||||
target = ''root@"${host}"'';
|
target = ''root@"${host}"'';
|
||||||
rebuildArg = "--flake ${self}#${name} --option extra-substituters https://hydra.hq.c3d2.de";
|
rebuildArg = "--flake ${self}#${name} --option extra-substituters https://nix-serve.hq.c3d2.de";
|
||||||
hostConfig = self.nixosConfigurations."${name}".config;
|
hostConfig = self.nixosConfigurations."${name}".config;
|
||||||
profile = hostConfig.system.build.toplevel;
|
profile = hostConfig.system.build.toplevel;
|
||||||
# let /var/lib/microvm/*/flake point to the flake-update branch so that
|
# let /var/lib/microvm/*/flake point to the flake-update branch so that
|
||||||
|
@ -344,7 +350,7 @@
|
||||||
ssh ${target} -- bash -e <<EOF
|
ssh ${target} -- bash -e <<EOF
|
||||||
[[ \$(cat /etc/hostname) == ${name} ]]
|
[[ \$(cat /etc/hostname) == ${name} ]]
|
||||||
echo Copying data from Hydra to ${name}
|
echo Copying data from Hydra to ${name}
|
||||||
nix copy --from https://hydra.hq.c3d2.de \
|
nix copy --from https://nix-serve.hq.c3d2.de \
|
||||||
$TOPLEVEL
|
$TOPLEVEL
|
||||||
echo Activation on ${name}: "$@"
|
echo Activation on ${name}: "$@"
|
||||||
nix-env -p /nix/var/nix/profiles/system --set $TOPLEVEL
|
nix-env -p /nix/var/nix/profiles/system --set $TOPLEVEL
|
||||||
|
@ -436,7 +442,7 @@
|
||||||
echo Sharing with $h
|
echo Sharing with $h
|
||||||
ssh root@$h.cluster.zentralwerk.org -- \
|
ssh root@$h.cluster.zentralwerk.org -- \
|
||||||
bash -e <<EOF &
|
bash -e <<EOF &
|
||||||
nix copy --from https://hydra.hq.c3d2.de $JOB
|
nix copy --from https://nix-serve.hq.c3d2.de $JOB
|
||||||
mkdir -p /glusterfs/fast/microvms/${name}
|
mkdir -p /glusterfs/fast/microvms/${name}
|
||||||
chown microvm:kvm /glusterfs/fast/microvms/${name}
|
chown microvm:kvm /glusterfs/fast/microvms/${name}
|
||||||
chmod 0775 /glusterfs/fast/microvms/${name}
|
chmod 0775 /glusterfs/fast/microvms/${name}
|
||||||
|
@ -695,6 +701,7 @@
|
||||||
hydra = nixosSystem' {
|
hydra = nixosSystem' {
|
||||||
modules = [
|
modules = [
|
||||||
inputs.hydra.nixosModules.hydra
|
inputs.hydra.nixosModules.hydra
|
||||||
|
(harmonia + "/module.nix")
|
||||||
./hosts/hydra
|
./hosts/hydra
|
||||||
{
|
{
|
||||||
_module.args = {
|
_module.args = {
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ self, hostRegistry, hydra-ca, config, lib, pkgs, ... }:
|
{ self, hostRegistry, hydra-ca, config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cachePort = 5000;
|
||||||
|
|
||||||
|
in
|
||||||
{
|
{
|
||||||
containers = {
|
containers = {
|
||||||
hydra-ca = {
|
hydra-ca = {
|
||||||
|
@ -101,6 +106,18 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# A rust nix binary cache
|
||||||
|
harmonia = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
bind = "127.0.0.1:${toString cachePort}";
|
||||||
|
workers = "20";
|
||||||
|
max_connection_rate = 1024;
|
||||||
|
priority = 30;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
nginx =
|
nginx =
|
||||||
let
|
let
|
||||||
hydraVhost = {
|
hydraVhost = {
|
||||||
|
@ -119,7 +136,11 @@
|
||||||
locations."/".proxyPass = "http://192.168.100.2:3001";
|
locations."/".proxyPass = "http://192.168.100.2:3001";
|
||||||
};
|
};
|
||||||
"hydra.serv.zentralwerk.org" = hydraVhost;
|
"hydra.serv.zentralwerk.org" = hydraVhost;
|
||||||
"nix-serve.hq.c3d2.de" = hydraVhost; # TODO: remove
|
"nix-serve.hq.c3d2.de" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/".proxyPass = "http://localhost:${toString cachePort}";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
resolved.enable = false;
|
resolved.enable = false;
|
||||||
|
|
|
@ -38,7 +38,7 @@
|
||||||
if [ "$OLD" != "$NEW" ]; then
|
if [ "$OLD" != "$NEW" ]; then
|
||||||
echo "Fetching new system built by https://hydra.hq.c3d2.de/jobset/c3d2/nix-config"
|
echo "Fetching new system built by https://hydra.hq.c3d2.de/jobset/c3d2/nix-config"
|
||||||
# this should fetch the new system from the binary cache
|
# this should fetch the new system from the binary cache
|
||||||
nix copy --from https://hydra.hq.c3d2.de "$NEW"
|
nix copy --from https://nix-serve.hq.c3d2.de "$NEW"
|
||||||
if [ -e "$NEW/etc/systemd/system/autoupdate.timer" ]; then
|
if [ -e "$NEW/etc/systemd/system/autoupdate.timer" ]; then
|
||||||
echo "Switch to the new system..."
|
echo "Switch to the new system..."
|
||||||
nix-env -p /nix/var/nix/profiles/system --set $NEW
|
nix-env -p /nix/var/nix/profiles/system --set $NEW
|
||||||
|
@ -92,7 +92,7 @@
|
||||||
if [ "$OLD" != "$NEW" ]; then
|
if [ "$OLD" != "$NEW" ]; then
|
||||||
echo "Fetching new system built by https://hydra.hq.c3d2.de/jobset/c3d2/nix-config"
|
echo "Fetching new system built by https://hydra.hq.c3d2.de/jobset/c3d2/nix-config"
|
||||||
# this should fetch the new system from the binary cache
|
# this should fetch the new system from the binary cache
|
||||||
nix copy --from https://hydra.hq.c3d2.de "$NEW"
|
nix copy --from https://nix-serve.hq.c3d2.de "$NEW"
|
||||||
echo "Switch to the new system..."
|
echo "Switch to the new system..."
|
||||||
nix-env -p /nix/var/nix/profiles/system --set $NEW
|
nix-env -p /nix/var/nix/profiles/system --set $NEW
|
||||||
"$NEW/bin/switch-to-configuration" switch
|
"$NEW/bin/switch-to-configuration" switch
|
||||||
|
|
|
@ -85,7 +85,7 @@
|
||||||
cd /var/lib/microvms/$NAME
|
cd /var/lib/microvms/$NAME
|
||||||
if [ "$(cat flake)" = "git+https://gitea.c3d2.de/c3d2/nix-config?ref=flake-update" ]; then
|
if [ "$(cat flake)" = "git+https://gitea.c3d2.de/c3d2/nix-config?ref=flake-update" ]; then
|
||||||
NEW=$(curl -sLH "Accept: application/json" https://hydra.hq.c3d2.de/job/c3d2/nix-config/$NAME/latest | ${pkgs.jq}/bin/jq -r .buildoutputs.out.path)
|
NEW=$(curl -sLH "Accept: application/json" https://hydra.hq.c3d2.de/job/c3d2/nix-config/$NAME/latest | ${pkgs.jq}/bin/jq -r .buildoutputs.out.path)
|
||||||
nix copy --from https://hydra.hq.c3d2.de $NEW
|
nix copy --from https://nix-serve.hq.c3d2.de $NEW
|
||||||
|
|
||||||
if [ -e booted ]; then
|
if [ -e booted ]; then
|
||||||
nix store diff-closures $(readlink booted) $NEW
|
nix store diff-closures $(readlink booted) $NEW
|
||||||
|
|
Loading…
Reference in New Issue