add build02 which will run nixpkgs-update only for now
This commit is contained in:
parent
ae11986b8e
commit
2dd585f3ce
6 changed files with 168 additions and 25 deletions
|
@ -21,7 +21,6 @@ in
|
||||||
./hydra.nix
|
./hydra.nix
|
||||||
./hydra-declarative-projects.nix
|
./hydra-declarative-projects.nix
|
||||||
./cache.nix
|
./cache.nix
|
||||||
./nixpkgs-update.nix
|
|
||||||
./marvin-mk2.nix
|
./marvin-mk2.nix
|
||||||
./matterbridge.nix
|
./matterbridge.nix
|
||||||
|
|
||||||
|
|
48
build02/cache.nix
Normal file
48
build02/cache.nix
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
postBuildHook = pkgs.writeScript "post-build-hook.sh" ''
|
||||||
|
#!${pkgs.runtimeShell}
|
||||||
|
export PATH=$PATH:${pkgs.nix}/bin
|
||||||
|
exec ${pkgs.cachix}/bin/cachix -c /var/lib/post-build-hook/nix-community-cachix.dhall push nix-community $OUT_PATHS
|
||||||
|
'';
|
||||||
|
|
||||||
|
sockPath = "/run/post-build-hook.sock";
|
||||||
|
|
||||||
|
queueBuildHook = pkgs.writeScript "post-build-hook.sh" ''
|
||||||
|
${pkgs.queued-build-hook}/bin/queued-build-hook queue --socket ${sockPath}
|
||||||
|
'';
|
||||||
|
|
||||||
|
sources = import ../nix/sources.nix;
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: {
|
||||||
|
queued-build-hook = (import sources.queued-build-hook { pkgs = super; });
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.sockets.queued-build-hook = {
|
||||||
|
description = "Post-build-hook socket";
|
||||||
|
wantedBy = [ "sockets.target" ];
|
||||||
|
socketConfig = {
|
||||||
|
ListenStream = sockPath;
|
||||||
|
SocketUser = "root";
|
||||||
|
SocketMode = "0600";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.queued-build-hook = {
|
||||||
|
description = "Post-build-hook service";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" "queued-build-hook.socket" ];
|
||||||
|
requires = [ "queued-build-hook.socket" ];
|
||||||
|
serviceConfig.ExecStart = "${pkgs.queued-build-hook}/bin/queued-build-hook daemon --retry-interval 30 --hook ${postBuildHook}";
|
||||||
|
};
|
||||||
|
|
||||||
|
nix.extraOptions = ''
|
||||||
|
post-build-hook = ${queueBuildHook}
|
||||||
|
'';
|
||||||
|
|
||||||
|
}
|
59
build02/configuration.nix
Normal file
59
build02/configuration.nix
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
userImports =
|
||||||
|
let
|
||||||
|
toUserPath = f: ../users/. + "/${f}";
|
||||||
|
onlyUserFiles = x:
|
||||||
|
lib.hasSuffix ".nix" x &&
|
||||||
|
x != "lib.nix"
|
||||||
|
;
|
||||||
|
userDirEntries = builtins.readDir ../users;
|
||||||
|
userFiles = builtins.filter onlyUserFiles (lib.attrNames userDirEntries);
|
||||||
|
in
|
||||||
|
builtins.map toUserPath userFiles;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
./cache.nix
|
||||||
|
./nixpkgs-update.nix
|
||||||
|
|
||||||
|
../profiles/common.nix
|
||||||
|
../profiles/docker.nix
|
||||||
|
] ++ userImports;
|
||||||
|
|
||||||
|
# /boot is a mirror raid
|
||||||
|
boot.loader.grub.devices = [ "/dev/nvme0n1" "/dev/nvme1n1" ];
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
|
||||||
|
networking.hostName = "nix-community-build02";
|
||||||
|
networking.hostId = "af9ccc71";
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.defaultGateway = "95.217.109.129";
|
||||||
|
networking.nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
||||||
|
networking.interfaces."enp35s0" = {
|
||||||
|
ipv4.addresses = [ { address = "95.217.109.189"; prefixLength = 26; } ];
|
||||||
|
ipv6.addresses = [ { address = "fe80::aaa1:59ff:fe0e:aa61"; prefixLength = 64; } ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# nginx is being used as the frontend HTTP server for all the services
|
||||||
|
# running on the box
|
||||||
|
services.nginx.enable = true;
|
||||||
|
networking.firewall = {
|
||||||
|
# for Nginx
|
||||||
|
allowedTCPPorts = [ 443 80 ];
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
|
security.acme.email = "trash@nix-community.org";
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
|
|
||||||
|
nix.gc.automatic = true;
|
||||||
|
nix.gc.options = "--delete-older-than 30d";
|
||||||
|
|
||||||
|
system.stateVersion = "20.09";
|
||||||
|
|
||||||
|
}
|
26
build02/hardware-configuration.nix
Normal file
26
build02/hardware-configuration.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/29a6b37b-fafb-46a1-b856-1e1c20dc053b";
|
||||||
|
fsType = "f2fs";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/5021610e-ffdd-4721-ad23-63d10a6f4e2c"; }
|
||||||
|
{ device = "/dev/disk/by-uuid/e7a3712f-bc88-4b04-8823-58871494c132"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
}
|
|
@ -53,30 +53,6 @@ in
|
||||||
permissions = "0600";
|
permissions = "0600";
|
||||||
};
|
};
|
||||||
|
|
||||||
deployment.keys."id_rsa" = {
|
|
||||||
text = secrets.github-r-ryantm-key;
|
|
||||||
destDir = "/home/r-ryantm/.ssh";
|
|
||||||
user = "r-ryantm";
|
|
||||||
group = "r-ryantm";
|
|
||||||
permissions = "0600";
|
|
||||||
};
|
|
||||||
|
|
||||||
deployment.keys."github_token.txt" = {
|
|
||||||
text = secrets.github-r-ryantm-token;
|
|
||||||
destDir = "/var/lib/nixpkgs-update";
|
|
||||||
user = "r-ryantm";
|
|
||||||
group = "r-ryantm";
|
|
||||||
permissions = "0600";
|
|
||||||
};
|
|
||||||
|
|
||||||
deployment.keys."github_token_with_username.txt" = {
|
|
||||||
text = "r-ryantm:${secrets.github-r-ryantm-token}";
|
|
||||||
destDir = "/var/lib/nixpkgs-update";
|
|
||||||
user = "r-ryantm";
|
|
||||||
group = "r-ryantm";
|
|
||||||
permissions = "0600";
|
|
||||||
};
|
|
||||||
|
|
||||||
deployment.keys."marvin-mk2-key.pem" = {
|
deployment.keys."marvin-mk2-key.pem" = {
|
||||||
text = secrets."marvin-mk2-key.pem";
|
text = secrets."marvin-mk2-key.pem";
|
||||||
destDir = "/var/lib/marvin-mk2";
|
destDir = "/var/lib/marvin-mk2";
|
||||||
|
@ -137,4 +113,39 @@ in
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
build02 =
|
||||||
|
{ resources, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./build02/configuration.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
deployment.targetHost = "95.217.109.189";
|
||||||
|
|
||||||
|
deployment.keys."id_rsa" = {
|
||||||
|
text = secrets.github-r-ryantm-key;
|
||||||
|
destDir = "/home/r-ryantm/.ssh";
|
||||||
|
user = "r-ryantm";
|
||||||
|
group = "r-ryantm";
|
||||||
|
permissions = "0600";
|
||||||
|
};
|
||||||
|
|
||||||
|
deployment.keys."github_token.txt" = {
|
||||||
|
text = secrets.github-r-ryantm-token;
|
||||||
|
destDir = "/var/lib/nixpkgs-update";
|
||||||
|
user = "r-ryantm";
|
||||||
|
group = "r-ryantm";
|
||||||
|
permissions = "0600";
|
||||||
|
};
|
||||||
|
|
||||||
|
deployment.keys."github_token_with_username.txt" = {
|
||||||
|
text = "r-ryantm:${secrets.github-r-ryantm-token}";
|
||||||
|
destDir = "/var/lib/nixpkgs-update";
|
||||||
|
user = "r-ryantm";
|
||||||
|
group = "r-ryantm";
|
||||||
|
permissions = "0600";
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue