sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move hydra projects to terraform

Browse source
This commit is contained in:
Jörg Thalheim 2022-05-14 22:18:06 +02:00
parent 1c9f92066c
commit bbffd6fcc7
No known key found for this signature in database
7 changed files with 121 additions and 192 deletions

14
README.md
View file

@ -28,6 +28,11 @@ $ $path
*(My [implementation](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/deploy/hm-only.nix#L10) of [this](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/bin/c#L92-L95) ~ckie)* *(My [implementation](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/deploy/hm-only.nix#L10) of [this](https://github.com/ckiee/nixfiles/blob/aac57f56e417e31f00fd495d8a30fb399ecbc19b/bin/c#L92-L95) ~ckie)*
## Hydra
If you want to build your project in our hydra, add a new project in this
[file](terraform/hydra-projects.tf).
## Support ## Support
If you hit any issues, ping us on Matrix in the If you hit any issues, ping us on Matrix in the
@ -47,11 +52,10 @@ room (see the admin list below) or create an issue here:
## Services ## Services
* BuildKite agent - on build01 * GitLab agent - on build03
* GitLab agent - on build01 * hound - on build03
* hound - on build01 * https://hydra.nix-community.org - on build03
* https://hydra.nix-community.org - on build01 * matterbridge - on build03
* matterbridge - on build01
* ryantm-updater bot - on build02 * ryantm-updater bot - on build02
## Hosts ## Hosts

47
services/hydra/create-declarative-project.sh
View file

@ -1,47 +0,0 @@
#!/usr/bin/env bash
#
# Usage example
# URL=http://localhost:3000 ./create-declarative-project.sh
set -euo pipefail
HYDRA_ADMIN_USERNAME=${HYDRA_ADMIN_USERNAME:-admin}
HYDRA_ADMIN_PASSWORD=${HYDRA_ADMIN_PASSWORD:-admin}
URL=${URL:-http://localhost:3000}
DECL_FILE=${DECL_FILE:-"spec.json"}
DECL_TYPE=${DECL_TYPE:-"git"}
DECL_VALUE=${DECL_VALUE:-"https://github.com/shlevy/declarative-hydra-example"}
DECL_PROJECT_NAME=${DECL_PROJECT_NAME:-"example"}
DECL_DISPLAY_NAME=${DECL_DISPLAY_NAME:-"An example project"}
DECL_DESCRIPTION=${DECL_DESCRIPTION:-""}
DECL_HOMEPAGE=${DECL_HOMEPAGE:-""}
mycurl() {
curl --fail --referer "${URL}" -H "Accept: application/json" -H "Content-Type: application/json" "$@"
}
echo "Logging to $URL with user $HYDRA_ADMIN_USERNAME"
cat >data.json <<EOF
{ "username": "$HYDRA_ADMIN_USERNAME", "password": "$HYDRA_ADMIN_PASSWORD" }
EOF
mycurl -X POST -d '@data.json' "$URL/login" -c hydra-cookie.txt
echo -e "\nCreating project:"
cat >data.json <<EOF
{
"displayname":"$DECL_DISPLAY_NAME",
"description":"$DECL_DESCRIPTION",
"homepage":"$DECL_HOMEPAGE",
"enabled":"1",
"visible":"1",
"declarative": {
"file": "$DECL_FILE",
"type":"$DECL_TYPE",
"value":"$DECL_VALUE"
}
}
EOF
cat data.json
mycurl --silent -X PUT "$URL/project/$DECL_PROJECT_NAME" -d @data.json -b hydra-cookie.txt
rm -f data.json hydra-cookie.txt

41
services/hydra/declarative-projects.nix
View file

@ -1,41 +0,0 @@
{ lib, pkgs, config, ... }:
{
services.hydra.declarativeProjects = {
emacs-overlay = {
displayName = "Emacs Overlay";
inputValue = "https://github.com/nix-community/emacs-overlay";
specFile = "hydra/spec.json";
description = "Bleeding edge emacs overlay";
homepage = "https://github.com/nix-community/emacs-overlay";
};
nix-data = {
displayName = "nix-data";
inputValue = "https://github.com/nix-community/nix-data";
specFile = "spec.json";
description = "Standard set of packages and overlays for data-scientists";
homepage = "https://github.com/nix-community/nix-data";
};
simple-nixos-mailserver = {
displayName = "Simple NixOS MailServer";
inputValue = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver";
specFile = ".hydra/spec.json";
description = "A complete and Simple Nixos Mailserver";
homepage = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver";
};
redoxpkgs = {
displayName = "Redoxpkgs";
inputValue = "https://github.com/nix-community/redoxpkgs";
specFile = ".hydra/spec.json";
description = "Packages for Redox";
homepage = "https://github.com/nix-community/redoxpkgs";
};
rust-for-linux = {
displayName = "Rust For Linux";
inputValue = "https://github.com/rust-for-linux/nix";
specFile = ".hydra/spec.json";
description = "Linux Kernel with Rust support";
homepage = "https://github.com/Rust-for-Linux/linux";
};
};
}

73
services/hydra/default.nix
View file

@ -6,25 +6,8 @@ let
cfg = config; cfg = config;
hydraPort = 3000; hydraPort = 3000;
hydraAdmin = "admin";
hydraAdminPasswordFile = config.sops.secrets.hydra-admin-password.path;
hydraUsersFile = config.sops.secrets.hydra-users.path;
createDeclarativeProjectScript = pkgs.stdenv.mkDerivation {
name = "create-declarative-project";
unpackPhase = ":";
buildInputs = [ pkgs.makeWrapper ];
installPhase = "install -m755 -D ${./create-declarative-project.sh} $out/bin/create-declarative-project";
postFixup = ''
wrapProgram "$out/bin/create-declarative-project" \
--prefix PATH ":" ${lib.makeBinPath [ pkgs.curl ]}
'';
};
in in
{ {
imports = [ ./declarative-projects.nix ];
options.services.hydra = { options.services.hydra = {
adminPasswordFile = mkOption { adminPasswordFile = mkOption {
type = types.str; type = types.str;
@ -39,44 +22,6 @@ in
Password hash is computed by applying sha1 to the password. Password hash is computed by applying sha1 to the password.
''; '';
}; };
declarativeProjects = mkOption {
description = "Declarative projects";
default = { };
type = with types; attrsOf (submodule {
options = {
inputValue = mkOption {
type = types.str;
description = "The input value";
example = "https://github.com/shlevy/declarative-hydra-example";
};
inputType = mkOption {
type = types.str;
default = "git";
description = "The type of the input value";
};
specFile = mkOption {
type = types.str;
default = "spec.json";
description = "The declarative spec file name";
};
displayName = mkOption {
type = types.str;
description = "The diplay name of the declarative project";
};
description = mkOption {
type = types.str;
default = "";
description = "The description of the declarative project";
};
homepage = mkOption {
type = types.str;
default = "";
description = "The homepage of the declarative project";
};
};
});
};
}; };
config = { config = {
sops.secrets.hydra-admin-password.owner = "hydra"; sops.secrets.hydra-admin-password.owner = "hydra";
@ -106,9 +51,9 @@ in
notificationSender = "hydra@hydra.nix-community.org"; notificationSender = "hydra@hydra.nix-community.org";
port = hydraPort; port = hydraPort;
useSubstitutes = true; useSubstitutes = true;
adminPasswordFile = hydraAdminPasswordFile; adminPasswordFile = config.sops.secrets.hydra-admin-password.path;
usersFile = hydraUsersFile; usersFile = config.sops.secrets.hydra-users.path;
extraConfig = '' extraConfig = ''
max_output_size = ${builtins.toString (8 * 1024 * 1024 * 1024)} max_output_size = ${builtins.toString (8 * 1024 * 1024 * 1024)}
@ -187,19 +132,7 @@ in
export HYDRA_ADMIN_PASSWORD=$(cat ${cfg.services.hydra.adminPasswordFile}) export HYDRA_ADMIN_PASSWORD=$(cat ${cfg.services.hydra.adminPasswordFile})
export URL=http://localhost:${toString hydraPort} export URL=http://localhost:${toString hydraPort}
'' + '';
(concatStringsSep "\n" (mapAttrsToList
(n: v: ''
export DECL_PROJECT_NAME="${n}"
export DECL_DISPLAY_NAME="${v.displayName}"
export DECL_VALUE="${v.inputValue}"
export DECL_TYPE="${v.inputType}"
export DECL_FILE="${v.specFile}"
export DECL_DESCRIPTION="${v.description}"
export DECL_HOMEPAGE="${v.homepage}"
${createDeclarativeProjectScript}/bin/create-declarative-project
'')
cfg.services.hydra.declarativeProjects));
}; };
}; };
} }

2
terraform/README.md
View file

@ -1,3 +1,3 @@
# Terraform # Terraform
Only used for DNS management right now. Used for DNS management and creating hydra projects.

28
terraform/hydra-jobsets.tf
View file

@ -1,28 +0,0 @@
resource "hydra_project" "kittybox" {
name = "kittybox"
display_name = "Kittybox"
description = "The IndieWeb blogging solution"
homepage = "https://sr.ht/~vikanezrimaya/kittybox"
owner = "admin"
enabled = true
visible = true
}
resource "hydra_jobset" "kittybox" {
project = hydra_project.kittybox.name
state = "enabled"
visible = true
name = "main"
type = "flake"
description = "main branch"
flake_uri = "git+https://git.sr.ht/~vikanezrimaya/kittybox?ref=main"
check_interval = 300
scheduling_shares = 3000
keep_evaluations = 3
email_notifications = false
#email_override = ""
}

108
terraform/hydra-projects.tf Normal file
View file

@ -0,0 +1,108 @@
# See https://github.com/DeterminateSystems/terraform-provider-hydra for explanation
resource "hydra_project" "kittybox" {
name = "kittybox"
display_name = "Kittybox"
description = "The IndieWeb blogging solution"
homepage = "https://sr.ht/~vikanezrimaya/kittybox"
owner = "admin"
enabled = true
visible = true
}
resource "hydra_jobset" "kittybox" {
project = hydra_project.kittybox.name
state = "enabled"
visible = true
name = "main"
type = "flake"
description = "main branch"
flake_uri = "git+https://git.sr.ht/~vikanezrimaya/kittybox?ref=main"
check_interval = 300
scheduling_shares = 3000
keep_evaluations = 3
email_notifications = false
}
resource "hydra_project" "emacs_overlay" {
name = "emacs-overlay"
display_name = "Emacs Overlay"
description = "Bleeding edge emacs overlay"
homepage = "https://github.com/nix-community/emacs-overlay"
owner = "admin"
enabled = true
visible = true
declarative {
file = "hydra/spec.json"
type = "git"
value = "https://github.com/nix-community/emacs-overlay"
}
}
resource "hydra_project" "nix_data" {
name = "nix-data"
display_name = "nix-data"
description = "Standard set of packages and overlays for data-scientists"
homepage = "https://github.com/nix-community/nix-data"
owner = "admin"
enabled = true
visible = true
declarative {
file = "spec.json"
type = "git"
value = "https://github.com/nix-community/nix-data"
}
}
resource "hydra_project" "simple_nixos_mailserver" {
name = "simple-nixos-mailserver"
display_name = "Simple NixOS MailServer"
description = "A complete and Simple Nixos Mailserver"
homepage = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
owner = "admin"
enabled = true
visible = true
declarative {
file = ".hydra/spec.json"
type = "git"
value = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
}
}
resource "hydra_project" "redoxpkgs" {
name = "redoxpkgs"
display_name = "Redoxpkgs"
description = "Packages for Redox"
homepage = "https://github.com/nix-community/redoxpkgs"
owner = "admin"
enabled = true
visible = true
declarative {
file = ".hydra/spec.json"
type = "git"
value = "https://github.com/nix-community/redoxpkgs"
}
}
resource "hydra_project" "rust_for_linux" {
name = "rust-for-linux"
display_name = "Rust For Linux"
description = "Linux Kernel with Rust support"
homepage = "https://github.com/Rust-for-Linux/linux"
owner = "admin"
enabled = true
visible = true
declarative {
file = ".hydra/spec.json"
type = "git"
value = "https://github.com/rust-for-linux/nix"
}
}