From 46e61f0fed516f27f8121269d3cea78edc28c244 Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Tue, 18 Oct 2016 12:59:14 +0200 Subject: [PATCH 1/4] config hydra TMP --- public/hydra.nix | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 public/hydra.nix diff --git a/public/hydra.nix b/public/hydra.nix new file mode 100644 index 0000000..253902a --- /dev/null +++ b/public/hydra.nix @@ -0,0 +1,34 @@ +{ config, pkgs, ... }: + +{ + ####################################### HYDRA + + virtualisation.virtualbox.host.enable = true; + + # une fois installé : + # 1. créer chef SSH : ssh-keygen -C "hydra@pedro.dubronetwork.fr" -N "" -f /etc/nixos/id_buildfarm + # 2. récupérer la clef publique du serveur ssh : ssh-keyscan localhost + l'ajouter dans les knownHosts + # 2. créer un utilisateur + # su - hydra + # hydra-create-user jpierre03 --password toto --role 'admin' + # accessible à hydra.pedro.dubnronetwork.fr + services.hydra = { + enable = true; + hydraURL = "http://hydra.pedro.dubronetwork.fr"; + notificationSender = "hydra@${config.networking.hostName}"; + listenHost = "localhost"; + minimumDiskFree = 50; # Go + }; + + programs.ssh.knownHosts."pedro.dubronetwork.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7fjo2ysLqlfSo6BKnc6I6m1ayoPrbwEEyTKZmUzsOD"; + nix = { + distributedBuilds = true; + buildMachines = [ + { hostName = "pedro.dubronetwork.fr"; maxJobs = 2; speedFactor = 10; sshKey = "/etc/nixos/id_buildfarm"; sshUser = "root"; system = "x86_64-linux"; } + ]; + extraOptions = "auto-optimise-store = true"; + }; + # nix.gc = { + # automatic = true; + #}; +} From 2d770067b7bbd9d31120b83a67a9a0f5da0644cc Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Tue, 18 Oct 2016 13:03:49 +0200 Subject: [PATCH 2/4] hydra: ajout options pour les profils hydra --- config-generator.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config-generator.nix b/config-generator.nix index ff07362..f4931b2 100644 --- a/config-generator.nix +++ b/config-generator.nix @@ -42,6 +42,8 @@ in edition-photo = mkEnableOption "Profil pour la création/édition de photos."; edition-video = mkEnableOption "Profil pour la création/édition de video."; fail2ban = mkEnableOption "Profil pour activer Fail2ban."; + hydra-builder = mkEnableOption "Profil pour une machine qui compile pour hydra."; + hydra-core = mkEnableOption "Profil pour un serveur hydra."; jeux = mkEnableOption "Profil pour les jeux vidéos."; laptop = mkEnableOption "Profil pour les outils spécifiques aux ordinateurs portables.."; locate = mkEnableOption "Profil pour activer la fonction locate."; @@ -181,6 +183,7 @@ in }; r6d.config-generator = { + hydra-core = true; print = true; virtualbox = true; }; From e2e15cad3964c243ea8a8c2910a727dcd119795b Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Tue, 18 Oct 2016 13:05:46 +0200 Subject: [PATCH 3/4] =?UTF-8?q?hydra:=20ajout=20config=20core=20&=20builde?= =?UTF-8?q?r=20(pas=20test=C3=A9)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- public/public.nix | 2 ++ public/service-hydra-build.nix | 31 ++++++++++++++++++ public/service-hydra-core.nix | 58 ++++++++++++++++++++++++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 public/service-hydra-build.nix create mode 100644 public/service-hydra-core.nix diff --git a/public/public.nix b/public/public.nix index 7dc042f..2d43287 100644 --- a/public/public.nix +++ b/public/public.nix @@ -34,6 +34,8 @@ in ./auto-upgrade.nix # mise à jour automatique du système ./laptop.nix # appli & configuration adaptée pour un PC portable ./print.nix # configuration de base de cups + ./service-hydra-build.nix # service de construction de paquet. -> la machine compile des paquets + ./service-hydra-core.nix # service pour l'instance d'hydra ./service-laptop.nix # services spécifiques aux pc portables ./service-locate.nix # service locate ./swap.nix # définition de l'utilisation du swap diff --git a/public/service-hydra-build.nix b/public/service-hydra-build.nix new file mode 100644 index 0000000..e58b472 --- /dev/null +++ b/public/service-hydra-build.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkIf mkMerge mkThenElse; + cfg = config.r6d.config-generator; + computers = config.r6d.computers; + profiles = config.r6d.profiles; +in + +mkIf cfg.hydra-builder { + + # Paquets + environment.systemPackages = with pkgs; [ + ]; + + # Services + + + virtualisation.virtualbox.host.enable = true; + nix.gc.automatic = true; + + users.users."hydrabuild" = { + description = "Execution des job hydra"; + group = ["nixbld"]; + isNormalUser = false; + + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVMndtLDf++di38EE8rEG5QOCA5aKsBO/f0LIi1Ez87ZaNsjv9XvJW1f8Nt6KH+lSvB1Cp7QCRINawLavb714oZ248cuAu1Osq8lMSDnQlGqgJa+cgiww7PPvJU9YLkrx5LT0Suaskp64Iq4Ox1n+2zy2pIiFD/9Ueqmrt9GnztdQkkqYsGYMjNjY2PBFrkeCWhib9Y3t1eeWsugkegbNVFJtdU2AeqBiDT41dCne6WBJBoDy7wtP3a8ocYMv4G2ThUzLx0SOY5sDUTEQKgm7ncp4FRBSQBOiz1VanFrimKhNKtomY7Da8Ls31LpbDdnI6sauuSUtOvYb+h5QvWeFl root@pedro.dubronetwork.fr" + ]; + }; +} diff --git a/public/service-hydra-core.nix b/public/service-hydra-core.nix new file mode 100644 index 0000000..b60ee49 --- /dev/null +++ b/public/service-hydra-core.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkIf mkMerge mkThenElse; + cfg = config.r6d.config-generator; + computers = config.r6d.computers; + profiles = config.r6d.profiles; +in + +mkIf cfg.hydra-core { + + # Paquets + environment.systemPackages = with pkgs; [ + ]; + + # Services + + ## Hydra + # 2. créer un utilisateur pour gérer hydra + # su - hydra + # hydra-create-user jpierre03 --password xxx --role 'admin' + + services.hydra = { + enable = true; + hydraURL = "http://hydra.${config.networking.hostName}"; + notificationSender = "hydra@${config.networking.hostName}"; + listenHost = "localhost"; + minimumDiskFree = 50; # Go + }; + + ## Ménage + nix.gc = { + automatic = true; + }; + + ## Délégation des actions de compilation à la compilefarm + + ### Machines connues + # 2. récupérer la clef publique du serveur ssh : ssh-keyscan localhost + l'ajouter dans les knownHosts + + programs.ssh.knownHosts = { + "pedro.dubronetwork.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7fjo2ysLqlfSo6BKnc6I6m1ayoPrbwEEyTKZmUzsOD"; + }; + + # une fois installé : + # 1. créer chef SSH : ssh-keygen -C "hydra@pedro.dubronetwork.fr" -N "" -f /etc/nixos/id_buildfarm + # accessible à hydra.pedro.dubnronetwork.fr + + + nix = { + distributedBuilds = true; + buildMachines = [ + # { hostName = "pedro.dubronetwork.fr"; maxJobs = 2; speedFactor = 10; sshKey = "/etc/nixos/id_buildfarm"; sshUser = "root"; system = "x86_64-linux"; } + ]; + extraOptions = "auto-optimise-store = true"; + }; + +} From 7dbfccf2f4e557717817715d9ea137236fc155a2 Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Tue, 18 Oct 2016 13:12:10 +0200 Subject: [PATCH 4/4] =?UTF-8?q?hydra:=20d=C3=A9sactivation=20gc=20car=20co?= =?UTF-8?q?nflit?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- public/service-hydra-core.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/public/service-hydra-core.nix b/public/service-hydra-core.nix index b60ee49..8f26062 100644 --- a/public/service-hydra-core.nix +++ b/public/service-hydra-core.nix @@ -29,9 +29,7 @@ mkIf cfg.hydra-core { }; ## Ménage - nix.gc = { - automatic = true; - }; + #nix.gc.automatic = true; ## Délégation des actions de compilation à la compilefarm