hydra: ajout config core & builder (pas testé)

9 years ago · e2e15cad39
parent 2d770067b7
commit e2e15cad39
3 changed files with 91 additions and 0 deletions
--- a/public/public.nix
+++ b/public/public.nix
@ -34,6 +34,8 @@ in
    ./auto-upgrade.nix          # mise à jour automatique du système
    ./laptop.nix                # appli & configuration adaptée pour un PC portable
    ./print.nix                 # configuration de base de cups
+    ./service-hydra-build.nix   # service de construction de paquet. -> la machine compile des paquets
+    ./service-hydra-core.nix    # service pour l'instance d'hydra
    ./service-laptop.nix        # services spécifiques aux pc portables
    ./service-locate.nix        # service locate
    ./swap.nix                  # définition de l'utilisation du swap
--- a/public/service-hydra-build.nix
+++ b/public/service-hydra-build.nix
@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf cfg.hydra-builder {
+
+  # Paquets
+  environment.systemPackages = with pkgs; [
+  ];
+
+  # Services
+
+
+  virtualisation.virtualbox.host.enable = true;
+  nix.gc.automatic = true;
+
+  users.users."hydrabuild" = {
+    description = "Execution des job hydra";
+    group = ["nixbld"];
+    isNormalUser = false;
+
+    openssh.authorizedKeys.keys = [
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVMndtLDf++di38EE8rEG5QOCA5aKsBO/f0LIi1Ez87ZaNsjv9XvJW1f8Nt6KH+lSvB1Cp7QCRINawLavb714oZ248cuAu1Osq8lMSDnQlGqgJa+cgiww7PPvJU9YLkrx5LT0Suaskp64Iq4Ox1n+2zy2pIiFD/9Ueqmrt9GnztdQkkqYsGYMjNjY2PBFrkeCWhib9Y3t1eeWsugkegbNVFJtdU2AeqBiDT41dCne6WBJBoDy7wtP3a8ocYMv4G2ThUzLx0SOY5sDUTEQKgm7ncp4FRBSQBOiz1VanFrimKhNKtomY7Da8Ls31LpbDdnI6sauuSUtOvYb+h5QvWeFl root@pedro.dubronetwork.fr"
+      ];
+  };
+}
--- a/public/service-hydra-core.nix
+++ b/public/service-hydra-core.nix
@ -0,0 +1,58 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf cfg.hydra-core {
+
+  # Paquets
+  environment.systemPackages = with pkgs; [
+  ];
+
+  # Services
+
+  ## Hydra
+  # 2. créer un utilisateur pour gérer hydra
+  # su - hydra
+  # hydra-create-user jpierre03 --password xxx --role 'admin'
+
+  services.hydra = {
+    enable = true;
+    hydraURL = "http://hydra.${config.networking.hostName}";
+    notificationSender = "hydra@${config.networking.hostName}";
+    listenHost = "localhost";
+    minimumDiskFree = 50; # Go
+  };
+
+  ## Ménage
+  nix.gc = {
+    automatic = true;
+  };
+
+  ## Délégation des actions de compilation à la compilefarm
+
+  ### Machines connues
+  # 2. récupérer la clef publique du serveur ssh : ssh-keyscan localhost + l'ajouter dans les knownHosts
+  
+  programs.ssh.knownHosts = {
+	"pedro.dubronetwork.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7fjo2ysLqlfSo6BKnc6I6m1ayoPrbwEEyTKZmUzsOD";
+  };
+
+  # une fois installé :
+  # 1. créer chef SSH : ssh-keygen -C "hydra@pedro.dubronetwork.fr" -N "" -f /etc/nixos/id_buildfarm
+  # accessible à hydra.pedro.dubnronetwork.fr
+
+  
+  nix = {
+    distributedBuilds = true;
+    buildMachines = [
+    #      { hostName = "pedro.dubronetwork.fr"; maxJobs = 2; speedFactor = 10; sshKey = "/etc/nixos/id_buildfarm"; sshUser = "root"; system = "x86_64-linux"; }
+    ];
+    extraOptions = "auto-optimise-store = true";
+  };
+  
+}