From e2e15cad3964c243ea8a8c2910a727dcd119795b Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Tue, 18 Oct 2016 13:05:46 +0200 Subject: [PATCH] =?UTF-8?q?hydra:=20ajout=20config=20core=20&=20builder=20?= =?UTF-8?q?(pas=20test=C3=A9)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- public/public.nix | 2 ++ public/service-hydra-build.nix | 31 ++++++++++++++++++ public/service-hydra-core.nix | 58 ++++++++++++++++++++++++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 public/service-hydra-build.nix create mode 100644 public/service-hydra-core.nix diff --git a/public/public.nix b/public/public.nix index 7dc042f..2d43287 100644 --- a/public/public.nix +++ b/public/public.nix @@ -34,6 +34,8 @@ in ./auto-upgrade.nix # mise à jour automatique du système ./laptop.nix # appli & configuration adaptée pour un PC portable ./print.nix # configuration de base de cups + ./service-hydra-build.nix # service de construction de paquet. -> la machine compile des paquets + ./service-hydra-core.nix # service pour l'instance d'hydra ./service-laptop.nix # services spécifiques aux pc portables ./service-locate.nix # service locate ./swap.nix # définition de l'utilisation du swap diff --git a/public/service-hydra-build.nix b/public/service-hydra-build.nix new file mode 100644 index 0000000..e58b472 --- /dev/null +++ b/public/service-hydra-build.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkIf mkMerge mkThenElse; + cfg = config.r6d.config-generator; + computers = config.r6d.computers; + profiles = config.r6d.profiles; +in + +mkIf cfg.hydra-builder { + + # Paquets + environment.systemPackages = with pkgs; [ + ]; + + # Services + + + virtualisation.virtualbox.host.enable = true; + nix.gc.automatic = true; + + users.users."hydrabuild" = { + description = "Execution des job hydra"; + group = ["nixbld"]; + isNormalUser = false; + + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVMndtLDf++di38EE8rEG5QOCA5aKsBO/f0LIi1Ez87ZaNsjv9XvJW1f8Nt6KH+lSvB1Cp7QCRINawLavb714oZ248cuAu1Osq8lMSDnQlGqgJa+cgiww7PPvJU9YLkrx5LT0Suaskp64Iq4Ox1n+2zy2pIiFD/9Ueqmrt9GnztdQkkqYsGYMjNjY2PBFrkeCWhib9Y3t1eeWsugkegbNVFJtdU2AeqBiDT41dCne6WBJBoDy7wtP3a8ocYMv4G2ThUzLx0SOY5sDUTEQKgm7ncp4FRBSQBOiz1VanFrimKhNKtomY7Da8Ls31LpbDdnI6sauuSUtOvYb+h5QvWeFl root@pedro.dubronetwork.fr" + ]; + }; +} diff --git a/public/service-hydra-core.nix b/public/service-hydra-core.nix new file mode 100644 index 0000000..b60ee49 --- /dev/null +++ b/public/service-hydra-core.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) mkIf mkMerge mkThenElse; + cfg = config.r6d.config-generator; + computers = config.r6d.computers; + profiles = config.r6d.profiles; +in + +mkIf cfg.hydra-core { + + # Paquets + environment.systemPackages = with pkgs; [ + ]; + + # Services + + ## Hydra + # 2. créer un utilisateur pour gérer hydra + # su - hydra + # hydra-create-user jpierre03 --password xxx --role 'admin' + + services.hydra = { + enable = true; + hydraURL = "http://hydra.${config.networking.hostName}"; + notificationSender = "hydra@${config.networking.hostName}"; + listenHost = "localhost"; + minimumDiskFree = 50; # Go + }; + + ## Ménage + nix.gc = { + automatic = true; + }; + + ## Délégation des actions de compilation à la compilefarm + + ### Machines connues + # 2. récupérer la clef publique du serveur ssh : ssh-keyscan localhost + l'ajouter dans les knownHosts + + programs.ssh.knownHosts = { + "pedro.dubronetwork.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7fjo2ysLqlfSo6BKnc6I6m1ayoPrbwEEyTKZmUzsOD"; + }; + + # une fois installé : + # 1. créer chef SSH : ssh-keygen -C "hydra@pedro.dubronetwork.fr" -N "" -f /etc/nixos/id_buildfarm + # accessible à hydra.pedro.dubnronetwork.fr + + + nix = { + distributedBuilds = true; + buildMachines = [ + # { hostName = "pedro.dubronetwork.fr"; maxJobs = 2; speedFactor = 10; sshKey = "/etc/nixos/id_buildfarm"; sshUser = "root"; system = "x86_64-linux"; } + ]; + extraOptions = "auto-optimise-store = true"; + }; + +}