merge shared into krebs

14 files changed, 292 insertions, 0 deletions

diff --git a/krebs/1systems/test-all-krebs-modules/config.nix b/krebs/1systems/test-all-krebs-modules/config.nix
new file mode 100644
index 00000000..c0c14b71
--- /dev/null
+++ b/krebs/1systems/test-all-krebs-modules/config.nix
@@ -0,0 +1,55 @@
+{ config, pkgs, lib, ... }:
+let
+  en = { enable = true;};
+in {
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+  ];
+  krebs = {
+    enable = true;
+    build.user = config.krebs.users.krebs;
+    build.host = config.krebs.hosts.test-all-krebs-modules;
+    Reaktor.test = {};
+    apt-cacher-ng.enable = true;
+    backup.enable = true;
+    bepasty.enable = true;
+    # FIXME fast-tests / instantiate-test-all-modules fails at wolfbot
+    # http://wolf:8010/builders/fast-tests/builds/442
+    #buildbot.master.enable = true;
+    buildbot.worker = {
+      enable = true;
+      username = "lol";
+      password = "wut";
+    };
+    # XXX exim-retiolum and exim-smarthost are mutually exclusive
+    #exim-retiolum = {
+    #  enable = true;
+    #  primary_hostname = "test.r";
+    #};
+    exim-smarthost = {
+      enable = true;
+      primary_hostname = "test.r";
+      system-aliases = [ { from = "dick"; to = "butt"; } ];
+    };
+    go.enable = true;
+    iptables = {
+      enable = true;
+      tables = {};
+    };
+    realwallpaper.enable = true;
+    tinc.retiolum.enable = true;
+    retiolum-bootstrap.enable = true;
+    tinc_graphs.enable = true;
+    urlwatch.enable = true;
+    fetchWallpaper = {
+      enable = true;
+      url ="localhost";
+    };
+  };
+  # just get the system running
+  boot.loader.grub.devices = ["/dev/sda"];
+  fileSystems."/" = {
+    device = "/dev/lol";
+  };
+}
diff --git a/krebs/1systems/test-all-krebs-modules/source.nix b/krebs/1systems/test-all-krebs-modules/source.nix
new file mode 100644
index 00000000..66fdaa77
--- /dev/null
+++ b/krebs/1systems/test-all-krebs-modules/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-all-krebs-modules";
+}
diff --git a/krebs/1systems/test-arch/config.nix b/krebs/1systems/test-arch/config.nix
new file mode 100644
index 00000000..b5a4234e
--- /dev/null
+++ b/krebs/1systems/test-arch/config.nix
@@ -0,0 +1,33 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+    {
+      boot.loader.grub = {
+        device = "/dev/sda";
+        splashImage = null;
+      };
+
+      boot.initrd.availableKernelModules = [
+        "ata_piix"
+        "vmw_pvscsi"
+      ];
+
+      fileSystems."/" = {
+        device = "/dev/sda1";
+      };
+    }
+    {
+      networking.dhcpcd.allowInterfaces = [
+        "enp*"
+      ];
+    }
+    {
+      sound.enable = false;
+    }
+  ];
+
+  krebs.build.host = config.krebs.hosts.test-arch;
+}
diff --git a/krebs/1systems/test-arch/source.nix b/krebs/1systems/test-arch/source.nix
new file mode 100644
index 00000000..bff9d432
--- /dev/null
+++ b/krebs/1systems/test-arch/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-arch";
+}
diff --git a/krebs/1systems/test-centos6/config.nix b/krebs/1systems/test-centos6/config.nix
new file mode 100644
index 00000000..968f8b8f
--- /dev/null
+++ b/krebs/1systems/test-centos6/config.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) head;
+
+  ip = "168.235.148.52";
+  gw = "168.235.148.1";
+in {
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+    <stockholm/krebs/2configs/os-templates/CAC-CentOS-6.5-64bit.nix>
+    {
+      networking.interfaces.enp11s0.ip4 = [
+        {
+          address = ip;
+          prefixLength = 24;
+        }
+      ];
+      networking.defaultGateway = gw;
+      networking.nameservers = [
+        "8.8.8.8"
+      ];
+    }
+    {
+      sound.enable = false;
+    }
+  ];
+
+  krebs.build.host = config.krebs.hosts.test-centos6;
+}
diff --git a/krebs/1systems/test-centos6/source.nix b/krebs/1systems/test-centos6/source.nix
new file mode 100644
index 00000000..3693bbb2
--- /dev/null
+++ b/krebs/1systems/test-centos6/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-centos6";
+}
diff --git a/krebs/1systems/test-centos7/config.nix b/krebs/1systems/test-centos7/config.nix
new file mode 100644
index 00000000..732bc4f1
--- /dev/null
+++ b/krebs/1systems/test-centos7/config.nix
@@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) head;
+
+in {
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+    <stockholm/krebs/2configs/os-templates/CAC-CentOS-7-64bit.nix>
+    <stockholm/krebs/2configs/temp/networking.nix>
+    <stockholm/krebs/2configs/temp/dirs.nix>
+  ];
+
+  sound.enable = false;
+  krebs.build.host = config.krebs.hosts.test-centos7;
+}
diff --git a/krebs/1systems/test-centos7/source.nix b/krebs/1systems/test-centos7/source.nix
new file mode 100644
index 00000000..44230f08
--- /dev/null
+++ b/krebs/1systems/test-centos7/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-centos7";
+}
diff --git a/krebs/1systems/test-failing/config.nix b/krebs/1systems/test-failing/config.nix
new file mode 100644
index 00000000..0dc8e6bf
--- /dev/null
+++ b/krebs/1systems/test-failing/config.nix
@@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+  ];
+  programs.ssh.startAgent = true;
+  programs.ssh.startAgent = false;
+}
diff --git a/krebs/1systems/test-failing/source.nix b/krebs/1systems/test-failing/source.nix
new file mode 100644
index 00000000..60b77a0a
--- /dev/null
+++ b/krebs/1systems/test-failing/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-failing";
+}
diff --git a/krebs/1systems/test-minimal-deploy/config.nix b/krebs/1systems/test-minimal-deploy/config.nix
new file mode 100644
index 00000000..9974b4f7
--- /dev/null
+++ b/krebs/1systems/test-minimal-deploy/config.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+  ];
+  krebs = {
+    enable = true;
+    build.user = config.krebs.users.krebs;
+    build.host = config.krebs.hosts.test-all-krebs-modules;
+  };
+  # just get the system to eval in nixos without errors
+  boot.loader.grub.devices = ["/dev/sda"];
+  fileSystems."/" = {
+    device = "/dev/lol";
+  };
+}
diff --git a/krebs/1systems/test-minimal-deploy/source.nix b/krebs/1systems/test-minimal-deploy/source.nix
new file mode 100644
index 00000000..032ab12b
--- /dev/null
+++ b/krebs/1systems/test-minimal-deploy/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "test-minimal-deploy";
+}
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
new file mode 100644
index 00000000..b8cc1b4a
--- /dev/null
+++ b/krebs/1systems/wolf/config.nix
@@ -0,0 +1,108 @@
+{ config, pkgs, ... }:
+let
+  shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
+in
+{
+  imports = [
+    <stockholm/krebs>
+    <stockholm/krebs/2configs>
+    <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+    <stockholm/krebs/2configs/collectd-base.nix>
+    <stockholm/krebs/2configs/central-stats-client.nix>
+    <stockholm/krebs/2configs/save-diskspace.nix>
+
+    <stockholm/krebs/2configs/cgit-mirror.nix>
+    <stockholm/krebs/2configs/graphite.nix>
+    <stockholm/krebs/2configs/repo-sync.nix>
+    <stockholm/krebs/2configs/shared-buildbot.nix>
+
+    <stockholm/krebs/2configs/shack/worlddomination.nix>
+    <stockholm/krebs/2configs/shack/drivedroid.nix>
+    # <stockholm/krebs/2configs/shack/nix-cacher.nix>
+    <stockholm/krebs/2configs/shack/mqtt_sub.nix>
+    <stockholm/krebs/2configs/shack/muell_caller.nix>
+    <stockholm/krebs/2configs/shack/radioactive.nix>
+    <stockholm/krebs/2configs/shack/share.nix>
+
+  ];
+  # use your own binary cache, fallback use cache.nixos.org (which is used by
+  # apt-cacher-ng in first place)
+
+  services.influxdb.enable = true;
+
+  # local discovery in shackspace
+  nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
+  krebs.tinc.retiolum.extraConfig = "TCPOnly = yes";
+  services.grafana = {
+    enable = true;
+    addr = "0.0.0.0";
+    users.allowSignUp = true;
+    users.allowOrgCreate = true;
+    users.autoAssignOrg = true;
+    auth.anonymous.enable = true;
+    security = import <secrets/grafana_security.nix>;
+  };
+
+  nix = {
+    # use the up to date prism cache
+    binaryCaches = [
+      "http://cache.prism.r"
+      "https://cache.nixos.org/"
+    ];
+    binaryCachePublicKeys = [
+      "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
+      "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
+    ];
+  };
+
+  networking = {
+    firewall.enable = false;
+    firewall.allowedTCPPorts = [ 8088 8086 8083 ];
+    interfaces.enp0s3.ip4 = [{
+      address = shack-ip;
+      prefixLength = 20;
+    }];
+
+    defaultGateway = "10.42.0.1";
+    nameservers = [ "10.42.0.100" "10.42.0.200" ];
+  };
+
+  #####################
+  # uninteresting stuff
+  #####################
+  krebs.build.host = config.krebs.hosts.wolf;
+
+  boot.kernel.sysctl = {
+    # Enable IPv6 Privacy Extensions
+    "net.ipv6.conf.all.use_tempaddr" = 2;
+    "net.ipv6.conf.default.use_tempaddr" = 2;
+  };
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk"
+  ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/vda";
+
+  fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
+
+  swapDevices = [
+    { device = "/dev/disk/by-label/swap";  }
+  ];
+  # fallout of ipv6calypse
+  networking.extraHosts = ''
+    hass.shack    10.42.2.191
+    heidi.shack   10.42.2.135
+  '';
+
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+    config.krebs.users.ulrich.pubkey
+  ];
+
+  time.timeZone = "Europe/Berlin";
+  sound.enable = false;
+}
diff --git a/krebs/1systems/wolf/source.nix b/krebs/1systems/wolf/source.nix
new file mode 100644
index 00000000..c292bfa6
--- /dev/null
+++ b/krebs/1systems/wolf/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+  name = "wolf";
+}