Merge remote-tracking branch 'prism/master' into master

5 files changed, 50 insertions, 68 deletions

diff --git a/krebs/2configs/shack/gitlab-runner.nix b/krebs/2configs/shack/gitlab-runner.nix
index bd391851a..ecb064579 100644
--- a/krebs/2configs/shack/gitlab-runner.nix
+++ b/krebs/2configs/shack/gitlab-runner.nix
@@ -1,24 +1,48 @@
-{ pkgs, ... }:
-let
-  runner-src = builtins.fetchTarball {
-    url = "https://gitlab.com/arianvp/nixos-gitlab-runner/-/archive/master/nixos-gitlab-runner-master.tar.gz";
-    sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi";
-  };
-in
+{ pkgs,lib, ... }:
 {
-  imports = [
-    "${runner-src}/gitlab-runner.nix"
-  ];
-  services.gitlab-runner2 = {
+  services.gitlab-runner = {
     enable = true;
-    ## registrationConfigurationFile contains:
-    # CI_SERVER_URL=<CI server URL>
-    # REGISTRATION_TOKEN=<registration secret>
-    # RUNNER_TAG_LIST=nix,shacklan
-    # RUNNER_NAME=stockholm-runner-$name
-    registrationConfigFile = <secrets/shackspace-gitlab-ci>;
-    #gracefulTermination = true;
+    services= {
+      # runner for building in docker via host's nix-daemon
+      # nix store will be readable in runner, might be insecure
+      nix = with lib;{
+        # File should contain at least these two variables:
+        # `CI_SERVER_URL`
+        # `REGISTRATION_TOKEN`
+        registrationConfigFile = toString <secrets/shackspace-gitlab-ci>;
+        dockerImage = "alpine";
+        dockerVolumes = [
+          "/nix/store:/nix/store:ro"
+          "/nix/var/nix/db:/nix/var/nix/db:ro"
+          "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+        ];
+        dockerDisableCache = true;
+        preBuildScript = pkgs.writeScript "setup-container" ''
+          mkdir -p -m 0755 /nix/var/log/nix/drvs
+          mkdir -p -m 0755 /nix/var/nix/gcroots
+          mkdir -p -m 0755 /nix/var/nix/profiles
+          mkdir -p -m 0755 /nix/var/nix/temproots
+          mkdir -p -m 0755 /nix/var/nix/userpool
+          mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
+          mkdir -p -m 1777 /nix/var/nix/profiles/per-user
+          mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
+          mkdir -p -m 0700 "$HOME/.nix-defexpr"
+          . ${pkgs.nix}/etc/profile.d/nix.sh
+          ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
+          ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable
+          ${pkgs.nix}/bin/nix-channel --update nixpkgs
+        '';
+        environmentVariables = {
+          ENV = "/etc/profile";
+          USER = "root";
+          NIX_REMOTE = "daemon";
+          PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
+          NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
+        };
+        tagList = [ "nix" "shacklan" ];
+      };
+    };
   };
-  systemd.services.gitlab-runner2.restartIfChanged = false;
+  systemd.services.gitlab-runner.restartIfChanged = false;
   systemd.services.docker.restartIfChanged = false;
 }
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index f47bca2db..04843cb24 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -21,23 +21,10 @@ in {
         '';
     };
   };
-  services.home-assistant = let
-      dwd_pollen = pkgs.fetchFromGitHub {
-        owner = "marcschumacher";
-        repo = "dwd_pollen";
-        rev = "0.1";
-        sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
-      };
-    in {
+  services.home-assistant =
+    {
     enable = true;
-    package = (pkgs.home-assistant.overrideAttrs (old: { # TODO: find correct python package
-      installCheckPhase = ''
-        echo LOLLLLLLLLLLLLLL
-      '';
-      postInstall = ''
-        cp -r ${dwd_pollen} $out/lib/python3.7/site-packages/homeassistant/components/dwd_pollen
-      '';
-    })).override {
+    package = pkgs.home-assistant.override {
       extraPackages = ps: with ps; [
         python-forecastio jsonrpc-async jsonrpc-websocket mpd2 pkgs.picotts
       ];
diff --git a/krebs/2configs/shack/glados/deps/dwd_pollen.nix b/krebs/2configs/shack/glados/deps/dwd_pollen.nix
deleted file mode 100644
index 39d9c3069..000000000
--- a/krebs/2configs/shack/glados/deps/dwd_pollen.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-{ lib
-, buildPythonPackage
-, fetchFromGitHub
-, python
-, voluptuous
-}:
-
-buildPythonPackage rec {
-  format = "other";
-  pname = "dwd_pollen";
-  version = "0.1";
-
-  src = fetchFromGitHub {
-    owner = "marcschumacher";
-    repo = "dwd_pollen";
-    rev = version;
-    sha256 = "1af2mx99gv2hk1ad53g21fwkdfdbymqcdl3jvzd1yg7dgxlkhbj1";
-  };
-  propagatedBuildInputs = [
-    voluptuous
-  ];
-  installPhase = ''
-     install -D -t $out/${python.sitePackages}/homeassistant/components/sensor/dwd_pollen *
-  '';
-
-  meta = with lib; {
-    description = "Home Assistant component to retrieve Pollen data from DWD (Germany)";
-    homepage = https://github.com/marcschumacher/dwd_pollen;
-    license = licenses.mit;
-    maintainers = [ maintainers.makefu ];
-  };
-}
diff --git a/krebs/2configs/shack/mqtt_sub.nix b/krebs/2configs/shack/mqtt_sub.nix
index bd0b6df85..af2bc1e66 100644
--- a/krebs/2configs/shack/mqtt_sub.nix
+++ b/krebs/2configs/shack/mqtt_sub.nix
@@ -10,7 +10,7 @@ let
       sha256 = "1334jbbzlqizyp7zcn4hdswhhrnkj1p4p435n5nph82lzffrsi44";
     };
     buildInputs = [
-      (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
+      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
         docopt
         paho-mqtt
       ]))
diff --git a/krebs/2configs/shack/share.nix b/krebs/2configs/shack/share.nix
index 465d6ef69..d8d65d309 100644
--- a/krebs/2configs/shack/share.nix
+++ b/krebs/2configs/shack/share.nix
@@ -37,6 +37,9 @@
       # for legacy systems
       client min protocol = NT1
       server min protocol = NT1
+      workgroup = WORKGROUP
+      server string = ${config.networking.hostName}
+      netbios name = ${config.networking.hostName}
     '';
   };
 }