diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/1systems/hotdog/config.nix | 1 | ||||
-rw-r--r-- | krebs/2configs/gitlab-runner-shackspace.nix | 34 | ||||
-rw-r--r-- | krebs/3modules/newsbot-js.nix | 7 | ||||
-rw-r--r-- | krebs/3modules/nin/default.nix | 5 | ||||
-rw-r--r-- | krebs/3modules/rtorrent.nix | 23 | ||||
-rw-r--r-- | krebs/5pkgs/simple/newsbot-js/default.nix | 1 | ||||
-rw-r--r-- | krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix | 1 |
7 files changed, 67 insertions, 5 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 4807307ff..2ad22f49c 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -10,6 +10,7 @@ <stockholm/krebs/2configs> <stockholm/krebs/2configs/buildbot-all.nix> + <stockholm/krebs/2configs/gitlab-runner-shackspace.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> ]; diff --git a/krebs/2configs/gitlab-runner-shackspace.nix b/krebs/2configs/gitlab-runner-shackspace.nix new file mode 100644 index 000000000..d9b4cd589 --- /dev/null +++ b/krebs/2configs/gitlab-runner-shackspace.nix @@ -0,0 +1,34 @@ +{ config, ... }: +let + url = "https://git.shackspace.de/"; + # generate token from CI-token via: + ## gitlab-runner register + ## cat /etc/gitlab-runner/config.toml + token = import <secrets/shackspace-gitlab-ci-token.nix> ; +in { + systemd.services.gitlab-runner.path = [ + "/run/wrappers" # /run/wrappers/bin/su + "/" # /bin/sh + ]; + systemd.services.gitlab-runner.serviceConfig.PrivateTmp = true; + virtualisation.docker.enable = true; + services.gitlab-runner = { + enable = true; + # configFile, configOptions and gracefulTimeout not yet in stable + # gracefulTimeout = "120min"; + configText = '' + concurrent = 1 + check_interval = 0 + + [[runners]] + name = "krebs-shell" + url = "${url}" + token = "${token}" + executor = "shell" + shell = "sh" + environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"] + [runners.cache] + + ''; + }; +} diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix index 2ff9a5ebb..dd3e5647a 100644 --- a/krebs/3modules/newsbot-js.nix +++ b/krebs/3modules/newsbot-js.nix @@ -13,6 +13,11 @@ let api = { enable = mkEnableOption "Enable krebs newsbot"; + package = mkOption { + type = types.package; + default = pkgs.newsbot-js; + description = "newsbot package to use"; + }; ircServer = mkOption { type = types.str; default = "echelon.retiolum"; @@ -79,7 +84,7 @@ let serviceConfig = { User = "newsbot-js"; Restart = "always"; - ExecStart = "${pkgs.newsbot-js}/bin/newsbot"; + ExecStart = "${cfg.package}/bin/newsbot"; }; }; }; diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix index d5d13cd1a..aab568352 100644 --- a/krebs/3modules/nin/default.nix +++ b/krebs/3modules/nin/default.nix @@ -3,7 +3,10 @@ with import <stockholm/lib>; { - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.nin) { + hosts = mapAttrs (_: recursiveUpdate { + owner = config.krebs.users.nin; + ci = true; + }) { hiawatha = { cores = 2; nets = { diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index d85518993..472accef9 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, options, ... }: with import <stockholm/lib>; let @@ -73,6 +73,15 @@ let # authentication also applies to rtorrent.rutorrent enable = mkEnableOption "rtorrent nginx web RPC"; + addr = mkOption { + type = types.addr4; + default = "0.0.0.0"; + description = '' + the address to listen on + default is 0.0.0.0 + ''; + }; + port = mkOption { type = types.nullOr types.int; description ='' @@ -290,7 +299,7 @@ let services.nginx.enable = mkDefault true; services.nginx.virtualHosts.rtorrent = { default = mkDefault true; - inherit (webcfg) basicAuth port; + inherit (webcfg) basicAuth; root = optionalString rucfg.enable webdir; locations = { @@ -310,7 +319,15 @@ let include ${pkgs.nginx}/conf/fastcgi.conf; ''; } ); - }; + # workaround because upstream nginx api changed + # TODO remove when nobody uses 17.03 anymore + } // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then { + port = webcfg.port; + } else { + listen = [ + { inherit (webcfg) addr port; } + ]; + }); }; rutorrent-imp = { diff --git a/krebs/5pkgs/simple/newsbot-js/default.nix b/krebs/5pkgs/simple/newsbot-js/default.nix index b52454ca4..fa39823d3 100644 --- a/krebs/5pkgs/simple/newsbot-js/default.nix +++ b/krebs/5pkgs/simple/newsbot-js/default.nix @@ -32,6 +32,7 @@ in np.buildNodePackage { phases = [ "unpackPhase" + "patchPhase" "installPhase" ]; diff --git a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix new file mode 100644 index 000000000..963e6db8b --- /dev/null +++ b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix @@ -0,0 +1 @@ +"lol" |