summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/hotdog/config.nix1
-rw-r--r--krebs/2configs/gitlab-runner-shackspace.nix34
-rw-r--r--krebs/3modules/newsbot-js.nix7
-rw-r--r--krebs/3modules/nin/default.nix5
-rw-r--r--krebs/3modules/rtorrent.nix23
-rw-r--r--krebs/5pkgs/simple/newsbot-js/default.nix1
-rw-r--r--krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix1
7 files changed, 67 insertions, 5 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 4807307ff..2ad22f49c 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -10,6 +10,7 @@
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/buildbot-all.nix>
+ <stockholm/krebs/2configs/gitlab-runner-shackspace.nix>
<stockholm/krebs/2configs/binary-cache/nixos.nix>
];
diff --git a/krebs/2configs/gitlab-runner-shackspace.nix b/krebs/2configs/gitlab-runner-shackspace.nix
new file mode 100644
index 000000000..d9b4cd589
--- /dev/null
+++ b/krebs/2configs/gitlab-runner-shackspace.nix
@@ -0,0 +1,34 @@
+{ config, ... }:
+let
+ url = "https://git.shackspace.de/";
+ # generate token from CI-token via:
+ ## gitlab-runner register
+ ## cat /etc/gitlab-runner/config.toml
+ token = import <secrets/shackspace-gitlab-ci-token.nix> ;
+in {
+ systemd.services.gitlab-runner.path = [
+ "/run/wrappers" # /run/wrappers/bin/su
+ "/" # /bin/sh
+ ];
+ systemd.services.gitlab-runner.serviceConfig.PrivateTmp = true;
+ virtualisation.docker.enable = true;
+ services.gitlab-runner = {
+ enable = true;
+ # configFile, configOptions and gracefulTimeout not yet in stable
+ # gracefulTimeout = "120min";
+ configText = ''
+ concurrent = 1
+ check_interval = 0
+
+ [[runners]]
+ name = "krebs-shell"
+ url = "${url}"
+ token = "${token}"
+ executor = "shell"
+ shell = "sh"
+ environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"]
+ [runners.cache]
+
+ '';
+ };
+}
diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix
index 2ff9a5ebb..dd3e5647a 100644
--- a/krebs/3modules/newsbot-js.nix
+++ b/krebs/3modules/newsbot-js.nix
@@ -13,6 +13,11 @@ let
api = {
enable = mkEnableOption "Enable krebs newsbot";
+ package = mkOption {
+ type = types.package;
+ default = pkgs.newsbot-js;
+ description = "newsbot package to use";
+ };
ircServer = mkOption {
type = types.str;
default = "echelon.retiolum";
@@ -79,7 +84,7 @@ let
serviceConfig = {
User = "newsbot-js";
Restart = "always";
- ExecStart = "${pkgs.newsbot-js}/bin/newsbot";
+ ExecStart = "${cfg.package}/bin/newsbot";
};
};
};
diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix
index d5d13cd1a..aab568352 100644
--- a/krebs/3modules/nin/default.nix
+++ b/krebs/3modules/nin/default.nix
@@ -3,7 +3,10 @@
with import <stockholm/lib>;
{
- hosts = mapAttrs (_: setAttr "owner" config.krebs.users.nin) {
+ hosts = mapAttrs (_: recursiveUpdate {
+ owner = config.krebs.users.nin;
+ ci = true;
+ }) {
hiawatha = {
cores = 2;
nets = {
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index d85518993..472accef9 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, options, ... }:
with import <stockholm/lib>;
let
@@ -73,6 +73,15 @@ let
# authentication also applies to rtorrent.rutorrent
enable = mkEnableOption "rtorrent nginx web RPC";
+ addr = mkOption {
+ type = types.addr4;
+ default = "0.0.0.0";
+ description = ''
+ the address to listen on
+ default is 0.0.0.0
+ '';
+ };
+
port = mkOption {
type = types.nullOr types.int;
description =''
@@ -290,7 +299,7 @@ let
services.nginx.enable = mkDefault true;
services.nginx.virtualHosts.rtorrent = {
default = mkDefault true;
- inherit (webcfg) basicAuth port;
+ inherit (webcfg) basicAuth;
root = optionalString rucfg.enable webdir;
locations = {
@@ -310,7 +319,15 @@ let
include ${pkgs.nginx}/conf/fastcgi.conf;
''; }
);
- };
+ # workaround because upstream nginx api changed
+ # TODO remove when nobody uses 17.03 anymore
+ } // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then {
+ port = webcfg.port;
+ } else {
+ listen = [
+ { inherit (webcfg) addr port; }
+ ];
+ });
};
rutorrent-imp = {
diff --git a/krebs/5pkgs/simple/newsbot-js/default.nix b/krebs/5pkgs/simple/newsbot-js/default.nix
index b52454ca4..fa39823d3 100644
--- a/krebs/5pkgs/simple/newsbot-js/default.nix
+++ b/krebs/5pkgs/simple/newsbot-js/default.nix
@@ -32,6 +32,7 @@ in np.buildNodePackage {
phases = [
"unpackPhase"
+ "patchPhase"
"installPhase"
];
diff --git a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix
new file mode 100644
index 000000000..963e6db8b
--- /dev/null
+++ b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix
@@ -0,0 +1 @@
+"lol"