From e312a5f9616ac65102b63919d55bd72264a5e3a6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 13:37:39 +0200 Subject: krebs ci: add --force-populate --- krebs/3modules/ci.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 542a9252..6e4db6ed 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -116,8 +116,12 @@ in "dummy_secrets": "true", }, command=[ - "nix-shell", "--run", - "test --user={} --system={} --target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user, host, user) + "nix-shell", "--run", " ".join(["test", + "--user={}".format(user), + "--system={}".format(host), + "--force-populate", + "--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user), + ]) ] ) -- cgit v1.2.3 From b3d2040b1eb692c1add4a74774a216a0d2ae49cd Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 15:09:33 +0200 Subject: krebs: shared-buildbot -> buildbot-krebs --- krebs/1systems/hotdog/config.nix | 2 +- krebs/1systems/puyak/config.nix | 2 +- krebs/1systems/wolf/config.nix | 2 +- krebs/2configs/buildbot-krebs.nix | 18 ++++++++++++++++++ krebs/2configs/shared-buildbot.nix | 18 ------------------ 5 files changed, 21 insertions(+), 21 deletions(-) create mode 100644 krebs/2configs/buildbot-krebs.nix delete mode 100644 krebs/2configs/shared-buildbot.nix diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 26f392da..ab3db0f8 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -9,7 +9,7 @@ - + ]; krebs.build.host = config.krebs.hosts.hotdog; diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index e781f746..8454ba23 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -7,7 +7,7 @@ - + ]; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index e883a176..a0113fce 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -12,7 +12,7 @@ in - + diff --git a/krebs/2configs/buildbot-krebs.nix b/krebs/2configs/buildbot-krebs.nix new file mode 100644 index 00000000..7f243b50 --- /dev/null +++ b/krebs/2configs/buildbot-krebs.nix @@ -0,0 +1,18 @@ +{ lib, config, pkgs, ... }: +{ + imports = [ + + ]; + + networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; + krebs.ci.enable = true; + krebs.ci.users.krebs ={ + all = true; + hosts = [ + "test-arch" + "test-centos6" + "test-centos7" + "test-all-krebs-modules" + ]; + }; +} diff --git a/krebs/2configs/shared-buildbot.nix b/krebs/2configs/shared-buildbot.nix deleted file mode 100644 index 7f243b50..00000000 --- a/krebs/2configs/shared-buildbot.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, config, pkgs, ... }: -{ - imports = [ - - ]; - - networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; - krebs.ci.enable = true; - krebs.ci.users.krebs ={ - all = true; - hosts = [ - "test-arch" - "test-centos6" - "test-centos7" - "test-all-krebs-modules" - ]; - }; -} -- cgit v1.2.3 From cc8cc1bb63517072d442ce5d11a5d610b1a70dd7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 15:36:02 +0200 Subject: krebs hotdog: build all managed hosts (+ tests) --- krebs/1systems/hotdog/config.nix | 2 +- krebs/2configs/buildbot-all.nix | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 krebs/2configs/buildbot-all.nix diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index ab3db0f8..c056b4ea 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -9,7 +9,7 @@ - + ]; krebs.build.host = config.krebs.hosts.hotdog; diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix new file mode 100644 index 00000000..fe982c87 --- /dev/null +++ b/krebs/2configs/buildbot-all.nix @@ -0,0 +1,11 @@ +{ lib, config, pkgs, ... }: +{ + imports = [ + + ]; + krebs.ci.users.lass.all = true; + krebs.ci.users.makefu.all = true; + krebs.ci.users.nin.all = true; + krebs.ci.users.tv.all = true; +} + -- cgit v1.2.3 From b3fe41b83cc75087502b8a80ddb6d06b7cdd7f89 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 15:37:10 +0200 Subject: l: RIP buildbot-standalone --- lass/1systems/prism/config.nix | 1 - lass/2configs/buildbot-standalone.nix | 157 ---------------------------------- 2 files changed, 158 deletions(-) delete mode 100644 lass/2configs/buildbot-standalone.nix diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e8beed60..5d05ae39 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -30,7 +30,6 @@ in { - diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix deleted file mode 100644 index 18fd9bb9..00000000 --- a/lass/2configs/buildbot-standalone.nix +++ /dev/null @@ -1,157 +0,0 @@ -{ lib, config, pkgs, ... }: - -with import ; - -let - sshHostConfig = pkgs.writeText "ssh-config" '' - ControlMaster auto - ControlPath /tmp/%u_sshmux_%r@%h:%p - ControlPersist 4h - ''; - - hostname = config.networking.hostName; - -in { - config.services.nginx.virtualHosts.build = { - serverAliases = [ "build.${hostname}.r" ]; - locations."/".extraConfig = '' - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port}; - ''; - }; - - config.krebs.buildbot.master = let - stockholm-mirror-url = "http://cgit.${hostname}.r/stockholm"; - in { - slaves = { - testslave = "lasspass"; - }; - change_source.stockholm = '' - stockholm_repo = '${stockholm-mirror-url}' - cs.append( - changes.GitPoller( - stockholm_repo, - workdir='stockholm-poller', branches=True, - project='stockholm', - pollinterval=10 - ) - ) - ''; - scheduler = { - build-scheduler = '' - # build all hosts - sched.append( - schedulers.SingleBranchScheduler( - change_filter=util.ChangeFilter(branch_re=".*"), - treeStableTimer=10, - name="build-all-branches", - builderNames=["build-hosts"] - ) - ) - ''; - }; - builder_pre = '' - # prepare grab_repo step for stockholm - grab_repo = steps.Git( - repourl=stockholm_repo, - mode='full' - ) - - # prepare addShell function - def addShell(factory,**kwargs): - factory.addStep(steps.ShellCommand(**kwargs)) - ''; - builder = { - build-hosts = '' - f = util.BuildFactory() - f.addStep(grab_repo) - - def build_host(user, host): - addShell(f, - name="{}".format(i), - env={ - "LOGNAME": user, - "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - }, - command=[ - "nix-shell", "--run", - "test --system={} --target=buildbotSlave@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host) - ] - ) - - for i in [ "hotdog", "puyak", "test-all-krebs-modules", "test-centos7", "test-minimal-deploy", "wolf" ]: - build_host("krebs", i) - - for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: - build_host("lass", i) - - for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: - build_host("makefu", i) - - for i in [ "hiawatha", "onondaga" ]: - build_host("nin", i) - - for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]: - build_host("tv", i) - - bu.append( - util.BuilderConfig( - name="build-hosts", - slavenames=slavenames, - factory=f - ) - ) - - ''; - }; - enable = true; - web.enable = true; - irc = { - enable = true; - nick = "build|${hostname}"; - server = "ni.r"; - channels = [ "retiolum" "noise" ]; - allowForce = true; - }; - extraConfig = '' - c['buildbotURL'] = "http://build.${hostname}.r/" - ''; - }; - - config.krebs.buildbot.slave = { - enable = true; - masterhost = "localhost"; - username = "testslave"; - password = "lasspass"; - packages = with pkgs; [ gnumake jq nix populate ]; - }; - config.krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport 9989"; target = "ACCEPT"; } - ]; - }; - }; - - #ssh workaround for make test - options.lass.build-ssh-privkey = mkOption { - type = types.secret-file; - default = { - path = "${config.users.users.buildbotSlave.home}/.ssh/id_rsa"; - owner = { inherit (config.users.users.buildbotSlave ) name uid;}; - source-path = toString + "/build.ssh.key"; - }; - }; - config.krebs.secret.files = { - build-ssh-privkey = config.lass.build-ssh-privkey; - }; - config.users.users.buildbotSlave = { - useDefaultShell = true; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP" - ]; - }; -} -- cgit v1.2.3 From 568798cc1ede5346f05272e4bec07794d6443c08 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 18:18:31 +0200 Subject: cgit.prism.r: rip --- krebs/3modules/lass/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index c554391f..224c6f83 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -97,7 +97,6 @@ with import ; aliases = [ "prism.r" "build.prism.r" - "cgit.prism.r" "cache.prism.r" "paste.r" "p.r" -- cgit v1.2.3 From 46855a6a2fa1aa540e1cb1008b50f68a26b02049 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 18:21:10 +0200 Subject: l exim: add c-base@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 942653ba..fe3aa20b 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -35,6 +35,7 @@ with import ; { from = "polo@lassul.us"; to = lass.mail; } { from = "shack@lassul.us"; to = lass.mail; } { from = "nix@lassul.us"; to = lass.mail; } + { from = "c-base@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From 4c47e18ae27b57d4967bdf632fd21b981ed28137 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 18:23:44 +0200 Subject: l baseX: add nix-repl to pkgs --- lass/2configs/baseX.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 2357d6d2..86d0ac7c 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -53,6 +53,7 @@ in { haskellPackages.hledger much ncdu + nix-repl nmap pavucontrol powertop -- cgit v1.2.3 From f83fc4ba4b2ac2f6300e115133d6db1e871b7ca3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 18:41:46 +0200 Subject: krebs fetchWallpaper: implement cond-file robuster --- krebs/3modules/fetchWallpaper.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index cdb9fe70..8d4933cb 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -51,7 +51,7 @@ let mkdir -p ${cfg.stateDir} chmod o+rx ${cfg.stateDir} cd ${cfg.stateDir} - (curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || : + (curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper.tmp ${shell.escape cfg.url} && cp wallpaper.tmp wallpaper) || : feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper ''; -- cgit v1.2.3 From 32d8c202b0ec037dcf78ebf6ecad730cfb9c5272 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Jul 2017 20:20:40 +0200 Subject: icarus: set correct ipv6 --- krebs/3modules/lass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 224c6f83..f0722e9b 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -254,7 +254,7 @@ with import ; nets = rec { retiolum = { ip4.addr = "10.243.133.114"; - ip6.addr = "42:0:0:0:0:0:1ca0:1205"; + ip6.addr = "42:0:0:0:0:0:01ca:1205"; aliases = [ "icarus.r" "cgit.icarus.r" -- cgit v1.2.3