2023-09-10 11:16:33 +00:00
|
|
|
{ nixpkgs, system, srvos, buildbot-nix, disko, ... }:
|
2023-09-10 09:16:51 +00:00
|
|
|
let
|
|
|
|
|
# some example configuration to make it eval
|
2023-09-10 10:11:50 +00:00
|
|
|
dummy = { config, modulesPath, ... }: {
|
2023-09-10 11:16:33 +00:00
|
|
|
imports = [
|
|
|
|
|
#srvos.nixosModules.server
|
|
|
|
|
#srvos.nixosModules.hardware-hetzner-cloud
|
|
|
|
|
disko.nixosModules.disko
|
|
|
|
|
./disko.nix
|
|
|
|
|
"${modulesPath}/profiles/qemu-guest.nix"
|
|
|
|
|
];
|
|
|
|
|
config = {
|
|
|
|
|
networking.hostName = "example-common";
|
|
|
|
|
system.stateVersion = config.system.nixos.version;
|
|
|
|
|
services.openssh.enable = true;
|
|
|
|
|
users.users.root.initialPassword = "fnord23";
|
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE joerg@turingmachine"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
#users.users.root.initialPassword = "fnord23";
|
|
|
|
|
#boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
|
|
|
|
|
#fileSystems."/".device = lib.mkDefault "/dev/sda";
|
|
|
|
|
|
|
|
|
|
#systemd.network.networks."10-uplink".networkConfig.Address = [ "2a01:4f9:c012:539b::/64" ];
|
|
|
|
|
};
|
2023-09-10 09:16:51 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
inherit (nixpkgs) lib;
|
|
|
|
|
inherit (lib) nixosSystem;
|
|
|
|
|
in
|
|
|
|
|
{
|
2023-09-10 11:16:33 +00:00
|
|
|
example-master = nixosSystem {
|
2023-09-10 09:16:51 +00:00
|
|
|
inherit system;
|
|
|
|
|
modules = [
|
|
|
|
|
dummy
|
2023-09-10 11:16:33 +00:00
|
|
|
{
|
2023-09-10 10:11:50 +00:00
|
|
|
services.buildbot-nix.master = {
|
2023-09-10 11:16:33 +00:00
|
|
|
enable = true;
|
2023-09-10 11:29:56 +00:00
|
|
|
domain = "buildbot2.thalheim.io";
|
2023-09-10 11:16:33 +00:00
|
|
|
workersFile = "/var/lib/secrets/buildbot-nix/workers.json";
|
2023-09-10 10:11:50 +00:00
|
|
|
github = {
|
2023-09-10 11:16:33 +00:00
|
|
|
tokenFile = "/var/lib/secrets/buildbot-nix/github-token";
|
|
|
|
|
webhookSecretFile = "/var/lib/secrets/buildbot-nix/github-webhook-secret";
|
|
|
|
|
oauthSecretFile = "/var/lib/secrets/buildbot-nix/github-oauth-secret";
|
2023-09-10 10:11:50 +00:00
|
|
|
oauthId = "2516248ec6289e4d9818122cce0cbde39e4b788d";
|
|
|
|
|
githubUser = "mic92-buildbot";
|
|
|
|
|
githubAdmins = [ "Mic92" ];
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-09-10 11:29:56 +00:00
|
|
|
services.nginx.virtualHosts."buildbot2.thalheim.io" = {
|
|
|
|
|
enableACME = true;
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
};
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
|
security.acme.acceptTerms = true;
|
|
|
|
|
security.acme.defaults.email = "joerg.acme@thalheim.io";
|
2023-09-10 10:11:50 +00:00
|
|
|
}
|
2023-09-10 09:16:51 +00:00
|
|
|
buildbot-nix.nixosModules.buildbot-master
|
|
|
|
|
];
|
|
|
|
|
};
|
2023-09-10 11:16:33 +00:00
|
|
|
example-worker = nixosSystem {
|
2023-09-10 09:16:51 +00:00
|
|
|
inherit system;
|
|
|
|
|
modules = [
|
|
|
|
|
dummy
|
2023-09-10 11:16:33 +00:00
|
|
|
{
|
2023-09-10 10:11:50 +00:00
|
|
|
services.buildbot-nix.worker = {
|
|
|
|
|
enable = true;
|
2023-09-10 11:16:33 +00:00
|
|
|
workerPasswordFile = "/var/lib/secrets/buildbot-nix/worker-password";
|
2023-09-10 10:11:50 +00:00
|
|
|
};
|
|
|
|
|
}
|
2023-09-10 09:16:51 +00:00
|
|
|
buildbot-nix.nixosModules.buildbot-worker
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
}
|
