Updated hypervisor input

2023-07-23 13:44:48 +02:00 · 2023-07-23 13:44:48 +02:00 · c208537f49
parent 8d187d1ef0
commit c208537f49
4 changed files with 131 additions and 21 deletions
--- a/flake.lock
+++ b/flake.lock
@ -242,9 +242,9 @@
      },
      "locked": {
        "lastModified": 1688319245,
-        "narHash": "sha256-+fXRVu4TDH8mxmZpSByJZCprKfHduFTLOb7sTm4w0RQ=",
+        "narHash": "sha256-fVIbXKvHmxSUAKTMiXx799UasQwU2XT+op7bzvtfl8c=",
        "ref": "main",
-        "rev": "89b36124b161492f140185815ec5b76a0b29dba7",
+        "rev": "9f32a304708fd9c91c081db05eee1b4f2e0226cc",
        "revCount": 5,
        "type": "git",
        "url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor"
@ -379,3 +379,4 @@
  "root": "root",
  "version": 7
 }
+
--- a/flake.nix
+++ b/flake.nix
@ -1,13 +1,6 @@
 {
  description = "NixOS configuration with flakes";

-  nixConfig.extra-substituters = [
-    "https://newtype.cachix.org"
-  ];
-  nixConfig.extra-trusted-public-keys = [
-    "newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
-  ];
-
  # To update all inputs:
  # $ nix flake update --recreate-lock-file
  inputs = {
@ -88,19 +81,19 @@
            ] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
          };
          packages = {
-          #  netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
-          #    # this nixosSystem is built for x86_64 machines regardless of the host machine
-          #    pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
-          #    inherit (inputs.nixpkgs.lib) nixosSystem;
-          #    extraModules = [
-          #      self.inputs.nur.nixosModules.nur
-          #      { _module.args.inputs = self.inputs; }
-          #    ];
-          #  };
+            #  netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
+            #    # this nixosSystem is built for x86_64 machines regardless of the host machine
+            #    pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
+            #    inherit (inputs.nixpkgs.lib) nixosSystem;
+            #    extraModules = [
+            #      self.inputs.nur.nixosModules.nur
+            #      { _module.args.inputs = self.inputs; }
+            #    ];
+            #  };

-          #  netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
-          #    inherit (self'.packages) netboot;
-          #  };
+            #  netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
+            #    inherit (self'.packages) netboot;
+            #  };
          };
        };
        flake = {
--- a/modules/buildbot/default.nix
+++ b/modules/buildbot/default.nix
@ -0,0 +1,57 @@
+{ lib, pkgs, config, ... }:
+with lib;
+let
+  cfg = config.luj.buildbot;
+  port = "1810";
+  package = pkgs.buildbot-worker;
+  python = package.pythonModule;
+  home = "/var/lib/buildbot-worker";
+  buildbotDir = "${home}/worker";
+in
+{
+  #buildbot worker
+
+  nix.settings.allowed-users = [ "buildbot-worker" ];
+  users.users.buildbot-worker = {
+    description = "Buildbot Worker User.";
+    isSystemUser = true;
+    createHome = true;
+    home = "/var/lib/buildbot-worker";
+    group = "buildbot-worker";
+    useDefaultShell = true;
+  };
+  users.groups.buildbot-worker = { };
+
+  systemd.services.buildbot-worker = {
+    reloadIfChanged = true;
+    description = "Buildbot Worker.";
+    after = [ "network.target" "buildbot-master.service" ];
+    wantedBy = [ "multi-user.target" ];
+    path = [
+      pkgs.unstable.nix-eval-jobs
+      pkgs.git
+      pkgs.gh
+      pkgs.nix
+      pkgs.nix-output-monitor
+    ];
+    environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
+    environment.MASTER_URL = ''tcp:host=ci.julienmalka.me'';
+    environment.BUILDBOT_DIR = buildbotDir;
+    environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
+
+    serviceConfig = {
+      Type = "simple";
+      User = "buildbot-worker";
+      Group = "buildbot-worker";
+      WorkingDirectory = home;
+
+      # Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
+      ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
+      ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${./worker.py}";
+    };
+  };
+
+}
+
+
+
--- a/modules/buildbot/worker.py
+++ b/modules/buildbot/worker.py
@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+
+import multiprocessing
+import os
+import socket
+from io import open
+
+from buildbot_worker.bot import Worker
+from twisted.application import service
+
+
+def require_env(key: str) -> str:
+    val = os.environ.get(key)
+    assert val is not None, "val is not set"
+    return val
+
+
+def setup_worker(application: service.Application, id: int) -> None:
+    basedir = f"{require_env('BUILDBOT_DIR')}-{id}"
+    os.makedirs(basedir, mode=0o700, exist_ok=True)
+
+    master_url = require_env("MASTER_URL")
+    hostname = socket.gethostname()
+    workername = f"{hostname}-{id}"
+
+    with open(
+        require_env("WORKER_PASSWORD_FILE"), "r", encoding="utf-8"
+    ) as passwd_file:
+        passwd = passwd_file.read().strip("\r\n")
+    keepalive = 600
+    umask = None
+    maxdelay = 300
+    numcpus = None
+    allow_shutdown = None
+
+    s = Worker(
+        None,
+        None,
+        workername,
+        passwd,
+        basedir,
+        keepalive,
+        connection_string=master_url,
+        umask=umask,
+        maxdelay=maxdelay,
+        numcpus=numcpus,
+        allow_shutdown=allow_shutdown,
+    )
+    s.setServiceParent(application)
+
+
+# note: this line is matched against to check that this is a worker
+# directory; do not edit it.
+application = service.Application("buildbot-worker")
+
+for i in range(14):
+    setup_worker(application, i)
+
+