Updated hypervisor input

This commit is contained in:
Julien Malka 2023-07-23 13:44:48 +02:00
parent 8d187d1ef0
commit c208537f49
No known key found for this signature in database
GPG key ID: 6FC74C847011FD83
4 changed files with 131 additions and 21 deletions

View file

@ -242,9 +242,9 @@
}, },
"locked": { "locked": {
"lastModified": 1688319245, "lastModified": 1688319245,
"narHash": "sha256-+fXRVu4TDH8mxmZpSByJZCprKfHduFTLOb7sTm4w0RQ=", "narHash": "sha256-fVIbXKvHmxSUAKTMiXx799UasQwU2XT+op7bzvtfl8c=",
"ref": "main", "ref": "main",
"rev": "89b36124b161492f140185815ec5b76a0b29dba7", "rev": "9f32a304708fd9c91c081db05eee1b4f2e0226cc",
"revCount": 5, "revCount": 5,
"type": "git", "type": "git",
"url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor" "url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor"
@ -379,3 +379,4 @@
"root": "root", "root": "root",
"version": 7 "version": 7
} }

View file

@ -1,13 +1,6 @@
{ {
description = "NixOS configuration with flakes"; description = "NixOS configuration with flakes";
nixConfig.extra-substituters = [
"https://newtype.cachix.org"
];
nixConfig.extra-trusted-public-keys = [
"newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
];
# To update all inputs: # To update all inputs:
# $ nix flake update --recreate-lock-file # $ nix flake update --recreate-lock-file
inputs = { inputs = {

View file

@ -0,0 +1,57 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.buildbot;
port = "1810";
package = pkgs.buildbot-worker;
python = package.pythonModule;
home = "/var/lib/buildbot-worker";
buildbotDir = "${home}/worker";
in
{
#buildbot worker
nix.settings.allowed-users = [ "buildbot-worker" ];
users.users.buildbot-worker = {
description = "Buildbot Worker User.";
isSystemUser = true;
createHome = true;
home = "/var/lib/buildbot-worker";
group = "buildbot-worker";
useDefaultShell = true;
};
users.groups.buildbot-worker = { };
systemd.services.buildbot-worker = {
reloadIfChanged = true;
description = "Buildbot Worker.";
after = [ "network.target" "buildbot-master.service" ];
wantedBy = [ "multi-user.target" ];
path = [
pkgs.unstable.nix-eval-jobs
pkgs.git
pkgs.gh
pkgs.nix
pkgs.nix-output-monitor
];
environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
environment.MASTER_URL = ''tcp:host=ci.julienmalka.me'';
environment.BUILDBOT_DIR = buildbotDir;
environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
serviceConfig = {
Type = "simple";
User = "buildbot-worker";
Group = "buildbot-worker";
WorkingDirectory = home;
# Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${./worker.py}";
};
};
}

View file

@ -0,0 +1,59 @@
#!/usr/bin/env python3
import multiprocessing
import os
import socket
from io import open
from buildbot_worker.bot import Worker
from twisted.application import service
def require_env(key: str) -> str:
val = os.environ.get(key)
assert val is not None, "val is not set"
return val
def setup_worker(application: service.Application, id: int) -> None:
basedir = f"{require_env('BUILDBOT_DIR')}-{id}"
os.makedirs(basedir, mode=0o700, exist_ok=True)
master_url = require_env("MASTER_URL")
hostname = socket.gethostname()
workername = f"{hostname}-{id}"
with open(
require_env("WORKER_PASSWORD_FILE"), "r", encoding="utf-8"
) as passwd_file:
passwd = passwd_file.read().strip("\r\n")
keepalive = 600
umask = None
maxdelay = 300
numcpus = None
allow_shutdown = None
s = Worker(
None,
None,
workername,
passwd,
basedir,
keepalive,
connection_string=master_url,
umask=umask,
maxdelay=maxdelay,
numcpus=numcpus,
allow_shutdown=allow_shutdown,
)
s.setServiceParent(application)
# note: this line is matched against to check that this is a worker
# directory; do not edit it.
application = service.Application("buildbot-worker")
for i in range(14):
setup_worker(application, i)