feat: introduce floral and lix common modules
This way, we can mark tenancy appropriately in a common expression and add all machines altogether in the same entrypoint. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
parent
92560708b8
commit
6978c1271d
52
flake.nix
52
flake.nix
|
@ -113,7 +113,9 @@
|
||||||
|
|
||||||
./services
|
./services
|
||||||
./common
|
./common
|
||||||
|
];
|
||||||
|
|
||||||
|
floralInfraModules = commonModules ++ [
|
||||||
({ config, lib, ... }: {
|
({ config, lib, ... }: {
|
||||||
# This means that anyone with @floral-infra permissions
|
# This means that anyone with @floral-infra permissions
|
||||||
# can ssh on root of every machines handled here.
|
# can ssh on root of every machines handled here.
|
||||||
|
@ -124,32 +126,62 @@
|
||||||
# Tag all machines which have local boot as local bootables.
|
# Tag all machines which have local boot as local bootables.
|
||||||
deployment.tags = lib.mkIf (config.bagel.baremetal.builders.enable -> !config.bagel.baremetal.builders.netboot)
|
deployment.tags = lib.mkIf (config.bagel.baremetal.builders.enable -> !config.bagel.baremetal.builders.netboot)
|
||||||
[ "localboot" ];
|
[ "localboot" ];
|
||||||
|
|
||||||
|
bagel.secrets.tenant = "floral";
|
||||||
|
bagel.builders.extra-build-capacity.provider.tenant = "floral";
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# These are Floral baremetal builders.
|
||||||
makeBuilder = i:
|
makeBuilder = i:
|
||||||
let
|
let
|
||||||
enableNetboot = i >= 6;
|
enableNetboot = i >= 6;
|
||||||
in
|
in
|
||||||
lib.nameValuePair "builder-${toString i}" {
|
lib.nameValuePair "builder-${toString i}" {
|
||||||
imports = commonModules;
|
imports = floralInfraModules;
|
||||||
bagel.baremetal.builders = { enable = true; num = i; netboot = enableNetboot; };
|
bagel.baremetal.builders = { enable = true; num = i; netboot = enableNetboot; };
|
||||||
};
|
};
|
||||||
|
|
||||||
|
lixInfraModules = commonModules ++ [
|
||||||
|
{
|
||||||
|
# This means that anyone with @lix-infra permissions
|
||||||
|
# can ssh on root of every machines handled here.
|
||||||
|
bagel.admins.allowedGroups = [
|
||||||
|
"lix-infra"
|
||||||
|
];
|
||||||
|
|
||||||
|
# Tag all machines which have local boot as local bootables.
|
||||||
|
# Lix has no netbootable machine.
|
||||||
|
deployment.tags = [ "localboot" ];
|
||||||
|
|
||||||
|
|
||||||
|
bagel.secrets.tenant = "lix";
|
||||||
|
bagel.builders.extra-build-capacity.provider.tenant = "lix";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
builders = lib.listToAttrs (lib.genList makeBuilder 11);
|
builders = lib.listToAttrs (lib.genList makeBuilder 11);
|
||||||
in {
|
in {
|
||||||
meta.nixpkgs = systemBits.x86_64-linux.pkgs;
|
meta.nixpkgs = systemBits.x86_64-linux.pkgs;
|
||||||
|
# Add any non-x86_64 native systems here.
|
||||||
|
# Cross compilation is not supported yet.
|
||||||
|
meta.nodeNixpkgs =
|
||||||
|
let
|
||||||
|
aarch64-systems = systems: lib.genAttrs systems (system: systemBits.aarch64-linux.pkgs);
|
||||||
|
in
|
||||||
|
aarch64-systems [
|
||||||
|
];
|
||||||
meta.specialArgs.inputs = inputs;
|
meta.specialArgs.inputs = inputs;
|
||||||
|
|
||||||
bagel-box.imports = commonModules ++ [ ./hosts/bagel-box ];
|
bagel-box.imports = floralInfraModules ++ [ ./hosts/bagel-box ];
|
||||||
meta01.imports = commonModules ++ [ ./hosts/meta01 ];
|
meta01.imports = floralInfraModules ++ [ ./hosts/meta01 ];
|
||||||
gerrit01.imports = commonModules ++ [ ./hosts/gerrit01 ];
|
gerrit01.imports = floralInfraModules ++ [ ./hosts/gerrit01 ];
|
||||||
fodwatch.imports = commonModules ++ [ ./hosts/fodwatch ];
|
fodwatch.imports = floralInfraModules ++ [ ./hosts/fodwatch ];
|
||||||
git.imports = commonModules ++ [ ./hosts/git ];
|
git.imports = floralInfraModules ++ [ ./hosts/git ];
|
||||||
wob-vpn-gw.imports = commonModules ++ [ ./hosts/wob-vpn-gw ];
|
wob-vpn-gw.imports = floralInfraModules ++ [ ./hosts/wob-vpn-gw ];
|
||||||
buildbot.imports = commonModules ++ [ ./hosts/buildbot ];
|
buildbot.imports = floralInfraModules ++ [ ./hosts/buildbot ];
|
||||||
public01.imports = commonModules ++ [ ./hosts/public01 ];
|
public01.imports = floralInfraModules ++ [ ./hosts/public01 ];
|
||||||
build-coord.imports = commonModules ++ [ ./hosts/build-coord ];
|
build-coord.imports = floralInfraModules ++ [ ./hosts/build-coord ];
|
||||||
} // builders;
|
} // builders;
|
||||||
|
|
||||||
hydraJobs = builtins.mapAttrs (n: v: v.config.system.build.netbootDir or v.config.system.build.toplevel) self.nixosConfigurations;
|
hydraJobs = builtins.mapAttrs (n: v: v.config.system.build.netbootDir or v.config.system.build.toplevel) self.nixosConfigurations;
|
||||||
|
|
Loading…
Reference in a new issue