diff --git a/hosts/bagel-box/default.nix b/hosts/bagel-box/default.nix index d864346..1560c2d 100644 --- a/hosts/bagel-box/default.nix +++ b/hosts/bagel-box/default.nix @@ -40,6 +40,11 @@ hydra.enable = true; hydra.dbi = "dbi:Pg:dbname=hydra;user=hydra"; + hydra.builders = [ + "builder-0" + "builder-1" + ]; + ofborg.enable = true; }; diff --git a/services/baremetal-builder/default.nix b/services/baremetal-builder/default.nix index 95b9f03..b871482 100644 --- a/services/baremetal-builder/default.nix +++ b/services/baremetal-builder/default.nix @@ -45,6 +45,7 @@ in networking.useNetworkd = true; networking.hostName = "builder-${toString cfg.num}"; + networking.domain = "wob01.infra.forkos.org"; systemd.network = { netdevs = { diff --git a/services/hydra/default.nix b/services/hydra/default.nix index 40a2b30..6cbd367 100644 --- a/services/hydra/default.nix +++ b/services/hydra/default.nix @@ -1,14 +1,28 @@ -{ config, lib, pkgs, ... }: +{ nodes, config, lib, pkgs, ... }: let cfg = config.bagel.services.hydra; + ssh-keys = import ../../common/ssh-keys.nix; narCacheDir = "/var/cache/hydra/nar-cache"; port = 3000; mkCacheSettings = settings: builtins.concatStringsSep "&" ( lib.mapAttrsToList (k: v: "${k}=${v}") settings - ); + ); + + mkBaremetalBuilder = { nrCores, publicHostKey, host, speedFactor ? 1, user ? "builder", supportedSystems ? [ "i686-linux" "x86_64-linux" ], supportedFeatures ? [ "big-parallel" "kvm" "nixos-test" ] }: + "ssh://${user}@${host} ${lib.concatStringsSep "," supportedSystems} ${config.age.secrets.hydra-ssh-key-priv.path} ${toString nrCores} ${toString speedFactor} ${lib.concatStringsSep "," supportedFeatures} - ${publicHostKey}"; + + # TODO: + # - generalize to new architectures + # - generalize to new features + baremetalBuilders = lib.concatStringsSep "\n" + (map (n: mkBaremetalBuilder { + nrCores = 40; # TODO: do not hardcode this, use the node's builder configuration. + publicHostKey = ssh-keys.machines.${n}; + host = nodes.${n}.config.networking.fqdn; + }) cfg.builders); in { options.bagel.services.hydra = with lib; { enable = mkEnableOption "Hydra coordinator"; @@ -17,9 +31,19 @@ in { type = types.str; description = "DBI connection string for the Hydra postgres database"; }; + + builders = mkOption { + type = types.listOf types.str; + description = "List of builders to configure for Hydra"; + example = [ "builder-0" "builder-1" ]; + }; }; config = lib.mkIf cfg.enable { + # TODO: we should assert or warn that the builders + # does indeed have our public SSH key and are *builders* + # as a simple evaluation preflight check. + age.secrets.hydra-s3-credentials.file = ../../secrets/hydra-s3-credentials.age; age.secrets.hydra-ssh-key-priv.owner = "hydra-queue-runner"; @@ -54,7 +78,8 @@ in { buildMachinesFiles = [ (pkgs.writeText "hydra-builders.conf" '' ssh://bagel-builder@epyc.infra.newtype.fr i686-linux,x86_64-linux ${config.age.secrets.hydra-ssh-key-priv.path} 8 1 big-parallel,kvm,nixos-test - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU9YVDlJbml0MU1oS3Q0cmpCQU5McTB0MGJQd3cvV1FaOTZ1QjRBRURybWwgcm9vdEBuaXhvcwo= - '') + ${baremetalBuilders} + '') ]; extraConfig = ''