Compare commits
21 commits
7cf75daed7
...
cac8a15513
Author | SHA1 | Date | |
---|---|---|---|
raito | cac8a15513 | ||
Yureka | eedc719889 | ||
Pierre Bourdon | d3a8d21429 | ||
Pierre Bourdon | 608c0e5973 | ||
Pierre Bourdon | 30b05d29f5 | ||
raito | 62ccc0282b | ||
Yureka | d84a43b781 | ||
Yureka | 555728ca0f | ||
raito | 60654e45d9 | ||
raito | 8aa5761660 | ||
Yureka | 2dc5899660 | ||
Yureka | adaf4b0aef | ||
Pierre Bourdon | f33d828552 | ||
Yureka | 5bde7e2358 | ||
Yureka | d4f8cb6c87 | ||
Yureka | 95ec496227 | ||
Yureka | d9809e1e78 | ||
Yureka | 3fa4a25d87 | ||
Yureka | 0ff5eea4ed | ||
Pierre Bourdon | 03b53234d3 | ||
Yureka | 287a9dc400 |
16
flake.lock
16
flake.lock
|
@ -64,11 +64,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721651783,
|
"lastModified": 1721685540,
|
||||||
"narHash": "sha256-Uuqe5lk8HLUbbEgbve2J7soFEcxm0VbaP82p3+MtrtE=",
|
"narHash": "sha256-sIFaurUhoxZBahwfXpHRfMk41FexvULOe03qRBe7uiA=",
|
||||||
"ref": "refs/heads/non-flakes",
|
"ref": "refs/heads/non-flakes",
|
||||||
"rev": "7e9efd267d13ae25ef920770d128e9f8205eb1ba",
|
"rev": "3c903f14c25d87f4fb0b3a0ee7e860b6fa5b2d96",
|
||||||
"revCount": 283,
|
"revCount": 290,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.lix.systems/lix-project/buildbot-nix.git"
|
"url": "https://git.lix.systems/lix-project/buildbot-nix.git"
|
||||||
},
|
},
|
||||||
|
@ -258,11 +258,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721210741,
|
"lastModified": 1721682989,
|
||||||
"narHash": "sha256-jAFXbe8CA6S25NmAwncidyPgBvLK7a8dcj8AdRGaxUY=",
|
"narHash": "sha256-kjJiZ7m4HKqbZ2mxNQiB32/goKFb8BRi8OqC4wIU0OI=",
|
||||||
"ref": "refs/heads/main",
|
"ref": "refs/heads/main",
|
||||||
"rev": "b0e9b4b2f99f9d8f5c4e780e89f955c394b5ced4",
|
"rev": "4b107e6ff36bd89958fba36e0fe0340903e7cd13",
|
||||||
"revCount": 4181,
|
"revCount": 4190,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.lix.systems/lix-project/hydra.git"
|
"url": "https://git.lix.systems/lix-project/hydra.git"
|
||||||
},
|
},
|
||||||
|
|
|
@ -40,8 +40,8 @@
|
||||||
|
|
||||||
hydra.enable = true;
|
hydra.enable = true;
|
||||||
hydra.dbi = "dbi:Pg:dbname=hydra;user=hydra";
|
hydra.dbi = "dbi:Pg:dbname=hydra;user=hydra";
|
||||||
# Takes 4 builders (0 → 3).
|
# Takes 10 builders (0 → 9).
|
||||||
hydra.builders = lib.genList (i: "builder-${builtins.toString i}") 4;
|
hydra.builders = lib.genList (i: "builder-${builtins.toString i}") 10;
|
||||||
|
|
||||||
ofborg.enable = true;
|
ofborg.enable = true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -51,7 +51,7 @@
|
||||||
name = "nixpkgs-${branchName}";
|
name = "nixpkgs-${branchName}";
|
||||||
fromUri = "https://github.com/NixOS/nixpkgs";
|
fromUri = "https://github.com/NixOS/nixpkgs";
|
||||||
fromRefspec = branchName;
|
fromRefspec = branchName;
|
||||||
localRefspec = "refs/remotes/origin/${branchName}";
|
localRefspec = branchName;
|
||||||
inherit timer;
|
inherit timer;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
@ -66,22 +66,37 @@
|
||||||
branchName = "master";
|
branchName = "master";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
branches."refs/heads/staging" = mkNixpkgsJob {
|
||||||
|
timer = "hourly";
|
||||||
|
branchName = "staging";
|
||||||
|
};
|
||||||
|
|
||||||
branches."refs/heads/release-24.05" = mkNixpkgsJob {
|
branches."refs/heads/release-24.05" = mkNixpkgsJob {
|
||||||
timer = "hourly";
|
timer = "hourly";
|
||||||
branchName = "release-24.05";
|
branchName = "release-24.05";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
branches."refs/heads/staging-24.05" = mkNixpkgsJob {
|
||||||
|
timer = "hourly";
|
||||||
|
branchName = "staging-24.05";
|
||||||
|
};
|
||||||
|
|
||||||
branches."refs/heads/release-23.11" = mkNixpkgsJob {
|
branches."refs/heads/release-23.11" = mkNixpkgsJob {
|
||||||
timer = "hourly";
|
timer = "hourly";
|
||||||
branchName = "release-23.11";
|
branchName = "release-23.11";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
branches."refs/heads/staging-23.11" = mkNixpkgsJob {
|
||||||
|
timer = "hourly";
|
||||||
|
branchName = "staging-23.11";
|
||||||
|
};
|
||||||
|
|
||||||
# Testing jobs for personal sandbox branches
|
# Testing jobs for personal sandbox branches
|
||||||
branches."refs/heads/sandbox/raito/raito-unstable-small" = {
|
branches."refs/heads/sandbox/raito/raito-unstable-small" = {
|
||||||
name = "raito-unstable-sync";
|
name = "raito-unstable-sync";
|
||||||
fromUri = "https://github.com/NixOS/nixpkgs";
|
fromUri = "https://github.com/NixOS/nixpkgs";
|
||||||
fromRefspec = "nixos-unstable-small";
|
fromRefspec = "nixos-unstable-small";
|
||||||
localRefspec = "refs/remotes/origin/sandbox/raito/raito-unstable-small";
|
localRefspec = "sandbox/raito/raito-unstable-small";
|
||||||
timer = "*-*-* 12:00:00";
|
timer = "*-*-* 12:00:00";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -89,7 +104,7 @@
|
||||||
name = "raito-release-sync";
|
name = "raito-release-sync";
|
||||||
fromUri = "https://github.com/NixOS/nixpkgs";
|
fromUri = "https://github.com/NixOS/nixpkgs";
|
||||||
fromRefspec = "nixos-24.05";
|
fromRefspec = "nixos-24.05";
|
||||||
localRefspec = "refs/remotes/origin/sandbox/raito/raito-nixos-24.05";
|
localRefspec = "sandbox/raito/raito-nixos-24.05";
|
||||||
timer = "daily";
|
timer = "daily";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -57,6 +57,16 @@ in
|
||||||
fsType = "xfs";
|
fsType = "xfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
fileSystems."/mnt" = {
|
||||||
|
device = "/dev/disk/by-label/hydra";
|
||||||
|
fsType = "xfs";
|
||||||
|
};
|
||||||
|
# We want the tmp filesystem on the same filesystem as the hydra store, so that builds can use reflinks
|
||||||
|
fileSystems."/tmp" = {
|
||||||
|
device = "/mnt/tmp";
|
||||||
|
options = [ "bind" ];
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
fileSystems."/boot" = {
|
||||||
device = "/dev/disk/by-label/BOOT";
|
device = "/dev/disk/by-label/BOOT";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
|
@ -135,6 +145,14 @@ in
|
||||||
MaxStartups = "500:30:1000";
|
MaxStartups = "500:30:1000";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.hydra-gc = {
|
||||||
|
description = "Nix Garbage Collector";
|
||||||
|
script = "exec ${config.nix.package.out}/bin/nix-store --gc --store /mnt";
|
||||||
|
serviceConfig.Type = "oneshot";
|
||||||
|
serviceConfig.User = "builder";
|
||||||
|
startAt = "*-*-* 00/8:00:00";
|
||||||
|
};
|
||||||
|
systemd.timers.hydra-gc.timerConfig.Persistent = true;
|
||||||
|
|
||||||
bagel.sysadmin.enable = true;
|
bagel.sysadmin.enable = true;
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,11 @@ in
|
||||||
age.secrets.buildbot-workers.file = ../../secrets/buildbot-workers.age;
|
age.secrets.buildbot-workers.file = ../../secrets/buildbot-workers.age;
|
||||||
age.secrets.buildbot-service-key.file = ../../secrets/buildbot-service-key.age;
|
age.secrets.buildbot-service-key.file = ../../secrets/buildbot-service-key.age;
|
||||||
age.secrets.buildbot-signing-key.file = ../../secrets/buildbot-signing-key.age;
|
age.secrets.buildbot-signing-key.file = ../../secrets/buildbot-signing-key.age;
|
||||||
age.secrets.buildbot-remote-builder-key.file = ../../secrets/buildbot-remote-builder-key.age;
|
age.secrets.buildbot-remote-builder-key = {
|
||||||
|
file = ../../secrets/buildbot-remote-builder-key.age;
|
||||||
|
owner = "buildbot-worker";
|
||||||
|
group = "buildbot-worker";
|
||||||
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts.${cfg.domain} = {
|
services.nginx.virtualHosts.${cfg.domain} = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
@ -58,7 +62,7 @@ in
|
||||||
(_: lib.foldl' lib.add 0)
|
(_: lib.foldl' lib.add 0)
|
||||||
(lib.concatMap
|
(lib.concatMap
|
||||||
(m: map (s: { ${s} = m.maxJobs; }) m.systems)
|
(m: map (s: { ${s} = m.maxJobs; }) m.systems)
|
||||||
config.nix.buildMachines))
|
config.services.buildbot-nix.coordinator.buildMachines))
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -13,10 +13,11 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
mkSyncService = targetRef: { name, fromUri, fromRefspec, localRefspec, ... }: {
|
mkSyncService = targetRef: { name, fromUri, fromRefspec, localRefspec, ... }: {
|
||||||
path = [ pkgs.gitFull pkgs.openssh ];
|
path = [ pkgs.gitFull pkgs.openssh pkgs.lix ];
|
||||||
script = ''
|
script = ''
|
||||||
set -x
|
set -xe
|
||||||
trap "git worktree prune && git worktree remove -f ${name}" EXIT
|
RUNTIME_DIRECTORY="/run/onewaysync-${name}"
|
||||||
|
trap "git worktree remove -f "$RUNTIME_DIRECTORY"/${name}" EXIT
|
||||||
|
|
||||||
if [ ! -d "/var/lib/onewaysync/nixpkgs" ]; then
|
if [ ! -d "/var/lib/onewaysync/nixpkgs" ]; then
|
||||||
echo "First run, synchronizing nixpkgs..."
|
echo "First run, synchronizing nixpkgs..."
|
||||||
|
@ -26,20 +27,30 @@ let
|
||||||
cd /var/lib/onewaysync/nixpkgs
|
cd /var/lib/onewaysync/nixpkgs
|
||||||
echo "Syncing ${fromUri}:${fromRefspec} to /var/lib/onewaysync/nixpkgs:${targetRef}"
|
echo "Syncing ${fromUri}:${fromRefspec} to /var/lib/onewaysync/nixpkgs:${targetRef}"
|
||||||
echo "Current ref: $EXPECTED_REF"
|
echo "Current ref: $EXPECTED_REF"
|
||||||
git worktree add -f ${cfg.workingDir}/${name} ${localRefspec}
|
git worktree add -f "$RUNTIME_DIRECTORY"/${name} refs/remotes/origin/${localRefspec}
|
||||||
cd ${cfg.workingDir}/${name}
|
cd "$RUNTIME_DIRECTORY"/${name}
|
||||||
git pull origin ${fromRefspec}
|
git pull origin ${localRefspec}
|
||||||
EXPECTED_REF=$(git rev-list ${localRefspec} | head -1)
|
EXPECTED_REF=$(git rev-list refs/remotes/origin/${localRefspec} | head -1)
|
||||||
|
git config user.name Fork-o-Tron
|
||||||
|
git config user.email noreply@forkos.org
|
||||||
git fetch ${fromUri} ${fromRefspec}
|
git fetch ${fromUri} ${fromRefspec}
|
||||||
git rebase FETCH_HEAD
|
'' + lib.optionalString (!(lib.hasInfix "staging" localRefspec)) ''
|
||||||
GIT_SSH_COMMAND='ssh -i ${cfg.deployKeyPath}' git push ${cfg.pushUrl} HEAD:${targetRef} --force-with-lease=${targetRef}:$EXPECTED_REF --force-if-includes
|
OLD_STDENV=$(nix eval -f . stdenv.outPath --store "$RUNTIME_DIRECTORY")
|
||||||
|
'' + ''
|
||||||
|
git merge FETCH_HEAD
|
||||||
|
'' + lib.optionalString (!(lib.hasInfix "staging" localRefspec)) ''
|
||||||
|
NEW_STDENV=$(nix eval -f . stdenv.outPath --store "$RUNTIME_DIRECTORY")
|
||||||
|
# Do not allow auto-merging a staging iteration
|
||||||
|
test "$OLD_STDENV" = "$NEW_STDENV"
|
||||||
|
'' + ''
|
||||||
|
GIT_SSH_COMMAND='ssh -i ${cfg.deployKeyPath}' git push ${cfg.pushUrl} HEAD:${targetRef}
|
||||||
'';
|
'';
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
User = "git";
|
User = "git";
|
||||||
Group = "git";
|
Group = "git";
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
RuntimeDirectory = "onewaysync";
|
RuntimeDirectory = "onewaysync-${name}";
|
||||||
WorkingDirectory = cfg.workingDir;
|
WorkingDirectory = "/run/onewaysync-${name}";
|
||||||
StateDirectory = "onewaysync";
|
StateDirectory = "onewaysync";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -14,7 +14,7 @@ let
|
||||||
# XXX: to support Nix's dumb public host key syntax (base64'd), this outputs
|
# XXX: to support Nix's dumb public host key syntax (base64'd), this outputs
|
||||||
# a string with shell-style command interpolations: $(...).
|
# a string with shell-style command interpolations: $(...).
|
||||||
mkBaremetalBuilder = { parallelBuilds, publicHostKey, host, speedFactor ? 1, user ? "builder", supportedSystems ? [ "i686-linux" "x86_64-linux" ], supportedFeatures ? [ "big-parallel" "kvm" "nixos-test" ] }:
|
mkBaremetalBuilder = { parallelBuilds, publicHostKey, host, speedFactor ? 1, user ? "builder", supportedSystems ? [ "i686-linux" "x86_64-linux" ], supportedFeatures ? [ "big-parallel" "kvm" "nixos-test" ] }:
|
||||||
"ssh://${user}@${host} ${lib.concatStringsSep "," supportedSystems} ${config.age.secrets.hydra-ssh-key-priv.path} ${toString parallelBuilds} ${toString speedFactor} ${lib.concatStringsSep "," supportedFeatures} - $(echo -n '${publicHostKey}' | base64 -w0)";
|
"ssh://${user}@${host}?remote-store=/mnt ${lib.concatStringsSep "," supportedSystems} ${config.age.secrets.hydra-ssh-key-priv.path} ${toString parallelBuilds} ${toString speedFactor} ${lib.concatStringsSep "," supportedFeatures} - $(echo -n '${publicHostKey}' | base64 -w0)";
|
||||||
|
|
||||||
# TODO:
|
# TODO:
|
||||||
# - generalize to new architectures
|
# - generalize to new architectures
|
||||||
|
@ -117,7 +117,7 @@ in {
|
||||||
|
|
||||||
upload_logs_to_binary_cache = true
|
upload_logs_to_binary_cache = true
|
||||||
|
|
||||||
evaluator_workers = 4
|
evaluator_workers = 16
|
||||||
evaluator_max_memory_size = 4096
|
evaluator_max_memory_size = 4096
|
||||||
max_concurrent_evals = 1
|
max_concurrent_evals = 1
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,45 @@ in
|
||||||
visible = true;
|
visible = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
resource.hydra_jobset.k900-experiments = {
|
||||||
|
project = config.resource.hydra_project.forkos.name;
|
||||||
|
state = "enabled";
|
||||||
|
visible = true;
|
||||||
|
name = "nixpkgs-experiments";
|
||||||
|
type = "legacy";
|
||||||
|
description = "experiments branch to test things for K900";
|
||||||
|
|
||||||
|
nix_expression = {
|
||||||
|
file = "nixos/release.nix";
|
||||||
|
input = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
|
check_interval = 0;
|
||||||
|
scheduling_shares = 3000;
|
||||||
|
keep_evaluations = 3;
|
||||||
|
|
||||||
|
email_notifications = false;
|
||||||
|
|
||||||
|
input = [
|
||||||
|
{
|
||||||
|
name = "nixpkgs";
|
||||||
|
type = "git";
|
||||||
|
value = "https://github.com/nixos/nixpkgs 03ff49192b044786362c8c94d8501eac5c6eada4";
|
||||||
|
notify_committers = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "officialRelease";
|
||||||
|
type = "boolean";
|
||||||
|
value = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "supportedSystems";
|
||||||
|
type = "nix";
|
||||||
|
value = ''[ "x86_64-linux" ]'';
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
resource.hydra_jobset.raito-nixos-rolling-small = {
|
resource.hydra_jobset.raito-nixos-rolling-small = {
|
||||||
project = config.resource.hydra_project.forkos.name;
|
project = config.resource.hydra_project.forkos.name;
|
||||||
state = "enabled";
|
state = "enabled";
|
||||||
|
@ -165,5 +204,45 @@ in
|
||||||
|
|
||||||
email_notifications = false;
|
email_notifications = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
resource.hydra_jobset.yureka-staging-test = {
|
||||||
|
project = config.resource.hydra_project.forkos.name;
|
||||||
|
state = "enabled";
|
||||||
|
visible = true;
|
||||||
|
name = "yureka-staging-test";
|
||||||
|
type = "legacy";
|
||||||
|
description = "staging branch for yureka-nixos";
|
||||||
|
|
||||||
|
nix_expression = {
|
||||||
|
file = "pkgs/top-level/release.nix";
|
||||||
|
input = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
|
check_interval = 0;
|
||||||
|
scheduling_shares = 3000;
|
||||||
|
keep_evaluations = 3;
|
||||||
|
|
||||||
|
email_notifications = false;
|
||||||
|
|
||||||
|
input = [
|
||||||
|
{
|
||||||
|
name = "nixpkgs";
|
||||||
|
type = "git";
|
||||||
|
value = "https://cl.forkos.org/nixpkgs sandbox/yureka/staging-test";
|
||||||
|
notify_committers = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "officialRelease";
|
||||||
|
type = "boolean";
|
||||||
|
value = "false";
|
||||||
|
notify_committers = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "supportedSystems";
|
||||||
|
type = "nix";
|
||||||
|
value = ''[ "x86_64-linux" ]'';
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue