raito
e3129fec51
wildcards are not allowed in the headers. We need to include credentials as well. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
72 lines
1.7 KiB
Nix
72 lines
1.7 KiB
Nix
# Configuration for a virtual machine in Raito's micro-DC basement.
|
|
# 32 vCPU (2014 grade Xeon though)
|
|
# 32GB RAM
|
|
# 30GB SSD
|
|
# 500GB HDD
|
|
# All specifications can be upgraded to a certain extent, just ask Raito.
|
|
# Hosts the coordinator for Buildbot.
|
|
#
|
|
# vim: et:ts=2:sw=2:
|
|
#
|
|
{ lib, modulesPath, ... }: {
|
|
networking.hostName = "buildbot";
|
|
networking.domain = "lix.systems";
|
|
|
|
zramSwap.enable = true;
|
|
|
|
bagel.sysadmin.enable = true;
|
|
# Buildbot is proxied.
|
|
bagel.raito.v6-proxy-awareness.enable = true;
|
|
bagel.hardware.raito-vm = {
|
|
enable = true;
|
|
networking = {
|
|
nat-lan-mac = "BC:24:11:75:62:42";
|
|
wan = {
|
|
mac = "BC:24:11:B2:5F:2E";
|
|
address = "2001:bc8:38ee:100::200/56";
|
|
};
|
|
};
|
|
};
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
bagel.services.buildbot = {
|
|
enable = true;
|
|
domain = "buildbot.lix.systems";
|
|
gerrit =
|
|
{
|
|
domain = "gerrit.lix.systems";
|
|
port = 2022;
|
|
username = "buildbot";
|
|
};
|
|
cors.allowedOrigins = [
|
|
"https://*.lix.systems"
|
|
];
|
|
projects = [
|
|
"lix"
|
|
"lix-installer"
|
|
];
|
|
buildSystems = [
|
|
"x86_64-linux"
|
|
"aarch64-linux"
|
|
"aarch64-darwin"
|
|
# Too slow.
|
|
/* "x86_64-darwin" */
|
|
];
|
|
# Lix is not allowed to use yet Floral's x86_64 builders for now.
|
|
builders = [ ];
|
|
};
|
|
|
|
# This machine does not use /nix from btrfs, and instead uses a store on a bigger disk.
|
|
fileSystems."/nix" =
|
|
lib.mkForce
|
|
{ device = "/dev/disk/by-uuid/1815ca49-d0b0-4b99-8aec-0d790498ba6f";
|
|
fsType = "xfs";
|
|
neededForBoot = true;
|
|
options = [ "relatime" ];
|
|
};
|
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
system.stateVersion = "24.05";
|
|
deployment.targetHost = "buildbot.lix.systems";
|
|
}
|