2024-04-21 19:38:47 +02:00
|
|
|
{
|
|
|
|
|
pkgs,
|
|
|
|
|
inputs',
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
|
|
|
|
inherit
|
|
|
|
|
(lib)
|
|
|
|
|
mkForce
|
|
|
|
|
;
|
2024-07-24 21:31:21 +02:00
|
|
|
|
|
|
|
|
inherit
|
|
|
|
|
(inputs'.buildbot-nix.lib)
|
|
|
|
|
interpolate
|
|
|
|
|
;
|
2024-04-21 19:38:47 +02:00
|
|
|
in {
|
|
|
|
|
imports = [
|
|
|
|
|
inputs'.buildbot-nix.nixosModules.buildbot-master
|
|
|
|
|
inputs'.buildbot-nix.nixosModules.buildbot-worker
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
services.nginx.virtualHosts."buildbot.redalder.org".listen = [
|
|
|
|
|
{
|
|
|
|
|
addr = "10.64.2.1";
|
|
|
|
|
port = 8833;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
git
|
|
|
|
|
];
|
|
|
|
|
|
2024-07-15 19:31:54 +02:00
|
|
|
services.buildbot-master.buildbotUrl = mkForce "https://buildbot.redalder.org/";
|
2024-04-21 19:38:47 +02:00
|
|
|
services.buildbot-nix.master = {
|
|
|
|
|
enable = true;
|
2024-07-24 21:31:21 +02:00
|
|
|
jobReportLimit = 50;
|
2024-04-21 19:38:47 +02:00
|
|
|
domain = "buildbot.redalder.org";
|
2024-07-24 21:31:21 +02:00
|
|
|
workersFile = "/secret/workers.json";
|
2024-05-23 20:18:06 +02:00
|
|
|
admins = ["magic_rb" "MagicRB"];
|
2024-07-24 21:31:21 +02:00
|
|
|
authBackend = "gitea";
|
2024-04-27 22:10:15 +02:00
|
|
|
gitea = {
|
|
|
|
|
enable = true;
|
|
|
|
|
tokenFile = "/secret/gitea_token";
|
2024-05-23 20:18:06 +02:00
|
|
|
instanceUrl = "https://codeberg.org";
|
2024-04-27 22:10:15 +02:00
|
|
|
oauthId = "b862a7fa-04ba-462e-b495-2cecc1e6bb18";
|
|
|
|
|
webhookSecretFile = "/secret/github_webhook_secret";
|
|
|
|
|
oauthSecretFile = "/secret/gitea_oauth_secret";
|
|
|
|
|
topic = "build-with-buildbot";
|
|
|
|
|
};
|
2024-04-21 19:38:47 +02:00
|
|
|
github = {
|
2024-07-24 21:31:21 +02:00
|
|
|
enable = true;
|
2024-04-27 22:10:15 +02:00
|
|
|
webhookSecretFile = "/secret/github_webhook_secret";
|
2024-04-21 19:38:47 +02:00
|
|
|
oauthId = "Iv1.9602794c2e5a475b";
|
2024-04-27 22:10:15 +02:00
|
|
|
oauthSecretFile = "/secret/github_oauth_secret";
|
2024-04-21 19:38:47 +02:00
|
|
|
topic = "buildbot-magicrb";
|
2024-05-23 20:18:06 +02:00
|
|
|
authType.app = {
|
|
|
|
|
secretKeyFile = "/secret/github_app_private_key.pem";
|
|
|
|
|
id = 881425;
|
|
|
|
|
};
|
|
|
|
|
# authType.legacy = {
|
|
|
|
|
# tokenFile = "/secret/github_token";
|
|
|
|
|
# };
|
2024-04-21 19:38:47 +02:00
|
|
|
};
|
|
|
|
|
# optional expose latest store path as text file
|
|
|
|
|
# outputsPath = "/var/www/buildbot/nix-outputs";
|
|
|
|
|
|
|
|
|
|
# optional nix-eval-jobs settings
|
|
|
|
|
evalWorkerCount = 2; # limit number of concurrent evaluations
|
|
|
|
|
evalMaxMemorySize = "4096"; # limit memory usage per evaluation
|
|
|
|
|
|
2024-07-24 21:31:21 +02:00
|
|
|
# postBuildSteps = [
|
|
|
|
|
# {
|
|
|
|
|
# name = "Testing out the steps";
|
|
|
|
|
# command = [
|
|
|
|
|
# (lib.getExe' pkgs.coreutils "printf")
|
|
|
|
|
# (interpolate "Interpolated %(prop:out_path)s!\n")
|
|
|
|
|
# ];
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
2024-04-21 19:38:47 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# Optional: Enable acme/TLS in nginx (recommended)
|
|
|
|
|
#services.nginx.virtualHosts.${config.services.buildbot-nix.master.domain} = {
|
|
|
|
|
# forceSSL = true;
|
|
|
|
|
# useACME = true;
|
|
|
|
|
#};
|
|
|
|
|
|
|
|
|
|
services.buildbot-nix.worker = {
|
|
|
|
|
enable = true;
|
2024-07-24 21:31:21 +02:00
|
|
|
workerPasswordFile = "/secret/worker_secret";
|
2024-04-21 19:38:47 +02:00
|
|
|
};
|
|
|
|
|
}
|
