{ pkgs, inputs', lib, ... }: let inherit (lib) mkForce ; inherit (inputs'.buildbot-nix.lib) interpolate ; in { imports = [ inputs'.buildbot-nix.nixosModules.buildbot-master inputs'.buildbot-nix.nixosModules.buildbot-worker ]; services.nginx.virtualHosts."buildbot.redalder.org".listen = [ { addr = "10.64.2.1"; port = 8833; } ]; environment.systemPackages = with pkgs; [ git ]; services.buildbot-master.buildbotUrl = mkForce "https://buildbot.redalder.org/"; services.buildbot-nix.master = { enable = true; jobReportLimit = 50; domain = "buildbot.redalder.org"; workersFile = "/secret/workers.json"; admins = ["magic_rb" "MagicRB"]; authBackend = "gitea"; gitea = { enable = true; tokenFile = "/secret/gitea_token"; instanceUrl = "https://codeberg.org"; oauthId = "b862a7fa-04ba-462e-b495-2cecc1e6bb18"; webhookSecretFile = "/secret/github_webhook_secret"; oauthSecretFile = "/secret/gitea_oauth_secret"; topic = "build-with-buildbot"; }; github = { enable = true; webhookSecretFile = "/secret/github_webhook_secret"; oauthId = "Iv1.9602794c2e5a475b"; oauthSecretFile = "/secret/github_oauth_secret"; topic = "buildbot-magicrb"; authType.app = { secretKeyFile = "/secret/github_app_private_key.pem"; id = 881425; }; # authType.legacy = { # tokenFile = "/secret/github_token"; # }; }; # optional expose latest store path as text file # outputsPath = "/var/www/buildbot/nix-outputs"; # optional nix-eval-jobs settings evalWorkerCount = 2; # limit number of concurrent evaluations evalMaxMemorySize = "4096"; # limit memory usage per evaluation # postBuildSteps = [ # { # name = "Testing out the steps"; # command = [ # (lib.getExe' pkgs.coreutils "printf") # (interpolate "Interpolated %(prop:out_path)s!\n") # ]; # } # ]; }; # Optional: Enable acme/TLS in nginx (recommended) #services.nginx.virtualHosts.${config.services.buildbot-nix.master.domain} = { # forceSSL = true; # useACME = true; #}; services.buildbot-nix.worker = { enable = true; workerPasswordFile = "/secret/worker_secret"; }; }