62 lines
1.5 KiB
Nix
62 lines
1.5 KiB
Nix
{
|
|
flake.modules.nixos.hydra =
|
|
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
httpPort = 2000;
|
|
|
|
generateHostEntry = machine: ''
|
|
Host ${machine.hostName}
|
|
IdentitiesOnly yes
|
|
IdentityFile ${machine.sshKey}
|
|
User remotebuild
|
|
'';
|
|
|
|
filteredMachines = lib.filter (machine: machine.hostName != "localhost") config.nix.buildMachines;
|
|
remotebuild-ssh-config = pkgs.writeTextFile {
|
|
name = "remotebuild-ssh-config";
|
|
text = lib.concatMapStringsSep "\n" generateHostEntry filteredMachines;
|
|
};
|
|
in
|
|
{
|
|
services.nix-serve = {
|
|
enable = true;
|
|
secretKeyFile = "/var/cache-priv-key.pem";
|
|
};
|
|
|
|
services.hydra = {
|
|
enable = true;
|
|
hydraURL = "http://localhost:${toString httpPort}";
|
|
port = httpPort;
|
|
notificationSender = "hydra@localhost";
|
|
useSubstitutes = true;
|
|
};
|
|
|
|
systemd =
|
|
let
|
|
user = "hydra-queue-runner";
|
|
in
|
|
{
|
|
tmpfiles.rules = [
|
|
"d ${config.users.users.${user}.home}/.ssh 0700 ${user} ${user} -"
|
|
];
|
|
|
|
services.hydra-queue-runner = {
|
|
|
|
serviceConfig.ExecStartPre =
|
|
let
|
|
targetFile = "${config.users.users.${user}.home}/.ssh/config";
|
|
in
|
|
''
|
|
${pkgs.coreutils}/bin/ln -sf ${remotebuild-ssh-config} ${targetFile}
|
|
${pkgs.coreutils}/bin/chown ${user}:${user} ${targetFile}
|
|
'';
|
|
};
|
|
};
|
|
|
|
};
|
|
}
|