update with hwtr-prince, everything looks fine

zk
2022-12-08 02:04:20 -07:00 · 2022-12-08 01:53:47 -07:00
3 changed files with 60 additions and 2 deletions
--- a/nix-conf/home-manager/home.nix
+++ b/nix-conf/home-manager/home.nix
@ -30,14 +30,16 @@ let
  proj_root = builtins.toString ./../..;
  # TODO: put this in a seperate library
  # callPackage supports both PATH and function as first param!
-  yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage ({ runCommand }:
+  yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage
+    ({ runCommand }:
      # runCommand source: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/trivial-builders.nix#L33
      runCommand outputPath { inherit yamlContent; nativeBuildInputs = [ pkgs.yq ]; }
        # run yq which outputs '.' (no filter) on file at yamlPath
        # note that $out is passed onto the bash/sh script for execution
        ''
          echo "$yamlContent" | yq >$out
-        '') { };
+        '')
+    { };
  # fromYamlPath = yamlPath: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlPath "any-output.json"));
  fromYaml = yamlContent: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlContent "any_output.json"));
 in
--- a/nixops/simple_hydra.nix
+++ b/nixops/simple_hydra.nix
@ -0,0 +1,31 @@
+{
+  my-hydra = { config, pkgs, ... }: {
+    # send email
+    services.postfix = {
+      enable = true;
+      setSendmail = true;
+    };
+    # postgresql as a build queue (optimization possible?)
+    services.postgresql = {
+      enable = true;
+      package = pkgs.postgresql;
+      identMap = ''
+        hydra-users hydra hydra
+        hydra-users hydra-queue-runner hydra
+        hydra-users hydra-www hydra
+        hydra-users root postgres
+        hydra-users postgres postgres
+      '';
+    };
+    services.hydra = {
+      enable = true;
+      useSubstitutes = true;
+      # hydraURL = 
+    };
+    networking = {
+      firewall = {
+        allowedTCPPorts = [ config.services.hydra.port ];
+      };
+    };
+  };
+}
--- a/nixops/simple_hydra_vbox.nix
+++ b/nixops/simple_hydra_vbox.nix
@ -0,0 +1,25 @@
+# guide: https://qfpl.io/posts/nix/starting-simple-hydra/
+{
+  my-hydra = { config, pkgs, ... }: {
+    deployment = {
+      targetEnv = "virtualbox";
+      virtualbox.memorySize = 1024; # 1 GB``
+      virtualbox.vcpu = 2; # 2 vcpus :/ very limited on Linode, sorry
+      virtualbox.headless = true; # no gui pls
+    };
+    services = {
+      nixosManual.showManual = false; # save space, just no manual on our nix installation
+      ntp.enable = true; # time daemon
+      openssh = {
+        allowSFTP = false; # Prefer using SCP because connection is less verbose (?)
+        # we are going to generate rsa public key pair to machine
+        passwordAuthentication = false; # client-pubkey/server-prikey or dig yourself
+      };
+    };
+    users = {
+      mutableUsers = false; # Remember Trien's Windows freeze function? this is it.
+      # Yo, allow trusted users through ok?
+      users.root.openssh.authorizedKeys.keyFiles = [ "ssh/authorizedKeys" ];
+    };
+  };
+}
Author	SHA1	Message	Date
pegasust	42c2413ce0	update with hwtr-prince, everything looks fine	2022-12-08 02:04:20 -07:00
pegasust	d1ffdebe2f	zk	2022-12-08 01:53:47 -07:00