Compare commits

..

No commits in common. "42c2413ce032e37d4b70a77ea4c1f06e695ec655" and "328df3060fdf9493dceb818060f5e3ba4cba11fc" have entirely different histories.

3 changed files with 2 additions and 60 deletions

View File

@ -30,16 +30,14 @@ let
proj_root = builtins.toString ./../..;
# TODO: put this in a seperate library
# callPackage supports both PATH and function as first param!
yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage
({ runCommand }:
yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage ({ runCommand }:
# runCommand source: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/trivial-builders.nix#L33
runCommand outputPath { inherit yamlContent; nativeBuildInputs = [ pkgs.yq ]; }
# run yq which outputs '.' (no filter) on file at yamlPath
# note that $out is passed onto the bash/sh script for execution
''
echo "$yamlContent" | yq >$out
'')
{ };
'') { };
# fromYamlPath = yamlPath: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlPath "any-output.json"));
fromYaml = yamlContent: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlContent "any_output.json"));
in

View File

@ -1,31 +0,0 @@
{
my-hydra = { config, pkgs, ... }: {
# send email
services.postfix = {
enable = true;
setSendmail = true;
};
# postgresql as a build queue (optimization possible?)
services.postgresql = {
enable = true;
package = pkgs.postgresql;
identMap = ''
hydra-users hydra hydra
hydra-users hydra-queue-runner hydra
hydra-users hydra-www hydra
hydra-users root postgres
hydra-users postgres postgres
'';
};
services.hydra = {
enable = true;
useSubstitutes = true;
# hydraURL =
};
networking = {
firewall = {
allowedTCPPorts = [ config.services.hydra.port ];
};
};
};
}

View File

@ -1,25 +0,0 @@
# guide: https://qfpl.io/posts/nix/starting-simple-hydra/
{
my-hydra = { config, pkgs, ... }: {
deployment = {
targetEnv = "virtualbox";
virtualbox.memorySize = 1024; # 1 GB``
virtualbox.vcpu = 2; # 2 vcpus :/ very limited on Linode, sorry
virtualbox.headless = true; # no gui pls
};
services = {
nixosManual.showManual = false; # save space, just no manual on our nix installation
ntp.enable = true; # time daemon
openssh = {
allowSFTP = false; # Prefer using SCP because connection is less verbose (?)
# we are going to generate rsa public key pair to machine
passwordAuthentication = false; # client-pubkey/server-prikey or dig yourself
};
};
users = {
mutableUsers = false; # Remember Trien's Windows freeze function? this is it.
# Yo, allow trusted users through ok?
users.root.openssh.authorizedKeys.keyFiles = [ "ssh/authorizedKeys" ];
};
};
}