Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
argo
argopkgs
Commits
5aa44127
Commit
5aa44127
authored
Feb 18, 2019
by
Valentin Reis
Browse files
Adds swann's key to the chameleon gitlab runners.
parent
b1b425c6
Pipeline
#5423
passed with stages
in 12 minutes and 28 seconds
Changes
3
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
deployments/argo.nixops
View file @
5aa44127
No preview for this file type
deployments/ci.nix
View file @
5aa44127
...
...
@@ -2,15 +2,197 @@
pkgs
?
import
../pin.nix
{
jsonpath
=
../nixpkgs-unstable.json
;}
}:
let
keys
=
[
(
pkgs
.
lib
.
readFile
keys/id_rsa_vrg.pub
)
];
keys
=
[
(
pkgs
.
lib
.
readFile
keys/id_rsa_swann.pub
)
(
pkgs
.
lib
.
readFile
keys/id_rsa_vrg.pub
)
];
argopkgs
=
import
../pkgs
{};
hydraSrc
=
builtins
.
fetchTarball
https://github.com/nixos/hydra/archive/master.tar.gz
;
argomodules
=
import
../modules/module-list.nix
;
mkChameleonRunner
=
ip
:
{
...
}:
{
deployment
.
targetEnv
=
"none"
;
deployment
.
targetHost
=
ip
;
imports
=
[
./gitlab-runner.nix
];
time
.
timeZone
=
"America/Chicago"
;
deployment
.
keys
.
"id_buildfarm"
=
{
destDir
=
"/run"
;
keyFile
=
./id_buildfarm.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
deployment
.
keys
.
"gitlab.cfg"
=
{
destDir
=
"/run"
;
keyFile
=
./gitlab.cfg.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
systemd
.
services
.
tunnel-hydra
=
{
path
=
[
pkgs
.
autossh
];
enable
=
true
;
description
=
"ssh tunnel to hydra"
;
after
=
[];
wantedBy
=
[
"multi-user.target"
];
environment
.
AUTOSSH_GATETIME
=
"0"
;
environment
.
AUTOSSH_POLL
=
"30"
;
serviceConfig
=
{
User
=
"fre"
;
Restart
=
"on-success"
;
Type
=
"simple"
;
ExecStart
=
''
${
pkgs
.
autossh
}
/bin/autossh -M 0 -N -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -T -R 2210:localhost:22 fre@argo.freux.fr -i /run/id_buildfarm
''
;
};
};
require
=
argomodules
;
environment
.
argo
.
known-hosts
.
enable
=
true
;
environment
.
argo
.
provider-tacc
.
enable
=
true
;
environment
.
argo
.
root-access
.
enable
=
true
;
environment
.
argo
.
ssh-config
.
enable
=
true
;
environment
.
variables
.
TERM
=
"xterm"
;
i18n
.
defaultLocale
=
"en_US.UTF-8"
;
nix
.
useSandbox
=
true
;
nix
.
nrBuildUsers
=
30
;
nix
.
trustedUsers
=
[
"root"
"fre"
];
services
.
ntp
.
enable
=
false
;
services
.
openssh
.
allowSFTP
=
false
;
environment
.
systemPackages
=
[
pkgs
.
git
];
virtualisation
.
docker
.
enable
=
true
;
services
.
gitlab-runner2
.
enable
=
true
;
services
.
gitlab-runner2
.
registrationConfigFile
=
"/run/gitlab.cfg"
;
services
.
gitlab-runner2
.
packages
=
[
pkgs
.
bash
pkgs
.
docker-machine
pkgs
.
shadow
pkgs
.
git
];
nix
.
gc
=
{
automatic
=
true
;
dates
=
"05:15"
;
options
=
''--max-freed "$((32 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 |
${
pkgs
.
gawk
}
/bin/awk '{ print $4 }')))"''
;
};
services
.
openssh
.
enable
=
true
;
users
.
extraUsers
.
root
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
users
.
extraUsers
.
fre
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
};
in
{
network
.
description
=
"argo-ci"
;
network
.
enableRollback
=
false
;
gitlab-runner-4
=
mkChameleonRunner
"129.114.111.114"
;
gitlab-runner-3
=
mkChameleonRunner
"129.114.110.3"
;
gitlab-runner-2
=
mkChameleonRunner
"129.114.111.116"
;
gitlab-runner-1
=
mkChameleonRunner
"129.114.33.201"
;
slave-desktop
=
{
...
}:
{
deployment
.
targetEnv
=
"none"
;
deployment
.
targetHost
=
"140.221.10.9"
;
imports
=
[
./gitlab-runner.nix
];
time
.
timeZone
=
"America/Chicago"
;
deployment
.
keys
.
"id_buildfarm"
=
{
destDir
=
"/run"
;
keyFile
=
./id_buildfarm.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
deployment
.
keys
.
"gitlab.cfg"
=
{
destDir
=
"/run"
;
keyFile
=
./gitlab.cfg.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
systemd
.
services
.
tunnel-hydra
=
{
path
=
[
pkgs
.
autossh
];
enable
=
true
;
description
=
"ssh tunnel to hydra"
;
after
=
[];
wantedBy
=
[
"multi-user.target"
];
environment
.
AUTOSSH_GATETIME
=
"0"
;
environment
.
AUTOSSH_POLL
=
"30"
;
serviceConfig
=
{
User
=
"fre"
;
Restart
=
"on-success"
;
Type
=
"simple"
;
ExecStart
=
''
${
pkgs
.
autossh
}
/bin/autossh -M 0 -N -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -T -R 2210:localhost:22 fre@argo.freux.fr -i /run/id_buildfarm
''
;
};
};
require
=
argomodules
;
environment
.
argo
.
known-hosts
.
enable
=
true
;
environment
.
argo
.
provider-openspace
.
enable
=
true
;
environment
.
argo
.
root-access
.
enable
=
true
;
environment
.
variables
.
TERM
=
"xterm"
;
i18n
.
defaultLocale
=
"en_US.UTF-8"
;
nix
.
useSandbox
=
true
;
nix
.
nrBuildUsers
=
30
;
nix
.
trustedUsers
=
[
"root"
"fre"
];
services
.
ntp
.
enable
=
false
;
services
.
openssh
.
allowSFTP
=
false
;
environment
.
systemPackages
=
[
pkgs
.
git
];
virtualisation
.
docker
.
enable
=
true
;
services
.
gitlab-runner2
.
enable
=
true
;
services
.
gitlab-runner2
.
registrationConfigFile
=
"/run/gitlab.cfg"
;
services
.
gitlab-runner2
.
packages
=
[
pkgs
.
bash
pkgs
.
docker-machine
pkgs
.
shadow
pkgs
.
git
];
#services.gitlab-runner = {
#enable = true;
#packages = [ pkgs.bash pkgs.docker-machine pkgs.shadow];
#configFile = ./gitlab-ci.toml;
#configOptions = {
#concurrent = 2;
#runners = [ { builds_dir = "";
#docker = { cache_dir = "";
#disable_cache = true;
#host = "";
#image = "nixos/nix:2.1.3";
#privileged = true;
#};
#executor = "docker";
#name = "docker-nix-2.1.3";
#token = pkgs.lib.removeSuffix "\n" (builtins.readFile ./gitlab_token.secret);
#url = "https://xgitlab.cels.anl.gov/";
#}];
#};
#};
nix
.
gc
=
{
automatic
=
true
;
dates
=
"05:15"
;
options
=
''--max-freed "$((32 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 |
${
pkgs
.
gawk
}
/bin/awk '{ print $4 }')))"''
;
};
services
.
openssh
.
enable
=
true
;
users
.
extraUsers
.
root
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
users
.
extraUsers
.
fre
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
};
}
#hydra-tacc =
#{ config, ... }:
#{
...
...
@@ -225,103 +407,3 @@ in
#users.extraUsers.root.openssh.authorizedKeys.keys = [ (pkgs.lib.readFile ./keys/id_buildfarm.pub)];
#users.extraUsers.fre.openssh.authorizedKeys.keys = [ (pkgs.lib.readFile ./keys/id_buildfarm.pub)];
#};
slave-desktop
=
{
...
}:
{
deployment
.
targetEnv
=
"none"
;
deployment
.
targetHost
=
"140.221.10.9"
;
imports
=
[
./gitlab-runner.nix
];
time
.
timeZone
=
"America/Chicago"
;
deployment
.
keys
.
"id_buildfarm"
=
{
destDir
=
"/run"
;
keyFile
=
./id_buildfarm.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
deployment
.
keys
.
"gitlab.cfg"
=
{
destDir
=
"/run"
;
keyFile
=
./gitlab.cfg.secret
;
user
=
"fre"
;
group
=
"users"
;
permissions
=
"600"
;
};
systemd
.
services
.
tunnel-hydra
=
{
path
=
[
pkgs
.
autossh
];
enable
=
true
;
description
=
"ssh tunnel to hydra"
;
after
=
[];
wantedBy
=
[
"multi-user.target"
];
environment
.
AUTOSSH_GATETIME
=
"0"
;
environment
.
AUTOSSH_POLL
=
"30"
;
serviceConfig
=
{
User
=
"fre"
;
Restart
=
"on-success"
;
Type
=
"simple"
;
ExecStart
=
''
${
pkgs
.
autossh
}
/bin/autossh -M 0 -N -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -T -R 2210:localhost:22 fre@argo.freux.fr -i /run/id_buildfarm
''
;
};
};
require
=
argomodules
;
environment
.
argo
.
known-hosts
.
enable
=
true
;
environment
.
argo
.
provider-openspace
.
enable
=
true
;
environment
.
argo
.
root-access
.
enable
=
true
;
environment
.
variables
.
TERM
=
"xterm"
;
i18n
.
defaultLocale
=
"en_US.UTF-8"
;
nix
.
useSandbox
=
true
;
nix
.
nrBuildUsers
=
30
;
nix
.
trustedUsers
=
[
"root"
"fre"
];
services
.
ntp
.
enable
=
false
;
services
.
openssh
.
allowSFTP
=
false
;
environment
.
systemPackages
=
[
pkgs
.
git
];
virtualisation
.
docker
.
enable
=
true
;
services
.
gitlab-runner2
.
enable
=
true
;
services
.
gitlab-runner2
.
registrationConfigFile
=
"/run/gitlab.cfg"
;
services
.
gitlab-runner2
.
packages
=
[
pkgs
.
bash
pkgs
.
docker-machine
pkgs
.
shadow
pkgs
.
git
];
#services.gitlab-runner = {
#enable = true;
#packages = [ pkgs.bash pkgs.docker-machine pkgs.shadow];
#configFile = ./gitlab-ci.toml;
#configOptions = {
#concurrent = 2;
#runners = [ { builds_dir = "";
#docker = { cache_dir = "";
#disable_cache = true;
#host = "";
#image = "nixos/nix:2.1.3";
#privileged = true;
#};
#executor = "docker";
#name = "docker-nix-2.1.3";
#token = pkgs.lib.removeSuffix "\n" (builtins.readFile ./gitlab_token.secret);
#url = "https://xgitlab.cels.anl.gov/";
#}];
#};
#};
nix
.
gc
=
{
automatic
=
true
;
dates
=
"05:15"
;
options
=
''--max-freed "$((32 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 |
${
pkgs
.
gawk
}
/bin/awk '{ print $4 }')))"''
;
};
services
.
openssh
.
enable
=
true
;
users
.
extraUsers
.
root
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
users
.
extraUsers
.
fre
.
openssh
.
authorizedKeys
.
keys
=
[
(
pkgs
.
lib
.
readFile
./keys/id_buildfarm.pub
)];
};
}
deployments/keys/id_rsa_swann.pub
0 → 100644
View file @
5aa44127
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7WdTdLtIYB940NdQTTyBVcBkFBoPmBcJGLxCEXkN+lvAkBhv45YkpM5SC1fLgybYAMcMnwg9qOV5z15w3V/tTY+pFx+bMJ7S+AqmSr4/fPe47GvXM8PlN18wh5K4rTXBdWGrqLuLSpadMGVcgG9plYLa/hMygX/WPbKTNKKhZH3mbqlJxiDTmmKNsK8lby6/kiDCEe2riiCXJ4ZervA4PD+mAIhQg9Qw7GpvS1u81LQj1/Wyo8Otjj47y2VME6JIaGMvT9dQeegcD0UIGgncMdnY7htWUuBrEf++oCDeSwte3Asp7DpsQhkVSce+bNa39y1DaNhVlM+UkB+wTnsBJ perarnau@sakura
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment