Commit 7962ad63 authored by Valentin Reis's avatar Valentin Reis

CI deployment fix.

parent 8923245d
No preview for this file type
...@@ -46,15 +46,17 @@ in ...@@ -46,15 +46,17 @@ in
nrBuildUsers = 30; nrBuildUsers = 30;
distributedBuilds = true; distributedBuilds = true;
buildMachines = [ buildMachines = [
{ hostName = "129.114.111.114"; {
hostName = "129.114.111.114";
maxJobs = 10; maxJobs = 10;
speedFactor = 1; speedFactor = 1;
sshKey = "/run/secrets/id_buildfarm"; sshKey = "/run/id_buildfarm";
sshUser = "root"; sshUser = "root";
systems = ["builtin" "x86_64-linux" "i686-linux"]; systems = ["builtin" "x86_64-linux" "i686-linux"];
supportedFeatures = [ "nixos-test" "benchmark" ]; supportedFeatures = [ "nixos-test" "benchmark" ];
} }
{ hostName = "argo-phi2"; {
hostName = "argo-phi2";
maxJobs = 40; maxJobs = 40;
speedFactor = 1; speedFactor = 1;
sshUser = "freux"; sshUser = "freux";
...@@ -65,24 +67,16 @@ in ...@@ -65,24 +67,16 @@ in
extraOptions = "auto-optimise-store = true"; extraOptions = "auto-optimise-store = true";
}; };
system.activationScripts = {
chownsec = {
text = ''
mkdir -p /run/secrets/
chown -R ${builtins.toString config.users.users.hydra-queue-runner.uid}:${builtins.toString config.users.groups.hydra.gid} /run/secrets
chmod 0600 /run/secrets/*
'';
deps = [];
};
};
services.hydra = { services.hydra = {
useSubstitutes = true; useSubstitutes = true;
enable = true; enable = true;
hydraURL = "http://129.114.111.116"; hydraURL = "http://129.114.111.116";
notificationSender = "hydra@example.org"; notificationSender = "hydra@example.org";
port = 8080; port = 8080;
extraConfig = "secret-key=/etc/nix/hydra.example.org-1/secret"; extraConfig = ''
max_output_size = 4294967296
secret-key=/etc/nix/hydra.example.org-1/secret
'';
buildMachinesFiles = [ "/etc/nix/machines" ]; buildMachinesFiles = [ "/etc/nix/machines" ];
}; };
......
#!/usr/bin/env bash #!/usr/bin/env bash
echo "extracting/sending hydra-master secret key from password store" echo "extracting/sending hydra-master secret key from password store"
pass keys/rsa/PRIVATE/hydra-master@chameleon | ssh root@129.114.111.116 'cat > /run/secrets/id_buildfarm' pass keys/rsa/PRIVATE/hydra-master@chameleon | ssh root@129.114.111.116 'cat > /run/id_buildfarm'
echo "chown-ing the key on the machine" echo "chown-ing the key on the machine"
ssh root@129.114.111.116 'chown hydra-queue-runner:hydra /run/secrets/id_buildfarm' ssh root@129.114.111.116 'chown hydra-queue-runner:hydra /run/id_buildfarm'
ssh root@129.114.111.116 'chmod 600 /run/id_buildfarm'
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment