Commit 821c1939 authored by Valentin Reis's avatar Valentin Reis

re-generating a proper secret key to be stored in tmpfs.

parent ee5fcac0
No preview for this file type
......@@ -24,7 +24,7 @@ in
imports = [ "${hydraSrc}/hydra-module.nix" ];
networking = {
firewall = {
allowedTCPPorts=[ config.services.hydra.port 6080 ];
allowedTCPPorts=[ config.services.hydra.port 6080 2210 ];
};
};
......@@ -40,14 +40,6 @@ in
message = "unsupported system ${pkgs.system}";
};
environment.etc = pkgs.lib.singleton {
target = "nix/id_buildfarm";
source = keys/id_buildfarm;
uid = config.users.users.hydra-queue-runner.uid;
gid = config.users.groups.hydra.gid;
mode = "0600";
};
nix = {
useChroot = true;
nrBuildUsers = 30;
......@@ -56,7 +48,15 @@ in
{ hostName = "129.114.111.114";
maxJobs = 10;
speedFactor = 1;
sshKey = "/etc/nix/id_buildfarm";
sshKey = "/run/secrets/id_buildfarm";
sshUser = "root";
systems = ["builtin" "x86_64-linux" "i686-linux"];
supportedFeatures = [ "nixos-test" "benchmark" ];
}
{ hostName = "localhost:2210";
maxJobs = 10;
speedFactor = 1;
sshKey = "/run/secrets/id_buildfarm";
sshUser = "root";
systems = ["builtin" "x86_64-linux" "i686-linux"];
supportedFeatures = [ "nixos-test" "benchmark" ];
......@@ -65,6 +65,16 @@ in
extraOptions = "auto-optimise-store = true";
};
system.activationScripts = {
chownsec = {
text = ''
mkdir -p /run/secrets/
chown -R ${config.users.users.hydra-queue-runner.uid}:${config.users.groups.hydra.gid} /run/secrets
'';
deps = [];
};
};
services.hydra = {
useSubstitutes = true;
enable = true;
......@@ -140,7 +150,7 @@ in
"power-bandit": { "url" : "https://xgitlab.cels.anl.gov/argo/power-bandit.git" },
"yggdrasil-c": { "url" : "https://xgitlab.cels.anl.gov/argo/yggdrasil-c.git" },
"kernel": { "url" : "https://xgitlab.cels.anl.gov/argo/kernel.git" },
"util-linux": { "url" : "https://xgitlab.cels.anl.gov/argo/util-linux.git" }
"util-linux": { "url" : "https://xgitlab.cels.anl.gov/argo/util-linux.git" },
"libmsr": { "url" : "https://github.com/LLNL/libmsr.git" }
}
}
......
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAuAs76VgLc6U7qudgmjJQ6vDp/ovmZ5PrABkdJSL/LgHqrU/2
xtqzdDBgAjCOdBVGaA7q3aypWRJ+PySZ5nIhM+n3Ue4rXUStyCYsA69bEiu+X5e4
PhRg6iDBJzMft6mJjCSWdBzf1evbhhPXl2Bt2dx6okBWikH1s+1zvMT6Skl06Aiz
zYPhUt2YafVSA781fGGsnIuaFAcEvvWWvpA1AUMi6RwAKlhHoOEoulf2/3CurAdP
fIunccEi7hFZ4olNPmYZ+5G+3Z2SWKWICKbr7bZG0LbKZ66LVjfYriG7HUfKKvTd
H1Tyr/qldRHBSezb6ZyPgCOb6T/ETEmqWrj9GwIDAQABAoIBACyFmzKxt+N7/1ky
q+3hai3Lpe+MDGrWH61gZeqL8stAb3MJuxsT4QGkijU9ZdizJNsbcLm7gSQpEx1X
T1uuFFYorUnGofroGFoo0dD6ZL+akW0ymMF70I4S6mb/ORcHDl02pKbmLUfkzLA8
sJTQIQLpEUma4tSDbFrggHUT+bBqdveNLfHeCFf/6OQ5+OqJu0Q83bIeWBwn3HtJ
aYOaHnsj+SfJal7cwo+owcjiFpX1+Txes0VZJVM0QCY3GMOHXAg87eM0pNGJK2Ve
u1xX7pSBV23NMT/nQYUf/Vq4wRKolWfCG0NxKNEPtoSQyAG0keYQtUqojjr2L2kS
neWQU+ECgYEA9IVwoZL7mNf+SgmvZQYa65I7K8QMJi1m3urr3QpqMqEGK5z0aAqY
Pi+6odfIisKEeaxVg0xfz545s/wDg5Ijj/NuSOZXbpe27Kk8TKr7DEvQ5TlcUus+
ab0NJjEu4KKVSnFwfhfgdsjnUW9/8w29YyUgLz2NhP0Jd79IhXyPJcMCgYEAwK8A
Os5gt/418DwfFs3eESxiecHbz9X2RHUX48yyx84pdIpHyhyZa/dg0+nkqDVbUFCH
dw7/dZSHaVncgeK5AJG1zep2BqupZsQ071vwWw4+97455Y+c5qeDd7NEPUc5nm5w
lyHdgIysksQOEPr5IE1XR6ElyVvQ2vt78e+p3ckCgYB6XAgHooCqdHN4Yy5U1GBG
P6/Cb+FQfWm75TzQKLUJztBCpNEc+yhB/ipbcJqW7U3TgSxtfpt3Tos7iMHNZiTL
lRo7+qAH5H2SIgHdr7Xe6lWHT1Pm3ncl/IeG9BesK0+fp/KN9q7JYjF269/QJbD+
2wYm/ZtC0EiblqnYuoL7dwKBgQCsvzixgD1uN9cb3orw4vjo5KYVCxyLJQR5M5GL
hgXy5H5+IUtjhGh4R3zkAJojxFJtmwUYVLXrMJKGfS4YtK+wNvKL/lx6doSVwerD
feXrfMYvTriRe0Pr9tsDAhF37tdVlyYSGSaBDZ3apzMFPj0EHNLXQT6jXFHPQhBJ
Q9lDIQKBgQCdcfVGjoJ4hQoSkTbyaUEl0mYiz7wlg6p5iX/OXe9HK3RIwf5JCKOD
gN0VFfhpjvI8AJUehX2OKK+60MG8Mxv3p34XKN58FB4uJGjapJ/VYLNYc1F4TgLa
0uAo7cIlGEMnKF0A4/jAeCHbUNPeX/a3QRMZE71rdTtuLkYYWIFPEA==
-----END RSA PRIVATE KEY-----
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4CzvpWAtzpTuq52CaMlDq8On+i+Znk+sAGR0lIv8uAeqtT/bG2rN0MGACMI50FUZoDurdrKlZEn4/JJnmciEz6fdR7itdRK3IJiwDr1sSK75fl7g+FGDqIMEnMx+3qYmMJJZ0HN/V69uGE9eXYG3Z3HqiQFaKQfWz7XO8xPpKSXToCLPNg+FS3Zhp9VIDvzV8Yayci5oUBwS+9Za+kDUBQyLpHAAqWEeg4Si6V/b/cK6sB098i6dxwSLuEVniiU0+Zhn7kb7dnZJYpYgIpuvttkbQtspnrotWN9iuIbsdR8oq9N0fVPKv+qV1EcFJ7NvpnI+AI5vpP8RMSapauP0b hydra@hydra.example.org
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvPaIJtoxK/bkMS5KQmKyEGpwFwPqJTSu8k46w339cww4I4JWHXF4iCXILaci72wFFCs8R4ic7e9ktNAHvk7P7w6fhRBm37J40PwhBb1mZHNgW4JRyboB/orWHFF3rfazgHM+r2A4JAzWFHjNJIpGPLyaMmXJpo72ah8BQ7tPn51EQ5skMiR8leD1KSsL8OdfOY9SjPg8dNTI2eHbHQgv5cSOM4tQL/LxmI9NpSMysJeHmm3p6Lak+EbfcYqq+JN4yx2OZ5nma8l+Jy//QG1klldRL8Jh+/BQzhcoZjYwmAI2QIAbiTd52AN0X00y/+OwAfTzuj4hq+/3Vg4GpeQlR fre@frex280
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment