clerie/nixfiles
1
0
Fork 0
Code

configuration/hydra-build-machine: Move build machine related config to common configuration

Browse Source
This commit is contained in:
clerie 2024-04-22 20:34:42 +02:00
parent cf9b4a9cd4
commit 7ead072e53
3 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
configuration/hydra-build-machine/default.nix Normal file
View File

@ -0,0 +1,16 @@
{ ... }:
{
# Allow Hydra to fetch remote URLs in restricted mode
nix.settings.allowed-uris = "http: https: git+https: github:";
services.openssh.settings= {
PermitRootLogin = "yes";
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMv8Lbca/CR4das3HJ2F/sQ9dA7kdGS1hSVTt5lX4diP root@hydra-1"
];
}

10
hosts/hydra-1/configuration.nix
View File

@ -5,6 +5,7 @@
[ [
./hardware-configuration.nix ./hardware-configuration.nix
../../configuration/proxmox-vm ../../configuration/proxmox-vm
../../configuration/hydra-build-machine
]; ];
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
@ -26,7 +27,6 @@
networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ]; networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ];
nix = { nix = {
settings.allowed-uris = "http: https: git+https: github:";
distributedBuilds = true; distributedBuilds = true;
buildMachines = [ buildMachines = [
{ {
@ -57,14 +57,6 @@
programs.ssh.knownHosts."hydra-1.net.clerie.de".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE2xQBCsFBCwL9n4OP/bPngtNO1fy9kPw13Z/NDoba16 root@hydra-1"; programs.ssh.knownHosts."hydra-1.net.clerie.de".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE2xQBCsFBCwL9n4OP/bPngtNO1fy9kPw13Z/NDoba16 root@hydra-1";
programs.ssh.knownHosts."hydra-2.net.clerie.de".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZED9QM+qe7sB6R6atvP6WNaI2sC2nh7TTsD6kgRpnr root@hydra-2"; programs.ssh.knownHosts."hydra-2.net.clerie.de".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZED9QM+qe7sB6R6atvP6WNaI2sC2nh7TTsD6kgRpnr root@hydra-2";
services.openssh.settings = {
PermitRootLogin = "yes";
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMv8Lbca/CR4das3HJ2F/sQ9dA7kdGS1hSVTt5lX4diP root@hydra-1"
];
services.hydra = { services.hydra = {
enable = true; enable = true;
port = 3001; port = 3001;

12
hosts/hydra-2/configuration.nix
View File

@ -5,6 +5,7 @@
[ [
./hardware-configuration.nix ./hardware-configuration.nix
../../configuration/proxmox-vm ../../configuration/proxmox-vm
../../configuration/hydra-build-machine
]; ];
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
@ -25,17 +26,6 @@
networking.defaultGateway = { address = "141.24.50.1"; interface = "ens18"; }; networking.defaultGateway = { address = "141.24.50.1"; interface = "ens18"; };
networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ]; networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ];
# Allow Hydra to fetch remote URLs in restricted mode
nix.settings.allowed-uris = "http: https: git+https: github:";
services.openssh.settings= {
PermitRootLogin = "yes";
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMv8Lbca/CR4das3HJ2F/sQ9dA7kdGS1hSVTt5lX4diP root@hydra-1"
];
clerie.monitoring = { clerie.monitoring = {
enable = true; enable = true;
id = "211"; id = "211";