1 { lib, pkgs, pkgsNext, config, myconfig, mylibs, ... }:
3 pkgs = pkgsNext.appendOverlays config.nixpkgs.overlays;
5 varDir = "/var/lib/buildbot";
6 buildslist_src = mylibs.fetchedGitPrivate ./buildslist.json;
7 buildslist_yarn = pkgs.yarn2nix.mkYarnModules {
8 name = "buildslist-yarn-modules";
9 packageJSON = "${buildslist_src.src}/package.json";
10 yarnLock = "${buildslist_src.src}/yarn.lock";
12 buildslist_bower = pkgs.buildBowerComponents {
14 generated = ./bower.nix;
15 src = "${buildslist_src.src}/guanlecoja/";
18 buildslist = pkgs.python3Packages.buildPythonPackage rec {
19 pname = "buildbot-buildslist";
20 inherit (pkgs.buildbot-pkg) version;
24 cp -a ${buildslist_yarn}/node_modules .
25 chmod -R u+w node_modules
26 cp -a ${buildslist_bower}/bower_components ./libs
29 propagatedBuildInputs = with pkgs.python3Packages; [
30 (klein.overridePythonAttrs(old: { checkPhase = ""; }))
33 nativeBuildInputs = with pkgs; [ yarn nodejs ];
34 buildInputs = [ buildslist_yarn buildslist_bower ];
37 src = buildslist_src.src;
39 buildbot_common = pkgs.python3Packages.buildPythonPackage rec {
40 name = "buildbot_common";
44 mkdir -p $out/${pkgs.python3.pythonForBuild.sitePackages}
45 cp -a $src $out/${pkgs.python3.pythonForBuild.sitePackages}/buildbot_common
48 buildbot = pkgs.python3Packages.buildbot-full.withPlugins ([ buildslist ]);
52 services.buildbot.enable = lib.mkOption {
53 type = lib.types.bool;
56 Whether to enable buildbot.
61 config = lib.mkIf config.services.buildbot.enable {
62 ids.uids.buildbot = myconfig.env.buildbot.user.uid;
63 ids.gids.buildbot = myconfig.env.buildbot.user.gid;
65 users.groups.buildbot.gid = config.ids.gids.buildbot;
66 users.users.buildbot = {
68 uid = config.ids.uids.buildbot;
70 description = "Buildbot user";
74 services.myWebsites.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
75 RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"
77 RewriteRule ^/buildbot/${project.name}/ws(.*)$ unix:///run/buildbot/${project.name}.sock|ws://git.immae.eu/ws$1 [P,NE,QSA,L]
78 ProxyPass /buildbot/${project.name}/ unix:///run/buildbot/${project.name}.sock|http://${project.name}-git.immae.eu/
79 ProxyPassReverse /buildbot/${project.name}/ unix:///run/buildbot/${project.name}.sock|http://${project.name}-git.immae.eu/
80 <Location /buildbot/${project.name}/>
82 Require ldap-group cn=users,ou=${project.name},cn=buildbot,ou=services,dc=immae,dc=eu
84 SetEnvIf X-Url-Scheme https HTTPS=1
87 <Location /buildbot/${project.name}/change_hook/base>
90 '') myconfig.env.buildbot.projects;
92 system.activationScripts = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
93 deps = [ "users" "wrappers" ];
95 master-cfg = "${buildbot_common}/${pkgs.python3.pythonForBuild.sitePackages}/buildbot_common/master.cfg";
96 buildbot_key = pkgs.writeText "buildbot_key" (builtins.readFile "${myconfig.privateFiles}/buildbot_ssh_key");
97 tac_file = pkgs.writeText "buildbot.tac" ''
100 from twisted.application import service
101 from buildbot.master import BuildMaster
103 basedir = '${varDir}/${project.name}'
104 rotateLength = 10000000
106 configfile = '${master-cfg}'
108 # Default umask for server
111 # if this is a relocatable tac file, get the directory containing the TAC
114 basedir = os.path.abspath(os.path.dirname(__file__))
116 # note: this line is matched against to check that this is a buildmaster
117 # directory; do not edit it.
118 application = service.Application('buildmaster')
119 from twisted.python.logfile import LogFile
120 from twisted.python.log import ILogObserver, FileLogObserver
121 logfile = LogFile.fromFullPath(os.path.join(basedir, "twistd.log"), rotateLength=rotateLength,
122 maxRotatedFiles=maxRotatedFiles)
123 application.setComponent(ILogObserver, FileLogObserver(logfile).emit)
125 m = BuildMaster(basedir, configfile, umask)
126 m.setServiceParent(application)
127 m.log_rotation.rotateLength = rotateLength
128 m.log_rotation.maxRotatedFiles = maxRotatedFiles
131 install -m 0755 -o buildbot -g buildbot -d /run/buildbot/
132 install -m 0755 -o buildbot -g buildbot -d ${varDir}
133 if [ ! -f ${varDir}/${project.name}/buildbot.tac ]; then
134 $wrapperDir/sudo -u buildbot ${buildbot}/bin/buildbot create-master -c "${master-cfg}" "${varDir}/${project.name}"
135 rm -f ${varDir}/${project.name}/master.cfg.sample
136 rm -f ${varDir}/${project.name}/buildbot.tac
138 ln -sf ${tac_file} ${varDir}/${project.name}/buildbot.tac
139 install -Dm600 -o buildbot -g buildbot -T ${buildbot_key} ${varDir}/buildbot_key
140 buildbot_secrets=${varDir}/${project.name}/secrets
141 install -m 0600 -o buildbot -g buildbot -d $buildbot_secrets
142 echo "${myconfig.env.buildbot.ldap.password}" > $buildbot_secrets/ldap
143 ${builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList
144 (k: v: "echo ${lib.strings.escapeShellArg v} > $buildbot_secrets/${k}") project.secrets
146 chown -R buildbot:buildbot $buildbot_secrets
147 chmod -R u=rX,go=- $buildbot_secrets
148 ${project.activationScript}
150 }) myconfig.env.buildbot.projects;
152 systemd.services = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
153 description = "Buildbot Continuous Integration Server ${project.name}.";
154 after = [ "network-online.target" ];
155 wantedBy = [ "multi-user.target" ];
156 path = project.packages pkgs ++ (project.pythonPackages buildbot.pythonModule pkgs);
158 project_env = lib.attrsets.mapAttrs' (k: v: lib.attrsets.nameValuePair "BUILDBOT_${k}" v) project.environment;
159 buildbot_config = pkgs.python3Packages.buildPythonPackage (rec {
160 name = "buildbot_config-${project.name}";
161 src = ./projects + "/${project.name}";
164 mkdir -p $out/${pkgs.python3.pythonForBuild.sitePackages}
165 cp -a $src $out/${pkgs.python3.pythonForBuild.sitePackages}/buildbot_config
168 HOME = "${varDir}/${project.name}";
169 PYTHONPATH = "${buildbot.pythonModule.withPackages (self: project.pythonPackages self pkgs ++ [
170 pkgs.python3Packages.treq pkgs.python3Packages.ldap3 buildbot
171 pkgs.python3Packages.buildbot-worker
172 buildbot_common buildbot_config
173 ])}/${buildbot.pythonModule.sitePackages}${if project.pythonPathHome then ":${varDir}/${project.name}/.local/${pkgs.python3.pythonForBuild.sitePackages}" else ""}";
174 in project_env // { inherit PYTHONPATH HOME; };
180 WorkingDirectory = "${varDir}/${project.name}";
181 ExecStart = "${buildbot}/bin/buildbot start";
183 }) myconfig.env.buildbot.projects;