+ path = project.packages pkgs ++ (project.pythonPackages buildbot.pythonModule pkgs);
+ preStart = let
+ master-cfg = "${buildbot_common}/${pkgs.python3.pythonForBuild.sitePackages}/buildbot_common/master.cfg";
+ tac_file = pkgs.writeText "buildbot.tac" ''
+ import os
+
+ from twisted.application import service
+ from buildbot.master import BuildMaster
+
+ basedir = '${varDir}/${project.name}'
+ rotateLength = 10000000
+ maxRotatedFiles = 10
+ configfile = '${master-cfg}'
+
+ # Default umask for server
+ umask = None
+
+ # if this is a relocatable tac file, get the directory containing the TAC
+ if basedir == '.':
+ import os
+ basedir = os.path.abspath(os.path.dirname(__file__))
+
+ # note: this line is matched against to check that this is a buildmaster
+ # directory; do not edit it.
+ application = service.Application('buildmaster')
+ from twisted.python.logfile import LogFile
+ from twisted.python.log import ILogObserver, FileLogObserver
+ logfile = LogFile.fromFullPath(os.path.join(basedir, "twistd.log"), rotateLength=rotateLength,
+ maxRotatedFiles=maxRotatedFiles)
+ application.setComponent(ILogObserver, FileLogObserver(logfile).emit)
+
+ m = BuildMaster(basedir, configfile, umask)
+ m.setServiceParent(application)
+ m.log_rotation.rotateLength = rotateLength
+ m.log_rotation.maxRotatedFiles = maxRotatedFiles
+ '';
+ in ''
+ if [ ! -f ${varDir}/${project.name}/buildbot.tac ]; then
+ ${buildbot}/bin/buildbot create-master -c "${master-cfg}" "${varDir}/${project.name}"
+ rm -f ${varDir}/${project.name}/master.cfg.sample
+ rm -f ${varDir}/${project.name}/buildbot.tac
+ fi
+ ln -sf ${tac_file} ${varDir}/${project.name}/buildbot.tac
+ # different buildbots may be trying that simultaneously, add the || true to avoid complaining in case of race
+ install -Dm600 -o buildbot -g buildbot -T /var/secrets/buildbot/ssh_key ${varDir}/buildbot_key || true
+ buildbot_secrets=${varDir}/${project.name}/secrets
+ install -m 0700 -o buildbot -g buildbot -d $buildbot_secrets
+ install -Dm600 -o buildbot -g buildbot -T /var/secrets/buildbot/ldap $buildbot_secrets/ldap
+ ${builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList
+ (k: v: "install -Dm600 -o buildbot -g buildbot -T /var/secrets/buildbot/${project.name}/${k} $buildbot_secrets/${k}") project.secrets
+ )}
+ '';