Add specification for the private config file as a module.

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-12-12 00:24:23 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-12-20 04:12:27 +0100
commit: ab8f306d7c2c49b8116e1af7b355ed2384617ed9 (patch)
tree: d1061ec0436fd096de2332a892eb984c63cb125e /modules/private/buildbot
parent: 4227853a03923e04daf3dd511a4b5a1ab5d527e7 (diff)
download: Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.tar.gz
Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.tar.zst
Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.zip
1 files changed, 12 insertions, 12 deletions
diff --git a/modules/private/buildbot/default.nix b/modules/private/buildbot/default.nix
index 273ad70..d42f659 100644
--- a/modules/private/buildbot/default.nix
+++ b/modules/private/buildbot/default.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
 let
  varDir = "/var/lib/buildbot";
  buildbot_common = pkgs.python3Packages.buildPythonPackage rec {
@@ -27,8 +27,8 @@ in
    services.duplyBackup.profiles.buildbot = {
      rootDir = varDir;
    };
-    ids.uids.buildbot = myconfig.env.buildbot.user.uid;
+    ids.uids.buildbot = config.myEnv.buildbot.user.uid;
-    ids.gids.buildbot = myconfig.env.buildbot.user.gid;
+    ids.gids.buildbot = config.myEnv.buildbot.user.gid;
    users.groups.buildbot.gid = config.ids.gids.buildbot;
    users.users.buildbot = {
@@ -42,7 +42,7 @@ in
    services.websites.env.tools.watchPaths = lib.attrsets.mapAttrsToList
      (k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include")
-      myconfig.env.buildbot.projects;
+      config.myEnv.buildbot.projects;
    services.websites.env.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
        RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"
@@ -64,7 +64,7 @@ in
            Include /var/secrets/buildbot/${project.name}/webhook-httpd-include
          </RequireAny>
        </Location>
-        '') myconfig.env.buildbot.projects;
+        '') config.myEnv.buildbot.projects;
    system.activationScripts = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
      deps = [ "users" "wrappers" ];
@@ -73,7 +73,7 @@ in
        ${project.activationScript}
        '';
-    }) myconfig.env.buildbot.projects;
+    }) config.myEnv.buildbot.projects;
    secrets.keys = (
      lib.lists.flatten (
@@ -92,27 +92,27 @@ in
              permissions = "0600";
              user = "wwwrun";
              group = "wwwrun";
-              text = lib.optionalString (lib.attrsets.hasAttr "webhookTokens" project) ''
+              text = lib.optionalString (project.webhookTokens != null) ''
                Require expr "req('Access-Key') in { ${builtins.concatStringsSep ", " (map (x: "'${x}'") project.webhookTokens)} }"
                '';
              dest = "buildbot/${project.name}/webhook-httpd-include";
            }
          ]
-        ) myconfig.env.buildbot.projects
+        ) config.myEnv.buildbot.projects
      )
    ) ++ [
      {
        permissions = "0600";
        user = "buildbot";
        group = "buildbot";
-        text = myconfig.env.buildbot.ldap.password;
+        text = config.myEnv.buildbot.ldap.password;
        dest = "buildbot/ldap";
      }
      {
        permissions = "0600";
        user = "buildbot";
        group = "buildbot";
-        text = builtins.readFile "${myconfig.privateFiles}/buildbot_ssh_key";
+        text = builtins.readFile "${config.myEnv.privateFiles}/buildbot_ssh_key";
        dest = "buildbot/ssh_key";
      }
    ];
@@ -123,7 +123,7 @@ in
        "/var/secrets/buildbot/ldap"
        "/var/secrets/buildbot/ssh_key"
      ] ++ lib.attrsets.mapAttrsToList (k: v: "/var/secrets/buildbot/${project.name}/${k}") project.secrets;
-    }) myconfig.env.buildbot.projects;
+    }) config.myEnv.buildbot.projects;
    systemd.services = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
      description = "Buildbot Continuous Integration Server ${project.name}.";
@@ -214,6 +214,6 @@ in
        WorkingDirectory = "${varDir}/${project.name}";
        ExecStart = "${buildbot}/bin/buildbot start";
      };
-    }) myconfig.env.buildbot.projects;
+    }) config.myEnv.buildbot.projects;
  };
 }
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-12-12 00:24:23 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-12-20 04:12:27 +0100
commit	ab8f306d7c2c49b8116e1af7b355ed2384617ed9 (patch)
tree	d1061ec0436fd096de2332a892eb984c63cb125e /modules/private/buildbot
parent	4227853a03923e04daf3dd511a4b5a1ab5d527e7 (diff)
download	Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.tar.gz Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.tar.zst Nix-ab8f306d7c2c49b8116e1af7b355ed2384617ed9.zip

diff --git a/modules/private/buildbot/default.nix b/modules/private/buildbot/default.nix index 273ad70..d42f659 100644 --- a/modules/private/buildbot/default.nix +++ b/modules/private/buildbot/default.nix
@@ -1,4 +1,4 @@
1	{ lib, pkgs, config, myconfig, ... }:	1	{ lib, pkgs, config, ... }:
2	let	2	let
3	varDir = "/var/lib/buildbot";	3	varDir = "/var/lib/buildbot";
4	buildbot_common = pkgs.python3Packages.buildPythonPackage rec {	4	buildbot_common = pkgs.python3Packages.buildPythonPackage rec {
@@ -27,8 +27,8 @@ in
27	services.duplyBackup.profiles.buildbot = {	27	services.duplyBackup.profiles.buildbot = {
28	rootDir = varDir;	28	rootDir = varDir;
29	};	29	};
30	ids.uids.buildbot = myconfig.env.buildbot.user.uid;	30	ids.uids.buildbot = config.myEnv.buildbot.user.uid;
31	ids.gids.buildbot = myconfig.env.buildbot.user.gid;	31	ids.gids.buildbot = config.myEnv.buildbot.user.gid;
32		32
33	users.groups.buildbot.gid = config.ids.gids.buildbot;	33	users.groups.buildbot.gid = config.ids.gids.buildbot;
34	users.users.buildbot = {	34	users.users.buildbot = {
@@ -42,7 +42,7 @@ in
42		42
43	services.websites.env.tools.watchPaths = lib.attrsets.mapAttrsToList	43	services.websites.env.tools.watchPaths = lib.attrsets.mapAttrsToList
44	(k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include")	44	(k: project: "/var/secrets/buildbot/${project.name}/webhook-httpd-include")
45	myconfig.env.buildbot.projects;	45	config.myEnv.buildbot.projects;
46		46
47	services.websites.env.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''	47	services.websites.env.tools.vhostConfs.git.extraConfig = lib.attrsets.mapAttrsToList (k: project: ''
48	RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"	48	RedirectMatch permanent "^/buildbot/${project.name}$" "/buildbot/${project.name}/"
@@ -64,7 +64,7 @@ in
64	Include /var/secrets/buildbot/${project.name}/webhook-httpd-include	64	Include /var/secrets/buildbot/${project.name}/webhook-httpd-include
65	</RequireAny>	65	</RequireAny>
66	</Location>	66	</Location>
67	'') myconfig.env.buildbot.projects;	67	'') config.myEnv.buildbot.projects;
68		68
69	system.activationScripts = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {	69	system.activationScripts = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
70	deps = [ "users" "wrappers" ];	70	deps = [ "users" "wrappers" ];
@@ -73,7 +73,7 @@ in
73		73
74	${project.activationScript}	74	${project.activationScript}
75	'';	75	'';
76	}) myconfig.env.buildbot.projects;	76	}) config.myEnv.buildbot.projects;
77		77
78	secrets.keys = (	78	secrets.keys = (
79	lib.lists.flatten (	79	lib.lists.flatten (
@@ -92,27 +92,27 @@ in
92	permissions = "0600";	92	permissions = "0600";
93	user = "wwwrun";	93	user = "wwwrun";
94	group = "wwwrun";	94	group = "wwwrun";
95	text = lib.optionalString (lib.attrsets.hasAttr "webhookTokens" project) ''	95	text = lib.optionalString (project.webhookTokens != null) ''
96	Require expr "req('Access-Key') in { ${builtins.concatStringsSep ", " (map (x: "'${x}'") project.webhookTokens)} }"	96	Require expr "req('Access-Key') in { ${builtins.concatStringsSep ", " (map (x: "'${x}'") project.webhookTokens)} }"
97	'';	97	'';
98	dest = "buildbot/${project.name}/webhook-httpd-include";	98	dest = "buildbot/${project.name}/webhook-httpd-include";
99	}	99	}
100	]	100	]
101	) myconfig.env.buildbot.projects	101	) config.myEnv.buildbot.projects
102	)	102	)
103	) ++ [	103	) ++ [
104	{	104	{
105	permissions = "0600";	105	permissions = "0600";
106	user = "buildbot";	106	user = "buildbot";
107	group = "buildbot";	107	group = "buildbot";
108	text = myconfig.env.buildbot.ldap.password;	108	text = config.myEnv.buildbot.ldap.password;
109	dest = "buildbot/ldap";	109	dest = "buildbot/ldap";
110	}	110	}
111	{	111	{
112	permissions = "0600";	112	permissions = "0600";
113	user = "buildbot";	113	user = "buildbot";
114	group = "buildbot";	114	group = "buildbot";
115	text = builtins.readFile "${myconfig.privateFiles}/buildbot_ssh_key";	115	text = builtins.readFile "${config.myEnv.privateFiles}/buildbot_ssh_key";
116	dest = "buildbot/ssh_key";	116	dest = "buildbot/ssh_key";
117	}	117	}
118	];	118	];
@@ -123,7 +123,7 @@ in
123	"/var/secrets/buildbot/ldap"	123	"/var/secrets/buildbot/ldap"
124	"/var/secrets/buildbot/ssh_key"	124	"/var/secrets/buildbot/ssh_key"
125	] ++ lib.attrsets.mapAttrsToList (k: v: "/var/secrets/buildbot/${project.name}/${k}") project.secrets;	125	] ++ lib.attrsets.mapAttrsToList (k: v: "/var/secrets/buildbot/${project.name}/${k}") project.secrets;
126	}) myconfig.env.buildbot.projects;	126	}) config.myEnv.buildbot.projects;
127		127
128	systemd.services = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {	128	systemd.services = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
129	description = "Buildbot Continuous Integration Server ${project.name}.";	129	description = "Buildbot Continuous Integration Server ${project.name}.";
@@ -214,6 +214,6 @@ in
214	WorkingDirectory = "${varDir}/${project.name}";	214	WorkingDirectory = "${varDir}/${project.name}";
215	ExecStart = "${buildbot}/bin/buildbot start";	215	ExecStart = "${buildbot}/bin/buildbot start";
216	};	216	};
217	}) myconfig.env.buildbot.projects;	217	}) config.myEnv.buildbot.projects;
218	};	218	};
219	}	219	}