diff options
Diffstat (limited to 'nixops/modules/buildbot/default.nix')
-rw-r--r-- | nixops/modules/buildbot/default.nix | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/nixops/modules/buildbot/default.nix b/nixops/modules/buildbot/default.nix index cd5b260..9b661f1 100644 --- a/nixops/modules/buildbot/default.nix +++ b/nixops/modules/buildbot/default.nix | |||
@@ -34,13 +34,15 @@ let | |||
34 | doCheck = false; | 34 | doCheck = false; |
35 | src = buildslist_src.src; | 35 | src = buildslist_src.src; |
36 | }; | 36 | }; |
37 | buildbot_common = pkgsNext.python3Packages.buildPythonPackage (mylibs.fetchedGitPrivate ./buildbot_common.json // rec { | 37 | buildbot_common = pkgsNext.python3Packages.buildPythonPackage rec { |
38 | name = "buildbot_common"; | ||
39 | src = ./common; | ||
38 | format = "other"; | 40 | format = "other"; |
39 | installPhase = '' | 41 | installPhase = '' |
40 | mkdir -p $out/${pkgsNext.python3.pythonForBuild.sitePackages} | 42 | mkdir -p $out/${pkgsNext.python3.pythonForBuild.sitePackages} |
41 | cp -a $src $out/${pkgsNext.python3.pythonForBuild.sitePackages}/buildbot_common | 43 | cp -a $src $out/${pkgsNext.python3.pythonForBuild.sitePackages}/buildbot_common |
42 | ''; | 44 | ''; |
43 | }); | 45 | }; |
44 | buildbot = pkgsNext.python3Packages.buildbot-full.withPlugins ([ buildslist ]); | 46 | buildbot = pkgsNext.python3Packages.buildbot-full.withPlugins ([ buildslist ]); |
45 | in | 47 | in |
46 | { | 48 | { |
@@ -75,7 +77,7 @@ in | |||
75 | ProxyPassReverse /buildbot/${project.name}/ unix:///run/buildbot/${project.name}.sock|http://${project.name}-git.immae.eu/ | 77 | ProxyPassReverse /buildbot/${project.name}/ unix:///run/buildbot/${project.name}.sock|http://${project.name}-git.immae.eu/ |
76 | <Location /buildbot/${project.name}/> | 78 | <Location /buildbot/${project.name}/> |
77 | Use LDAPConnect | 79 | Use LDAPConnect |
78 | Require ldap-group cn=users,cn=buildbot,ou=services,dc=immae,dc=eu | 80 | Require ldap-group cn=users,ou=${project.name},cn=buildbot,ou=services,dc=immae,dc=eu |
79 | 81 | ||
80 | SetEnvIf X-Url-Scheme https HTTPS=1 | 82 | SetEnvIf X-Url-Scheme https HTTPS=1 |
81 | ProxyPreserveHost On | 83 | ProxyPreserveHost On |
@@ -89,15 +91,50 @@ in | |||
89 | deps = [ "users" "wrappers" ]; | 91 | deps = [ "users" "wrappers" ]; |
90 | text = let | 92 | text = let |
91 | master-cfg = "${buildbot_common}/${pkgsNext.python3.pythonForBuild.sitePackages}/buildbot_common/master.cfg"; | 93 | master-cfg = "${buildbot_common}/${pkgsNext.python3.pythonForBuild.sitePackages}/buildbot_common/master.cfg"; |
92 | puppet_notify = pkgs.writeText "puppet_notify" (builtins.readFile "${myconfig.privateFiles}/buildbot_puppet_notify"); | 94 | buildbot_key = pkgs.writeText "buildbot_key" (builtins.readFile "${myconfig.privateFiles}/buildbot_ssh_key"); |
95 | tac_file = pkgs.writeText "buildbot.tac" '' | ||
96 | import os | ||
97 | |||
98 | from twisted.application import service | ||
99 | from buildbot.master import BuildMaster | ||
100 | |||
101 | basedir = '${varDir}/${project.name}' | ||
102 | rotateLength = 10000000 | ||
103 | maxRotatedFiles = 10 | ||
104 | configfile = '${master-cfg}' | ||
105 | |||
106 | # Default umask for server | ||
107 | umask = None | ||
108 | |||
109 | # if this is a relocatable tac file, get the directory containing the TAC | ||
110 | if basedir == '.': | ||
111 | import os | ||
112 | basedir = os.path.abspath(os.path.dirname(__file__)) | ||
113 | |||
114 | # note: this line is matched against to check that this is a buildmaster | ||
115 | # directory; do not edit it. | ||
116 | application = service.Application('buildmaster') | ||
117 | from twisted.python.logfile import LogFile | ||
118 | from twisted.python.log import ILogObserver, FileLogObserver | ||
119 | logfile = LogFile.fromFullPath(os.path.join(basedir, "twistd.log"), rotateLength=rotateLength, | ||
120 | maxRotatedFiles=maxRotatedFiles) | ||
121 | application.setComponent(ILogObserver, FileLogObserver(logfile).emit) | ||
122 | |||
123 | m = BuildMaster(basedir, configfile, umask) | ||
124 | m.setServiceParent(application) | ||
125 | m.log_rotation.rotateLength = rotateLength | ||
126 | m.log_rotation.maxRotatedFiles = maxRotatedFiles | ||
127 | ''; | ||
93 | in '' | 128 | in '' |
94 | install -m 0755 -o buildbot -g buildbot -d /run/buildbot/ | 129 | install -m 0755 -o buildbot -g buildbot -d /run/buildbot/ |
95 | install -m 0755 -o buildbot -g buildbot -d ${varDir} | 130 | install -m 0755 -o buildbot -g buildbot -d ${varDir} |
96 | if [ ! -f ${varDir}/${project.name}/buildbot.tac ]; then | 131 | if [ ! -f ${varDir}/${project.name}/buildbot.tac ]; then |
97 | $wrapperDir/sudo -u buildbot ${buildbot}/bin/buildbot create-master -c "${master-cfg}" "${varDir}/${project.name}" | 132 | $wrapperDir/sudo -u buildbot ${buildbot}/bin/buildbot create-master -c "${master-cfg}" "${varDir}/${project.name}" |
98 | rm -f ${varDir}/${project.name}/master.cfg.sample | 133 | rm -f ${varDir}/${project.name}/master.cfg.sample |
134 | rm -f ${varDir}/${project.name}/buildbot.tac | ||
99 | fi | 135 | fi |
100 | install -Dm600 -o buildbot -g buildbot -T ${puppet_notify} ${varDir}/puppet_notify | 136 | ln -sf ${tac_file} ${varDir}/${project.name}/buildbot.tac |
137 | install -Dm600 -o buildbot -g buildbot -T ${buildbot_key} ${varDir}/buildbot_key | ||
101 | buildbot_secrets=${varDir}/${project.name}/secrets | 138 | buildbot_secrets=${varDir}/${project.name}/secrets |
102 | install -m 0600 -o buildbot -g buildbot -d $buildbot_secrets | 139 | install -m 0600 -o buildbot -g buildbot -d $buildbot_secrets |
103 | echo "${myconfig.env.buildbot.ldap.password}" > $buildbot_secrets/ldap | 140 | echo "${myconfig.env.buildbot.ldap.password}" > $buildbot_secrets/ldap |
@@ -119,7 +156,7 @@ in | |||
119 | project_env = lib.attrsets.mapAttrs' (k: v: lib.attrsets.nameValuePair "BUILDBOT_${k}" v) project.environment; | 156 | project_env = lib.attrsets.mapAttrs' (k: v: lib.attrsets.nameValuePair "BUILDBOT_${k}" v) project.environment; |
120 | buildbot_config = pkgsNext.python3Packages.buildPythonPackage (rec { | 157 | buildbot_config = pkgsNext.python3Packages.buildPythonPackage (rec { |
121 | name = "buildbot_config-${project.name}"; | 158 | name = "buildbot_config-${project.name}"; |
122 | src = "${./projects}/${project.name}"; | 159 | src = ./projects + "/${project.name}"; |
123 | format = "other"; | 160 | format = "other"; |
124 | installPhase = '' | 161 | installPhase = '' |
125 | mkdir -p $out/${pkgsNext.python3.pythonForBuild.sitePackages} | 162 | mkdir -p $out/${pkgsNext.python3.pythonForBuild.sitePackages} |