aboutsummaryrefslogtreecommitdiff
path: root/nixos
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2022-10-18 16:08:43 +0200
committerKarel Kočí <cynerd@email.cz>2022-10-18 16:08:43 +0200
commitad84020ba4c3dc60ac9d4a28cd81a32576af5bb3 (patch)
treef5775559375341c8904be946233ebc808641bc32 /nixos
parent457120e85acd089f8f734aa6465be01eec3f8943 (diff)
downloadnixos-personal-ad84020ba4c3dc60ac9d4a28cd81a32576af5bb3.tar.gz
nixos-personal-ad84020ba4c3dc60ac9d4a28cd81a32576af5bb3.tar.bz2
nixos-personal-ad84020ba4c3dc60ac9d4a28cd81a32576af5bb3.zip
nixos/machine/mrpump: Gitlab CI
Diffstat (limited to 'nixos')
-rw-r--r--nixos/default.nix6
-rw-r--r--nixos/machine/default.nix4
-rw-r--r--nixos/machine/mrpump.nix118
-rw-r--r--nixos/modules/develop.nix2
-rw-r--r--nixos/modules/generic.nix5
5 files changed, 117 insertions, 18 deletions
diff --git a/nixos/default.nix b/nixos/default.nix
index 72eae65..64593bb 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -1,9 +1,9 @@
-nixpkgs:
+self:
let
- modules = import ./modules nixpkgs;
- machines = import ./machine;
+ modules = import ./modules self.inputs.nixpkgs;
+ machines = import ./machine self;
in modules // machines // {
default = { imports = builtins.attrValues modules; };
diff --git a/nixos/machine/default.nix b/nixos/machine/default.nix
index 2efe2da..801d0a4 100644
--- a/nixos/machine/default.nix
+++ b/nixos/machine/default.nix
@@ -1,4 +1,4 @@
-{
+self: {
machine-albert = import ./albert.nix;
machine-binky = import ./binky.nix;
machine-dean = import ./dean.nix;
@@ -7,7 +7,7 @@
machine-susan = import ./susan.nix;
machine-lipwig = import ./lipwig.nix;
- machine-mrpump = import ./mrpump.nix;
+ machine-mrpump = import ./mrpump.nix self;
machine-gaspode = import ./gaspode.nix;
diff --git a/nixos/machine/mrpump.nix b/nixos/machine/mrpump.nix
index 99ce26d..97853d4 100644
--- a/nixos/machine/mrpump.nix
+++ b/nixos/machine/mrpump.nix
@@ -1,22 +1,118 @@
-{ config, lib, pkgs, ... }:
+self: { config, lib, pkgs, ... }:
+with builtins;
with lib;
{
- config = {
- # Gitlab worker
- services.gitlab-runner = {
+ config = let
+
+ localNix = import (self.inputs.nix.outPath + "/docker.nix") {
+ pkgs = pkgs;
+ name = "local/nix";
+ tag = "latest";
+ bundleNixpkgs = false;
+ nixConf = {
+ cores = "0";
+ experimental-features = [ "nix-command" "flakes" ];
+ };
+ };
+ localNixDaemon = pkgs.dockerTools.buildLayeredImage {
+ fromImage = localNix;
+ name = "local/nix-daemon";
+ tag = "latest";
+ config = {
+ Volumes = {
+ "/nix/store" = { };
+ "/nix/var/nix/db" = { };
+ "/nix/var/nix/daemon-socket" = { };
+ };
+ };
+ maxLayers = 125;
+ };
+
+ in {
+
+ # Docker for the gitlab runner
+ virtualisation.docker = {
enable = true;
- services.docker = {
- registrationConfigFile = "/run/secrets/gitlab-runner-registration";
- tagList = ["docker"];
- runUntagged = true;
- executor = "docker";
- dockerImage = "alpine";
- description = "Docker runner";
+ autoPrune = {
+ enable = true;
+ dates = "daily";
+ };
+ };
+ users.users.cynerd.extraGroups = [ "docker" ];
+
+ # Common container for the Gitlab Nix runner
+ virtualisation.oci-containers = {
+ backend = "docker";
+ containers.gitlabnix = {
+ imageFile = localNixDaemon;
+ image = "local/nix-daemon:latest";
+ cmd = ["nix" "daemon"];
+ };
+ };
+
+ # Gitlab runner
+ systemd.services.gitlab-runner.serviceConfig = let
+ config = (pkgs.formats.toml{}).generate "gitlab-runner.toml" {
+ concurent = 1;
+ session_server = {
+ session_timeout = 1800;
+ };
+ runners = [
+ {
+ name = "MrPump Docker (LogC)";
+ url = "https://gitlab.com";
+ id = 18138767;
+ token = "@TOKEN_LOGC_DOCKER@";
+ executor = "docker";
+ docker = {
+ image = "alpine";
+ };
+ }
+ {
+ name = "MrPump Nix (LogC)";
+ url = "https://gitlab.com";
+ id = 18139391;
+ token = "@TOKEN_LOGC_NIX@";
+ executor = "docker";
+ docker = {
+ image = "local/nix:latest";
+ allowed_images = ["local/nix:latest"];
+ pull_policy = "never";
+ allowed_pull_policies = ["never"];
+ volumes_from = ["gitlabnix:ro"];
+ };
+ environment = [
+ "NIX_REMOTE=daemon"
+ "ENV=/etc/profile.d/nix-daemon.sh"
+ "BASH_ENV=/etc/profile.d/nix-daemon.sh"
+ ];
+ # TODO for some reason the /tmp seems to be missing
+ pre_build_script = ''
+ mkdir -p /tmp
+ '';
+ }
+ ];
};
+ configPath = "$HOME/.gitlab-runner/config.toml";
+ configureScript = pkgs.writeShellScript "gitlab-runner-configure" ''
+ docker load < ${localNix}
+ mkdir -p $(dirname ${configPath})
+ ${pkgs.gawk}/bin/awk '{
+ for(varname in ENVIRON)
+ gsub("@"varname"@", ENVIRON[varname])
+ print
+ }' "${config}" > "${configPath}"
+ chown -R --reference=$HOME $(dirname ${configPath})
+ '';
+ in {
+ EnvironmentFile = "/run/secrets/gitlab-runner.env";
+ ExecStartPre = mkForce "!${configureScript}";
+ ExecReload = mkForce "!${configureScript}";
};
+ services.gitlab-runner.enable = true;
};
diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix
index 76f0d71..2360cda 100644
--- a/nixos/modules/develop.nix
+++ b/nixos/modules/develop.nix
@@ -96,7 +96,7 @@ in {
dfeet
# Documentation
- man-pages man-pages-posix
+ man-pages man-pages-posix linux-manual
];
documentation.dev.enable = true;
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix
index fb2879c..a7816ed 100644
--- a/nixos/modules/generic.nix
+++ b/nixos/modules/generic.nix
@@ -45,7 +45,7 @@ in {
git # We need git for this repository to even work
# Administration tools
#coreutils moreutils binutils psmisc progress lshw file
- coreutils binutils psmisc progress lshw file
+ coreutils binutils psmisc progress lshw file vde2
ldns wget
gnumake
exfat exfatprogs
@@ -136,6 +136,9 @@ in {
substituteAll ${./nixos-system.sh} $out/bin/nixos-system
chmod +x $out/bin/nixos-system
'';
+
+ programs.fuse.userAllowOther = true;
+
};
}