nixos-config/configs/workhorse/jenkins.nix

200 lines
6.7 KiB
Nix
Raw Normal View History

2019-10-24 02:20:38 +02:00
{ config, lib, pkgs, ... }:
with lib;
let
library = import ../../library { inherit pkgs lib; };
2019-10-24 02:20:38 +02:00
sync-repo = library.jenkins.syncJob;
job = library.jenkins.job;
in {
environment.systemPackages = [ pkgs.cabal-install ];
services.nginx = {
enable = true;
virtualHosts = {
"jenkins.${config.networking.hostName}.private" = {
locations."/" = {
2019-12-20 05:54:26 +01:00
proxyPass =
"http://localhost:${toString config.services.jenkins.port}";
2019-10-24 02:20:38 +02:00
extraConfig = ''
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90;
2019-12-20 05:54:26 +01:00
proxy_redirect http://localhost:${
toString config.services.jenkins.port
} https://jenkins.${config.networking.hostName}.private/;
2019-10-24 02:20:38 +02:00
'';
};
};
};
};
krops.userKeys."accessToken" = {
user = "jenkins";
source = toString <secrets/jenkins/accessToken>;
requiredBy = [ "jenkins-job-builder.service" ];
};
services.jenkins = {
enable = true;
home = "/home/jenkins";
port = 10420;
# Plugins to Install:
# - all the plugins recommended at the setup
# - Build pipeline
# - SSH Agent
2020-03-25 07:20:47 +01:00
# - mattermost plugin
2019-10-24 02:20:38 +02:00
jobBuilder = {
enable = true;
# create an access token in the admin users panel
accessTokenFile = config.krops.userKeys."accessToken".target;
accessUser = "admin";
# https://docs.openstack.org/infra/jenkins-job-builder/definition.html#modules
2019-12-20 05:54:26 +01:00
nixJobs = let
# ssh username + key
gogs-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2";
# ssh username + key
github-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2";
# ssh username + key
sshSputnik = "d91eb57c-5bff-434c-b317-68aad46848d7";
sync-to-github = name: source: target:
sync-repo name {
url = source;
credentialsId = gogs-id;
} {
url = target;
credentialsId = github-id;
};
in [
(job "sync-retiolum" {
url = "git@github.com:krebs/retiolum.git";
2019-10-24 02:20:38 +02:00
credentialsId = github-id;
2019-12-20 05:54:26 +01:00
triggers = [{ timed = "H/30 * * * *"; }];
} [
{
"Download Files" = [
"chmod 755 hosts"
"chmod 755 -R hosts"
''
nix-shell -p curl -p gnutar -p bzip2 --run "curl https://lassul.us/retiolum-hosts.tar.bz2 | tar xvjf - || true"''
"chmod 755 -R etc.hosts"
''
nix-shell -p curl --run "curl https://lassul.us/retiolum.hosts > etc.hosts || true"''
];
}
{
"update repo" = [
2019-10-24 02:20:38 +02:00
''nix-shell -p git --run "git add ."''
2019-12-20 05:54:26 +01:00
''
nix-shell -p git --run "git -c user.name=\'Ingolf Wagner\' -c user.email=\'contact@ingolf-wagner.de\' commit -m update-`date +%Y-%m-%dT%H:%M:%S` || exit 0"''
];
}
{
Push = [{
script = ''nix-shell -p git --run "git push origin master"'';
credentialsId = github-id;
}];
}
])
(job "test-taskninja" {
url = "ssh://gogs@workhorse.private:2222/palo/taskninja.git";
credentialsId = gogs-id;
} [
{
"Create Shell" = [
''
nix-shell -p cabal2nix --run "cabal2nix --shell file://. > jenkins.nix"''
];
}
{ Update = [ ''nix-shell ./jenkins.nix --run "cabal update"'' ]; }
{
Configure = [
2019-10-24 02:20:38 +02:00
''nix-shell ./jenkins.nix --run "cabal configure --enable-tests"''
2019-12-20 05:54:26 +01:00
''
nix-shell ./jenkins.nix --run "cabal install --only-dependencies"''
];
}
{ Build = [ ''nix-shell ./jenkins.nix --run "cabal build"'' ]; }
{ Test = [ ''nix-shell ./jenkins.nix --run "cabal test"'' ]; }
])
# sync to github
# --------------
(sync-to-github "sync-radiodj"
2020-03-27 10:12:14 +01:00
"ssh://gogs@workhorse.private:2222/crashburn_radio/radio-dj2.git"
2019-10-24 02:20:38 +02:00
"git@github.com:crashburn-radio/radio-dj.git")
2020-03-27 10:12:14 +01:00
(sync-to-github "sync-radiodj-tracks"
"ssh://gogs@workhorse.private:2222/crashburn_radio/radio-dj-tracks.git"
"git@github.com:crashburn-radio/radio-dj-tracks.git")
2019-10-24 02:20:38 +02:00
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-krops-module"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/nix-modules/krops.git"
"git@github.com:mrVanDalo/module.krops.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-cluster-module"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/nix-modules/cluster.git"
"git@github.com:mrVanDalo/module.cluster.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-backup-module"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/nix-modules/backup.git"
"git@github.com:mrVanDalo/module.backup.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-module-tinc"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/palo/nixos-tinc.git"
"git@github.com:mrVanDalo/nixos-tinc.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-memo"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/palo/memo.git"
"git@github.com:mrVanDalo/memo.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-diagrams-template"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/palo/diagrams-template.git"
"git@github.com:mrVanDalo/diagrams.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-plops"
2019-10-24 02:20:38 +02:00
"ssh://gogs@workhorse.private:2222/palo/plops.git"
"git@github.com:mrVanDalo/plops.git")
2019-12-20 05:54:26 +01:00
(sync-to-github "sync-image-generator"
2020-02-18 06:31:45 +01:00
"ssh://gogs@workhorse.private:2222/palo/image-generator2.git"
2019-10-24 02:20:38 +02:00
"git@github.com:mrVanDalo/image-generator.git")
2020-02-18 06:31:45 +01:00
(sync-to-github "sync-image-generator-lib"
"ssh://gogs@workhorse.private:2222/palo/image-generator-lib.git"
"git@github.com:mrVanDalo/image-generator-examples.git")
2019-12-22 03:08:01 +01:00
(sync-to-github "sync-tech.ingolf-wagner.de"
"ssh://gogs@workhorse.private:2222/palo/tech.ingolf-wagner.de.git"
"git@github.com:mrVanDalo/tech.ingolf-wagner.de.git")
2019-12-23 03:36:18 +01:00
(sync-to-github "sync-LineageOS-build"
"ssh://gogs@git.ingolf-wagner.de:443/palo/LineagoOS-build.git"
"git@github.com:mrVanDalo/LineagoOS-build.git")
2020-03-15 14:49:39 +01:00
(sync-to-github "sync-http-errors"
"ssh://gogs@git.ingolf-wagner.de:443/palo/http-errors.git"
"git@github.com:mrVanDalo/http-errors.git")
2020-06-01 19:47:01 +02:00
(sync-to-github "sync-light-control"
"ssh://gogs@git.ingolf-wagner.de:443/palo/light-control.git"
"git@github.com:mrVanDalo/light-control.git")
2019-12-20 05:54:26 +01:00
];
2019-10-24 02:20:38 +02:00
};
};
}