nixos-config/modules/hydra.nix

107 lines
3.2 KiB
Nix
Raw Normal View History

2022-06-12 16:39:15 +01:00
{
config,
pkgs,
lib,
...
}:
with lib; let
2022-02-18 16:58:36 +01:00
cfg = config.services.hydra;
baseDir = "/var/lib/hydra";
hydraConf = pkgs.writeScript "hydra.conf" cfg.extraConfig;
localDB = "dbi:Pg:dbname=hydra;user=hydra;";
haveLocalDB = cfg.dbi == localDB;
2022-06-12 16:39:15 +01:00
in {
2022-02-18 16:58:36 +01:00
###### interface
options = {
services.hydra = {
giteaTokenFile = mkOption {
type = with types; str;
default = "";
description = ''
Path to the gitea token secret
'';
example = literalExpression ''"/run/secrets/hydra/gitea-token"'';
};
2022-04-10 13:07:53 +01:00
githubTokenFile = mkOption {
type = with types; str;
default = "";
description = ''
Path to the github token secret
'';
example = literalExpression ''"/run/secrets/hydra/github-token"'';
};
2022-02-18 16:58:36 +01:00
};
};
config = mkIf cfg.enable {
2022-06-12 16:39:15 +01:00
systemd.services.hydra-init = {
preStart = lib.mkForce ''
mkdir -p ${baseDir}
chown hydra.hydra ${baseDir}
chmod 0750 ${baseDir}
cp ${hydraConf} ${baseDir}/hydra.conf
${
if (cfg.giteaTokenFile == "")
then ''
2022-02-18 16:58:36 +01:00
GITEA_TOKEN="#gitea_token#"
2022-06-12 16:39:15 +01:00
''
else ''
2022-02-18 16:58:36 +01:00
GITEA_TOKEN="$(head -n 1 ${cfg.giteaTokenFile})"
2022-06-12 16:39:15 +01:00
''
}
${
if (cfg.githubTokenFile == "")
then ''
2022-04-10 13:07:53 +01:00
GITHUB_TOKEN="#github_token#"
2022-06-12 16:39:15 +01:00
''
else ''
2022-04-10 13:07:53 +01:00
GITHUB_TOKEN="$(head -n 1 ${cfg.githubTokenFile})"
2022-06-12 16:39:15 +01:00
''
}
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
sed -i -e "s|#gitea_token#|$GITEA_TOKEN|" ${baseDir}/hydra.conf
sed -i -e "s|#github_token#|$GITHUB_TOKEN|" ${baseDir}/hydra.conf
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
mkdir -m 0700 -p ${baseDir}/www
chown hydra-www.hydra ${baseDir}/www
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
mkdir -m 0700 -p ${baseDir}/queue-runner
mkdir -m 0750 -p ${baseDir}/build-logs
chown hydra-queue-runner.hydra ${baseDir}/queue-runner ${baseDir}/build-logs
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
${optionalString haveLocalDB ''
if ! [ -e ${baseDir}/.db-created ]; then
${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createuser hydra
${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createdb -O hydra hydra
touch ${baseDir}/.db-created
fi
echo "create extension if not exists pg_trgm" | ${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} -- ${config.services.postgresql.package}/bin/psql hydra
''}
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
if [ ! -e ${cfg.gcRootsDir} ]; then
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
# Move legacy roots directory.
if [ -e /nix/var/nix/gcroots/per-user/hydra/hydra-roots ]; then
mv /nix/var/nix/gcroots/per-user/hydra/hydra-roots ${cfg.gcRootsDir}
2022-02-18 16:58:36 +01:00
fi
2022-06-12 16:39:15 +01:00
mkdir -p ${cfg.gcRootsDir}
fi
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
# Move legacy hydra-www roots.
if [ -e /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots ]; then
find /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots/ -type f \
| xargs -r mv -f -t ${cfg.gcRootsDir}/
rmdir /nix/var/nix/gcroots/per-user/hydra-www/hydra-roots
fi
2022-02-18 16:58:36 +01:00
2022-06-12 16:39:15 +01:00
chown hydra.hydra ${cfg.gcRootsDir}
chmod 2775 ${cfg.gcRootsDir}
'';
};
2022-02-18 16:58:36 +01:00
};
}