157 lines
5.1 KiB
Nix
157 lines
5.1 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
# patchScriptBin =
|
|
# {
|
|
# filename,
|
|
# contents,
|
|
# path ? [ ],
|
|
# }:
|
|
# ((pkgs.writeScriptBin filename contents).overrideAttrs (old: {
|
|
# buildInputs = [ pkgs.makeWrapper ];
|
|
# buildCommand = "${old.buildCommand}\n patchShebangs $out\nwrapProgram $out/bin/${filename} --prefix PATH : ${lib.makeBinPath path}";
|
|
# }));
|
|
nix_builder = pkgs.rustPlatform.buildRustPackage rec {
|
|
pname = "nix_builder";
|
|
version = "0.0.0";
|
|
|
|
src = pkgs.fetchgit {
|
|
url = "https://code.fizz.buzz/talexander/nix_builder.git";
|
|
# tag = version;
|
|
rev = "d0fc2331e7aadc8bdd98836b466172ac37628e7d";
|
|
hash = "sha256-V1DU9U4+k96KfGV9BTxKYjxLzV6tWvQPM+a+5NU94G8=";
|
|
leaveDotGit = false;
|
|
};
|
|
|
|
cargoLock = {
|
|
lockFile = "${src}/Cargo.lock";
|
|
};
|
|
|
|
meta = with lib; {
|
|
description = "A builder of nix configs for a build server.";
|
|
homepage = "https://code.fizz.buzz/talexander/nix_builder";
|
|
license = licenses.bsd0;
|
|
maintainers = [ ];
|
|
};
|
|
|
|
nativeBuildInputs = [ pkgs.makeWrapper ];
|
|
|
|
postInstall = ''
|
|
wrapProgram $out/bin/nix-builder --prefix PATH : ${
|
|
lib.makeBinPath [
|
|
pkgs.git
|
|
pkgs.nix
|
|
pkgs.nixos-rebuild
|
|
]
|
|
}
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
imports = [ ];
|
|
|
|
options.me = {
|
|
hydra.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
example = true;
|
|
description = "Whether we want to install hydra.";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf config.me.hydra.enable {
|
|
environment.systemPackages = with pkgs; [
|
|
nix_builder
|
|
sqlite # For manually inspecting the database.
|
|
];
|
|
|
|
environment.persistence."/persist" = lib.mkIf (config.me.mountPersistence) {
|
|
hideMounts = true;
|
|
users.nixworker = {
|
|
directories = [
|
|
{
|
|
directory = "persist";
|
|
user = "nixworker";
|
|
group = "nixworker";
|
|
mode = "0700";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
# Nix 2.30.0 (2025-07-07) changed the build directory from /tmp to /nix/var/nix/builds which broke a number of builds because my ZFS datasets were utf8only.
|
|
fileSystems."/home/nixworker/persist/root/nix/var/nix/builds" = {
|
|
device = "tmpfs";
|
|
fsType = "tmpfs";
|
|
options = [
|
|
"size=40G" # adjust for your situation and needs
|
|
"mode=700"
|
|
"uid=11400"
|
|
"gid=11400"
|
|
];
|
|
};
|
|
|
|
systemd.timers."build-cache" = {
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnCalendar = "*-*-* 03:00:00 America/New_York";
|
|
Unit = "build-cache.service";
|
|
};
|
|
};
|
|
|
|
systemd.services."build-cache" = {
|
|
script = ''
|
|
set -euo pipefail
|
|
IFS=$'\n\t'
|
|
DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"
|
|
|
|
NIX_REMOTE='local?root=/home/nixworker/persist/root' RUST_BACKTRACE=1 RUST_LOG=nix_builder=DEBUG ${nix_builder}/bin/nix-builder build --config ${./files/nix_builder.toml} --target odo --target odo_update --target odowork --target odowork_update --target quark --target quark_update --target hydra --target hydra_update --target controller0 --target controller0_update --target controller1 --target controller1_update --target controller2 --target controller2_update --target worker0 --target worker0_update --target worker1 --target worker1_update --target worker2 --target worker2_update --target family_disks --target family_disks_update
|
|
'';
|
|
restartIfChanged = false;
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
User = "nixworker";
|
|
# restartIfChanged = false;
|
|
# RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
|
|
LimitNOFILE = 8192;
|
|
};
|
|
};
|
|
|
|
# TODO: This should move into nix-builder so we can only run clean when builds are passing. Otherwise partial builds will lose progress.
|
|
# TODO: In nix-builder maybe include setting to auto delete to make room during builds if we run out of space, just in case builds are failing for a long time and prevent cleanup from running.
|
|
systemd.timers."clean-cache" = {
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnCalendar = "*-*-01 02:00:00 America/New_York";
|
|
Unit = "clean-cache.service";
|
|
};
|
|
};
|
|
|
|
systemd.services."clean-cache" = {
|
|
script = ''
|
|
set -euo pipefail
|
|
IFS=$'\n\t'
|
|
DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"
|
|
|
|
NIX_REMOTE='local?root=/home/nixworker/persist/root' nix-collect-garbage -d
|
|
'';
|
|
path = with pkgs; [
|
|
pkgs.nix
|
|
];
|
|
restartIfChanged = false;
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
User = "nixworker";
|
|
# restartIfChanged = false;
|
|
# RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
|
|
LimitNOFILE = 8192;
|
|
};
|
|
};
|
|
};
|
|
}
|