CD2H gitForager

typeable/nixops-typeable

Name: nixops-typeable

Owner: TypeableIO

Description: null

Created: 2017-12-29 08:08:09.0

Updated: 2017-12-29 08:19:16.0

Pushed: 2018-03-09 20:53:10.0

Homepage: null

Size: 40

Language: Nix

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

nixops-typeable

Nixops expressions to deploy Hydra build system to Virtualbox and Google Compute Engine.

Hydra web interface is available at the default 3000 port.

Hydra machine also serves a Nix binary cache at 5000 port with the results of the builds. /etc/nix/nix.conf below is an example of how to add extra binary cache to Nix.

ry-caches = http://hydra-machine:5000/
ted-binary-caches = http://hydra-machine:5000/
ry-cache-public-keys = hydra.example.org-1:E0fClLowP/HkAxDC8syrbuklhITqXxEbHM6AsfICQQ0=

Deploy to Virtualbox

Generate buildfarm key in a repository root:

h-keygen -t ed25519 -C "buildfarm@hydra" -N "" -f id_buildfarm

Default configuration contains two virtual machines, a Hydra master with a singe worker machine:

ps create -d vydra modules/hydra/hydra-vbox.nix
ps deploy -d vydra

Deploy to Google Compute Engine

Deployment to GCE creates a single Hydra server with hydra-provisioner service which will spawn workers based on the state of Hydra build queue.

Deploy with environment variables set (see authentication below):

ps create -d gydra modules/hydra/hydra-gce.nix
ps deploy -d gydra

Google Compute Engine Authentication

GCE authentication requires following env variables:

GCE_PROJECT - project id my-project-xxxxxx
GCE_SERVICE_ACCOUNT - IAM service account id xxxxxx@my-project-xxxxxxx.iam.gserviceaccount.com
ACCESS_KEY_PATH - path to key in PEM format

GCE generates private key in the PKCS12 format, you'll need to convert the key to PEM format by running the following command:

enssl pkcs12 -in pkey.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out pkey.pem

Nixops options

Nixops expression also have some tunable parameters. See modules/hydra/hydra-gce.nix for relevant options.

Set options with nixops set-args, for example:

xops set-args -d gydra --argstr gceInstanceType "n1-standard-1"

To see current options of the deployment:

xops info -d gydra

Basic http authentication

Enable basic http authentication for the site with

xops set-args -d gydra --arg gceBasicHttpAuthEnabled true

To generate credentials file run:

 "myuser:$(openssl passwd -crypt mypassword)" > /tmp/htpasswd

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.