Name: nixops-typeable
Owner: TypeableIO
Description: null
Created: 2017-12-29 08:08:09.0
Updated: 2017-12-29 08:19:16.0
Pushed: 2018-03-09 20:53:10.0
Homepage: null
Size: 40
Language: Nix
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Nixops expressions to deploy Hydra build system to Virtualbox and Google Compute Engine.
Hydra web interface is available at the default 3000 port.
Hydra machine also serves a Nix binary cache at 5000 port with the results of
the builds. /etc/nix/nix.conf
below is an example of how to add extra binary
cache to Nix.
ry-caches = http://hydra-machine:5000/
ted-binary-caches = http://hydra-machine:5000/
ry-cache-public-keys = hydra.example.org-1:E0fClLowP/HkAxDC8syrbuklhITqXxEbHM6AsfICQQ0=
Generate buildfarm key in a repository root:
h-keygen -t ed25519 -C "buildfarm@hydra" -N "" -f id_buildfarm
Default configuration contains two virtual machines, a Hydra master with a singe worker machine:
ps create -d vydra modules/hydra/hydra-vbox.nix
ps deploy -d vydra
Deployment to GCE creates a single Hydra server with hydra-provisioner
service
which will spawn workers based on the state of Hydra build queue.
Deploy with environment variables set (see authentication below):
ps create -d gydra modules/hydra/hydra-gce.nix
ps deploy -d gydra
GCE authentication requires following env variables:
GCE_PROJECT
- project id my-project-xxxxxx
GCE_SERVICE_ACCOUNT
- IAM service account id xxxxxx@my-project-xxxxxxx.iam.gserviceaccount.com
ACCESS_KEY_PATH
- path to key in PEM formatGCE generates private key in the PKCS12 format, you'll need to convert the key to PEM format by running the following command:
enssl pkcs12 -in pkey.p12 -passin pass:notasecret -nodes -nocerts | openssl rsa -out pkey.pem
Nixops expression also have some tunable parameters. See modules/hydra/hydra-gce.nix for relevant options.
Set options with nixops set-args
, for example:
xops set-args -d gydra --argstr gceInstanceType "n1-standard-1"
To see current options of the deployment:
xops info -d gydra
Enable basic http authentication for the site with
xops set-args -d gydra --arg gceBasicHttpAuthEnabled true
To generate credentials file run:
"myuser:$(openssl passwd -crypt mypassword)" > /tmp/htpasswd