d2b58dd39a
* nixos module included * install compiled binary * only one platform now * limited config options * relies on providing ssh keys for agent
101 lines
2.7 KiB
Nix
101 lines
2.7 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.buildkite-agent;
|
|
configFile = pkgs.writeText "buildkite-agent.cfg"
|
|
''
|
|
token="${cfg.token}"
|
|
name="${cfg.name}"
|
|
meta-data="${cfg.meta-data}"
|
|
hooks-path="${pkgs.buildkite-agent}/share/hooks"
|
|
build-path="/var/lib/buildkite-agent/builds"
|
|
bootstrap-script="${pkgs.buildkite-agent}/share/bootstrap.sh"
|
|
'';
|
|
in
|
|
|
|
{
|
|
options = {
|
|
services.buildkite-agent = {
|
|
enable = mkEnableOption "buildkite-agent";
|
|
|
|
token = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
The token from your Buildkite "Agents" page.
|
|
'';
|
|
};
|
|
|
|
name = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
The name of the agent.
|
|
'';
|
|
};
|
|
|
|
meta-data = mkOption {
|
|
type = types.str;
|
|
default = "";
|
|
description = ''
|
|
Meta data for the agent.
|
|
'';
|
|
};
|
|
|
|
openssh =
|
|
{ privateKey = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
Private agent key.
|
|
'';
|
|
};
|
|
publicKey = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
Public agent key.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf config.services.buildkite-agent.enable {
|
|
users.extraUsers.buildkite-agent =
|
|
{ name = "buildkite-agent";
|
|
home = "/var/lib/buildkite-agent";
|
|
createHome = true;
|
|
description = "Buildkite agent user";
|
|
};
|
|
|
|
environment.systemPackages = [ pkgs.buildkite-agent ];
|
|
|
|
systemd.services.buildkite-agent =
|
|
{ description = "Buildkite Agent";
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
environment.HOME = "/var/lib/buildkite-agent";
|
|
preStart = ''
|
|
${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/lib/buildkite-agent/.ssh
|
|
|
|
if ! [ -f /var/lib/buildkite-agent/.ssh/id_rsa ]; then
|
|
echo "${cfg.openssh.privateKey}" > /var/lib/buildkite-agent/.ssh/id_rsa
|
|
${pkgs.coreutils}/bin/chmod 600 /var/lib/buildkite-agent/.ssh/id_rsa
|
|
fi
|
|
|
|
if ! [ -f /var/lib/buildkite-agent/.ssh/id_rsa.pub ]; then
|
|
echo "${cfg.openssh.publicKey}" > /var/lib/buildkite-agent/.ssh/id_rsa.pub
|
|
${pkgs.coreutils}/bin/chmod 600 /var/lib/buildkite-agent/.ssh/id_rsa.pub
|
|
fi
|
|
'';
|
|
|
|
serviceConfig =
|
|
{ ExecStart = "${pkgs.buildkite-agent}/bin/buildkite-agent start --config ${configFile}";
|
|
User = "buildkite-agent";
|
|
RestartSec = 5;
|
|
Restart = "on-failure";
|
|
TimeoutSec = 10;
|
|
};
|
|
};
|
|
};
|
|
}
|