mirrors/nix-darwin
mirrors/nix-darwin
1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-13 20:30:02 +00:00
Code Activity

Add hercules-ci-agent

Browse source
This commit is contained in:
Domen Kožar 2019-05-15 14:54:57 +07:00
parent 3ba909eb2d
commit fb0a1763f5
No known key found for this signature in database
GPG key ID: C2FFBCAFD2C24246
2 changed files with 105 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
modules/module-list.nix
View file

@ -33,6 +33,7 @@
./services/buildkite-agent.nix
./services/chunkwm.nix
./services/emacs.nix
./services/hercules-ci-agent
./services/khd
./services/kwm
./services/mail/offlineimap.nix

104
modules/services/hercules-ci-agent/default.nix Normal file
View file

@ -0,0 +1,104 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.hercules-ci-agent;
user = config.users.users.hercules-ci-agent;
in {
options.services.hercules-ci-agent = {
enable = mkOption {
type = types.bool;
default = false;
description = "Run Hercules CI Agent as a system service";
};
apiBaseUrl = mkOption {
description = "Alternative base URL for the Hercules API";
example = "https://hercules-ci.com";
default = null;
type = types.nullOr types.string;
};
clusterJoinTokenPath = mkOption {
description = ''
Location of a the cluster join token. It authorizes the agent to add
itself to the cluster that the token represents.
This file is only required to be present for the agent's first run. It
will be ignored after the agent has used the token successfully.
'';
type = types.path;
};
logFile = mkOption {
type = types.path;
default = "/var/log/hercules-ci-agent.log";
description = "Stdout and sterr of hercules-ci-agent process.";
};
concurrentTasks = mkOption {
description = "Number of tasks to perform simultaneously, such as evaluations, derivations";
type = types.int;
default = 4;
};
package = mkOption {
type = types.package;
default = (import (builtins.fetchTarball "https://github.com/hercules-ci/hercules-ci-agent/archive/stable.tar.gz")).nixos-19_03.hercules-ci-agent;
description = ''
Package containing the bin/hercules-ci-agent program.
'';
};
};
config = mkIf cfg.enable {
launchd.daemons.hercules-ci-agent = {
script = ''
exec ${cfg.package}/bin/hercules-ci-agent \
${if (cfg.apiBaseUrl == null) then "" else "--api-base-url ${escapeShellArg cfg.apiBaseUrl}"} \
--cluster-join-token-path ${escapeShellArg cfg.clusterJoinTokenPath} \
--concurrent-tasks ${toString cfg.concurrentTasks}
'';
path = [ config.nix.package ];
environment = {
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
serviceConfig.KeepAlive = true;
serviceConfig.RunAtLoad = true;
serviceConfig.StandardErrorPath = cfg.logFile;
serviceConfig.StandardOutPath = cfg.logFile;
serviceConfig.GroupName = "hercules-ci-agent";
serviceConfig.UserName = "hercules-ci-agent";
serviceConfig.WorkingDirectory = user.home;
serviceConfig.WatchPaths = [
cfg.clusterJoinTokenPath
];
};
system.activationScripts.preActivation.text = ''
touch '${cfg.logFile}'
chown ${toString user.uid}:${toString user.gid} '${cfg.logFile}'
'';
users.knownGroups = [ "hercules-ci-agent" ];
users.knownUsers = [ "hercules-ci-agent" ];
services.hercules-ci-agent.clusterJoinTokenPath = lib.mkDefault (user.home + "/agent-join-token.key");
users.users.hercules-ci-agent = {
uid = mkDefault 532;
gid = mkDefault config.users.groups.hercules-ci-agent.gid;
home = mkDefault "/var/lib/hercules-ci-agent";
createHome = true;
shell = "/bin/bash";
description = "System user for the Hercules CI Agent";
};
users.groups.hercules-ci-agent = {
gid = mkDefault 532;
description = "System group for the Hercules CI Agent";
};
};
}