[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: hydra: Update the dover configuration for the berlin build farm.
|
From: |
Andreas Enge |
|
Subject: |
01/01: hydra: Update the dover configuration for the berlin build farm. |
|
Date: |
Tue, 13 Apr 2021 16:26:10 -0400 (EDT) |
andreas pushed a commit to branch wip-dover
in repository maintenance.
commit c705a726c2b71e5067f1efd53f12329933593075
Author: Andreas Enge <andreas@enge.fr>
AuthorDate: Sat Mar 27 17:01:51 2021 +0100
hydra: Update the dover configuration for the berlin build farm.
* hydra/dover.scm (berlin-peer): New variable.
(%authorized-guix-keys): Disable bayfront.
(%accounts): Add Mathieu.
(operating-system): Add cuirass-remote-worker-service-type and
wireguard-configuration. Enable substitutes. Add Mathieu's ssh key.
---
hydra/dover.scm | 29 ++++++++++++++++++++++++-----
1 file changed, 24 insertions(+), 5 deletions(-)
diff --git a/hydra/dover.scm b/hydra/dover.scm
index 784687e..16be9b2 100644
--- a/hydra/dover.scm
+++ b/hydra/dover.scm
@@ -1,10 +1,10 @@
;; GuixSD configuration file for the SoftIron OverDrive 1000 build machines.
;; Copyright © 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
-;; Copyright © 2019 Andreas Enge <andreas@enge.fr`
+;; Copyright © 2019, 2021 Andreas Enge <andreas@enge.fr`
;; Released under the GNU GPLv3 or any later version.
(use-modules (guix) (gnu))
-(use-service-modules networking mcron ssh)
+(use-service-modules networking mcron ssh avahi cuirass vpn)
(use-package-modules screen ssh linux vim)
(define (sysadmin name full-name)
@@ -20,6 +20,7 @@
(sysadmin "rekado" "Ricardo Wurmus")
(sysadmin "andreas" "Andreas Enge")
(sysadmin "dannym" "Danny Milosavljevic")
+ (sysadmin "mathieu" "Mathieu Othacehe")
(user-account
(name "hydra")
(comment "Hydra User")
@@ -33,8 +34,7 @@
(define %authorized-guix-keys
;; List of authorized 'guix archive' keys.
- (list (local-file "keys/guix/berlin.guixsd.org-export.pub")
- (local-file "keys/guix/bayfront.guix.info-export.pub")))
+ (list (local-file "keys/guix/berlin.guixsd.org-export.pub")))
(define gc-job
;; Run 'guix gc' at 3AM every day.
@@ -47,6 +47,13 @@
(string-append #$btrfs-progs "/bin/btrfs balance "
"start -dusage=50 -musage=70 /")))
+(define berlin-peer
+ (wireguard-peer
+ (name "peer")
+ (endpoint "ci.guix.gnu.org:51820")
+ (public-key "wOIfhHqQ+JQmskRS2qSvNRgZGh33UxFDi8uuSXOltF0=")
+ (allowed-ips '("10.0.0.1/32"))))
+
;; The actual machine.
(operating-system
@@ -82,6 +89,7 @@
("rekado" ,(local-file "keys/ssh/rekado.pub"))
("andreas" ,(local-file
"keys/ssh/andreas.pub"))
("dannym" ,(local-file "keys/ssh/dannym.pub"))
+ ("mathieu" ,(local-file
"keys/ssh/mathieu.pub"))
("root" ,(local-file
"keys/ssh/andreas.pub"))))))
(service dhcp-client-service-type)
(service mcron-service-type
@@ -97,11 +105,22 @@
(service ntp-service-type)
+ (service avahi-service-type)
+ (service cuirass-remote-worker-service-type
+ (cuirass-remote-worker-configuration
+ (workers 2)
+ (server "10.0.0.1:5555") ;berlin
+ (systems '("armhf-linux" "aarch64-linux"))))
+ (service wireguard-service-type
+ (wireguard-configuration
+ (addresses '("10.0.0.4/32"))
+ (peers (list berlin-peer))))
+
(modify-services %base-services
(guix-service-type config =>
(guix-configuration
(inherit config)
- (use-substitutes? #f)
+ (use-substitutes? #t)
(max-silent-time 7200)
(authorized-keys
%authorized-guix-keys))))))