Unify Hydra's NixOS module with the one used for hydra.nixos.org

[?]
Jul 1, 2015, 11:01 PM
TTZ26BJQKIASUK7MT6KGQOIOOHEYWNV4UASO2ZQWGK4ADGK6SR6QC

Dependencies

  • [2] KNJ6Y5FZ hydra-module.nix: Use -p instead of HYDRA_PORT
  • [3] KVDOL4OZ hydra-module: Don't rely on su being available.
  • [4] G2RULGMM hydra-module: add config.extraEnv
  • [5] 25ZWSE7T hydra-server.service: Shut up warning about the terminal size being unknown
  • [6] LKRD3SHE Allow a different state directory for hydra-server
  • [7] F6LZSPNC Give services.hydra.package a reasonable default
  • [8] 4HDPYRJ6 Update the hydra-queue-runner unit
  • [9] PID2JI77 Add a unit for hydra-send-stats
  • [10] 5KYQ4PNG Fix type
  • [11] LLCM5ADW The new queue runner requires "hydra" to be a trusted Nix user
  • [12] E3M46H7T Keep session state across hydra-server restarts
  • [13] IE2PRAQU hydra-queue-runner: Send build notifications
  • [14] BBF7ZJWH hydra-module.nix: Use startAt
  • [15] ZVGQP2SX hydra-module: Add a `logo' option.
  • [16] ZYEFL36Q Ported/merged properties from the TUD configuration's hydra-module
  • [17] 7XOH2DGH hydra-module.nix: Give types to options
  • [18] HSVVEKTY * Start of a JSON API to get information about a specific build.
  • [19] 5DEWIOO4 hydra-module.nix: Export the HYDRA_* environment variables
  • [20] EKHL23VI Keep sessions for a week
  • [21] 4J33F22T hydra-module.nix: Make it possible to add extra config lines
  • [22] J57PR4O3 hydra-module: Allow to specify the listen host.
  • [23] X6XVDE2C hydra-module: Set GIT_SSL_CAINFO for git over https
  • [24] EE5RRP3X hydra-module.nix: Make services require hydra-init
  • [25] JKX7AAB6 hydra-module.nix: Remove log compression which is a local policy
  • [26] ASPNI2AO hydra-module.nix: Automatically create postgres db user for hydra and an admin hydra account
  • [27] KMPLMG7T hydra-module.nix: Cleanup
  • [28] INUGMXTG hydra-module: Add a `port' option.
  • [29] K5G5GZY7 Guard against concurrent invocations of hydra-queue-runner
  • [30] UYOMSOGJ hydra-module/compressLogs: Avoid creating /root/r.
  • [31] BT6SNXUA Add an option to run the hydra server in debug mode
  • [32] GS4BE6TB Asynchronously compress build logs
  • [33] 3PNG7NIB Remove trailing whitespace
  • [34] T4DBPQOF hydra-module: Run hydra-init during hydra-init.service
  • [35] V4R3SIRM hydra-module.nix: Don't use a password
  • [36] F3M47DHJ hydra-module.nix: More paranoid permissions on the data directory
  • [37] D3MDJONY
  • [38] PMDWFZHW hydra-module.nix: Fix setting the logo
  • [39] L62I7CPI Don't put ssmtp in hydra's paths
  • [40] 3FTM52B2 hydra-module: Always GC to have at least 100 GiB available.
  • [*] ALLSLBFX Whoops
  • [*] 24BMQDZA Start of single-process hydra-queue-runner
  • [*] J5UVLXOK * Start of a basic Catalyst web interface.

Change contents

  • edit in hydra-module.nix at line 6
    [12.46]
    [12.46]
  • replacement in hydra-module.nix at line 15
    [12.40][12.40:129]()
    HYDRA_CONFIG = "${baseDir}/data/hydra.conf";
    HYDRA_DATA = "${baseDir}/data";
    [12.40]
    [12.129]
    HYDRA_CONFIG = "${baseDir}/hydra.conf";
    HYDRA_DATA = "${baseDir}";
  • replacement in hydra-module.nix at line 21
    [12.204][12.204:267](),[12.267][12.0:55]()
    OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt";
    GIT_SSL_CAINFO = "/etc/ssl/certs/ca-bundle.crt";
    [12.37]
    [4.0]
    SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
    PGPASSFILE = "${baseDir}/pgpass";
  • edit in hydra-module.nix at line 27
    [12.35]
    [42.0]
    COLUMNS = "80";
  • edit in hydra-module.nix at line 29
    [42.62]
    [12.498]
    localDB = "dbi:Pg:dbname=hydra;user=hydra;";
    haveLocalDB = cfg.dbi == localDB;
  • replacement in hydra-module.nix at line 52
    [10.26][12.0:53](),[12.57][12.0:53]()
    default = "dbi:Pg:dbname=hydra;user=hydra;";
    [10.26]
    [12.53]
    default = localDB;
  • replacement in hydra-module.nix at line 92
    [12.265][12.1637:1658](),[12.1637][12.1637:1658]()
    default = 5;
    [12.265]
    [12.1658]
    default = 0;
  • replacement in hydra-module.nix at line 100
    [12.389][12.1845:1866](),[12.1845][12.1845:1866]()
    default = 2;
    [12.389]
    [12.1866]
    default = 0;
  • replacement in hydra-module.nix at line 125
    [12.296][12.296:371]()
    File name of an alternate logo to be displayed on the web pages.
    [12.296]
    [12.371]
    Path to a file containing the logo of your Hydra instance.
  • replacement in hydra-module.nix at line 132
    [12.603][12.154:219](),[12.154][12.154:219]()
    description = "Whether to run the server in debug mode";
    [12.603]
    [12.615]
    description = "Whether to run the server in debug mode.";
  • replacement in hydra-module.nix at line 137
    [12.121][12.121:179]()
    description = "Extra lines for the hydra config";
    [12.121]
    [12.179]
    description = "Extra lines for the Hydra configuration.";
  • replacement in hydra-module.nix at line 143
    [4.126][4.126:189]()
    description = "Extra environment variables for Hydra";
    [4.126]
    [4.189]
    description = "Extra environment variables for Hydra.";
  • edit in hydra-module.nix at line 153
    [12.2592]
    [7.0]
    users.extraGroups.hydra = { };
    users.extraUsers.hydra =
    { description = "Hydra";
    group = "hydra";
    createHome = true;
    home = baseDir;
    useDefaultShell = true;
    };
    users.extraUsers.hydra-queue-runner =
    { description = "Hydra queue runner";
    group = "hydra";
    useDefaultShell = true;
    };
  • edit in hydra-module.nix at line 170
    [7.1]
    [7.1]
    users.extraUsers.hydra-www =
    { description = "Hydra web server";
    group = "hydra";
    useDefaultShell = true;
    };
    nix.trustedUsers = [ "hydra-queue-runner" ];
  • edit in hydra-module.nix at line 195
    [12.197][12.191:251](),[12.2641][12.191:251](),[12.251][12.0:24](),[12.24][12.2750:2809](),[12.2750][12.2750:2809](),[12.2809][12.25:34](),[12.34][12.87:88](),[12.87][12.87:88]()
    users.extraUsers.hydra =
    { description = "Hydra";
    home = baseDir;
    createHome = true;
    useDefaultShell = true;
    };
  • edit in hydra-module.nix at line 203
    [12.3610][11.0:37]()
    nix.trustedUsers = [ "hydra" ];
  • replacement in hydra-module.nix at line 210
    [3.22][12.0:43](),[12.927][12.0:43](),[12.43][12.100:195](),[12.287][12.100:195](),[12.195][12.131:208]()
    mkdir -m 0700 -p ${baseDir}/data
    chown hydra ${baseDir}/data
    ln -sf ${hydraConf} ${baseDir}/data/hydra.conf
    ${optionalString (cfg.dbi == "dbi:Pg:dbname=hydra;user=hydra;") ''
    [3.22]
    [12.208]
    mkdir -p ${baseDir}
    chown hydra.hydra ${baseDir}
    chmod 0750 ${baseDir}
    ln -sf ${hydraConf} ${baseDir}/hydra.conf
    mkdir -m 0700 -p /var/lib/hydra/www
    chown hydra-www.hydra /var/lib/hydra/www
    mkdir -m 0700 -p /var/lib/hydra/queue-runner
    mkdir -m 0750 -p /var/lib/hydra/build-logs
    chown hydra-queue-runner.hydra /var/lib/hydra/queue-runner /var/lib/hydra/build-logs
    ${optionalString haveLocalDB ''
  • replacement in hydra-module.nix at line 242
    [12.1129][5.0:56]()
    environment = serverEnv // { COLUMNS = "80"; };
    [12.1129]
    [12.1162]
    environment = serverEnv;
  • replacement in hydra-module.nix at line 248
    [2.272][12.330:358](),[12.397][12.330:358](),[12.436][12.330:358](),[12.923][12.330:358](),[12.1324][12.330:358]()
    User = "hydra";
    [2.272]
    [12.1353]
    User = "hydra-www";
    PermissionsStartOnly = true;
  • replacement in hydra-module.nix at line 261
    [12.1684][8.0:85]()
    { ExecStart = "@${cfg.package}/bin/hydra-queue-runner hydra-queue-runner";
    [12.1684]
    [8.85]
    { ExecStartPre = "${cfg.package}/bin/hydra-queue-runner --unlock";
    ExecStart = "@${cfg.package}/bin/hydra-queue-runner hydra-queue-runner";
  • replacement in hydra-module.nix at line 264
    [8.162][12.359:387](),[12.1086][12.359:387](),[12.1842][12.359:387]()
    User = "hydra";
    [8.162]
    [12.1871]
    User = "hydra-queue-runner";
  • replacement in hydra-module.nix at line 290
    [12.2664][12.0:27]()
    startAt = "02:15";
    [12.2664]
    [9.201]
    startAt = "2,14:15";
  • replacement in hydra-module.nix at line 303
    [12.5092][12.5092:5127](),[12.5127][12.89:286]()
    services.cron.systemCronJobs =
    let
    # If there is less than ... GiB of free disk space, stop the queue
    # to prevent builds from failing or aborting.
    checkSpace = pkgs.writeScript "hydra-check-space"
    [12.5092]
    [12.286]
    # If there is less than a certain amount of free disk space, stop
    # the queue/evaluator to prevent builds from failing or aborting.
    systemd.services.hydra-check-space =
    { script =
  • edit in hydra-module.nix at line 308
    [12.299][12.446:482]()
    #! ${pkgs.stdenv.shell}
  • replacement in hydra-module.nix at line 317
    [12.1511][12.1511:1520](),[12.1520][12.306:384](),[12.3089][12.1945:1956](),[12.1945][12.1945:1956]()
    in
    [ "*/5 * * * * root ${checkSpace} &> ${baseDir}/data/checkspace.log"
    ];
    [12.1286]
    [12.1956]
    startAt = "*:0/5";
    };
    services.postgresql.enable = mkIf haveLocalDB true;
    services.postgresql.identMap = optionalString haveLocalDB
    ''
    hydra-users hydra hydra
    hydra-users hydra-queue-runner hydra
    hydra-users hydra-www hydra
    hydra-users root hydra
    '';
    services.postgresql.authentication = optionalString haveLocalDB
    ''
    local hydra all ident map=hydra-users
    '';
  • edit in hydra-module.nix at line 336
    [12.1961]
    [12.1961]
  • replacement in src/hydra-queue-runner/hydra-queue-runner.cc at line 1571
    [12.227][12.227:276]()
    Path lockPath = hydraData + "/queue-runner";
    [12.227]
    [12.276]
    Path lockPath = hydraData + "/queue-runner/lock";
    createDirs(dirOf(lockPath));
  • replacement in src/lib/Hydra.pm at line 58
    [12.34][6.0:100]()
    storage => ($ENV{'HYDRA_SERVER_DATA'} // Hydra::Model::DB::getHydraPath) . "/session_data",
    [12.34]
    [12.69]
    storage => Hydra::Model::DB::getHydraPath . "/www/session_data",