diff options
author | Alex Auvolat <alex@adnab.me> | 2023-01-04 10:06:06 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2023-01-04 10:06:06 +0100 |
commit | da78f3671e2bc532ec64069516fac0ff885c4d7b (patch) | |
tree | 79a4765afce877d0218712ba3df19c89be285cac /experimental/app | |
parent | 26f78872e6d94671381c2b199c643e43a81b8b7f (diff) | |
download | nixcfg-da78f3671e2bc532ec64069516fac0ff885c4d7b.tar.gz nixcfg-da78f3671e2bc532ec64069516fac0ff885c4d7b.zip |
staging: deploy things on bespin
Diffstat (limited to 'experimental/app')
-rw-r--r-- | experimental/app/drone-ci-runner/deploy/bad-runner-vm.hcl | 48 | ||||
-rw-r--r-- | experimental/app/drone-ci-runner/deploy/runner-docker.hcl | 91 |
2 files changed, 139 insertions, 0 deletions
diff --git a/experimental/app/drone-ci-runner/deploy/bad-runner-vm.hcl b/experimental/app/drone-ci-runner/deploy/bad-runner-vm.hcl new file mode 100644 index 0000000..7c3a7e2 --- /dev/null +++ b/experimental/app/drone-ci-runner/deploy/bad-runner-vm.hcl @@ -0,0 +1,48 @@ +job "drone-runner" { + datacenters = ["neptune"] + type = "system" + + group "runner-vm" { + network { + port "ssh" { + static = 22544 + } + } + + task "drone-runner-vm" { + driver = "qemu" + + config { + image_path = "local/drone-runner.qcow2" + accelerator = "kvm" + args = [ + "-drive", "index=1,file=fat:rw:/var/lib/nomad/alloc/${NOMAD_ALLOC_ID}/${NOMAD_TASK_NAME}/secrets,format=raw,media=disk", + "-device", "e1000,netdev=user.0", + "-netdev", "user,id=user.0,hostfwd=tcp::${NOMAD_PORT_ssh}-:22", + "-smp", "2", + ] + port_map { + ssh = 22 + } + } + + artifact { + source = "https://alex.web.deuxfleurs.fr/drone-runner.qcow2.zst" + destination = "local/drone-runner.qcow2" + mode = "file" + } + + template { + data = <<EOH +DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" | trimSpace }} +DRONE_RUNNER_NAME={{ env "attr.unique.hostname" }} +EOH + destination = "secrets/secret_env" + } + + resources { + memory = 2000 + } + } + } +} diff --git a/experimental/app/drone-ci-runner/deploy/runner-docker.hcl b/experimental/app/drone-ci-runner/deploy/runner-docker.hcl new file mode 100644 index 0000000..d7c6ef4 --- /dev/null +++ b/experimental/app/drone-ci-runner/deploy/runner-docker.hcl @@ -0,0 +1,91 @@ +job "drone-runner" { + datacenters = ["neptune"] + type = "system" + + group "runner" { + + task "populate-nix-store" { + lifecycle { + hook = "prestart" + sidecar = false + } + + driver = "docker" + config { + image = "nixpkgs/nix:nixos-21.05" + command = "sh" + args = [ + "-c", "test -d /mnt/store || cp -rv /nix/{store,var} /mnt/" + ] + volumes = [ + "/var/lib/drone/nix:/mnt", + ] + } + + resources { + memory = 100 + cpu = 100 + } + } + + task "drone-runner" { + driver = "docker" + config { + image = "drone/drone-runner-docker:1.8.1" + + volumes = [ + "/var/lib/drone/nix:/nix", + "/var/run/docker.sock:/var/run/docker.sock" + ] + } + + template { + data = <<EOH +DRONE_RPC_PROTO=https +DRONE_RPC_HOST=drone.deuxfleurs.fr +DRONE_RPC_SECRET={{ key "secrets/drone-ci/rpc_secret" | trimSpace }} +DRONE_RUNNER_CAPACITY=1 +DRONE_DEBUG=true +DRONE_LOGS_TRACE=true +DRONE_RPC_DUMP_HTTP=true +DRONE_RPC_DUMP_HTTP_BODY=true +DRONE_RUNNER_NAME={{ env "attr.unique.hostname" }} +DRONE_RUNNER_LABELS=nix:1 +EOH + destination = "secrets/env" + env = true + } + + resources { + memory = 200 + cpu = 100 + } + } + + task "drone-gc" { + driver = "docker" + config { + image = "drone/gc:latest" + + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + ] + } + + template { + data = <<EOH +GC_DEBUG=true +GC_CACHE=10gb +GC_INTERVAL=10m +EOH + destination = "secrets/env" + env = true + } + + resources { + memory = 100 + cpu = 100 + } + } + } +} |