nixos/modules/services/continuous-integration/buildkite-agent.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / continuous-integration / buildkite-agent.nix
at 17.09-beta 2.6 kB view raw
 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.buildkite-agent;
 7  configFile = pkgs.writeText "buildkite-agent.cfg"
 8    ''
 9      token="${cfg.token}"
10      name="${cfg.name}"
11      meta-data="${cfg.meta-data}"
12      hooks-path="${pkgs.buildkite-agent}/share/hooks"
13      build-path="/var/lib/buildkite-agent/builds"
14      bootstrap-script="${pkgs.buildkite-agent}/share/bootstrap.sh"
15    '';
16in
17
18{
19  options = {
20    services.buildkite-agent = {
21      enable = mkEnableOption "buildkite-agent";
22
23      token = mkOption {
24        type = types.str;
25        description = ''
26          The token from your Buildkite "Agents" page.
27        '';
28      };
29
30      name = mkOption {
31        type = types.str;
32        description = ''
33          The name of the agent.
34        '';
35      };
36
37      meta-data = mkOption {
38        type = types.str;
39        default = "";
40        description = ''
41          Meta data for the agent.
42        '';
43      };
44
45      openssh =
46        { privateKey = mkOption {
47            type = types.str;
48            description = ''
49              Private agent key.
50            '';
51          };
52          publicKey = mkOption {
53            type = types.str;
54            description = ''
55              Public agent key.
56            '';
57          };
58        };
59    };
60  };
61
62  config = mkIf config.services.buildkite-agent.enable {
63    users.extraUsers.buildkite-agent =
64      { name = "buildkite-agent";
65        home = "/var/lib/buildkite-agent";
66        createHome = true;
67        description = "Buildkite agent user";
68      };
69
70    environment.systemPackages = [ pkgs.buildkite-agent ];
71
72    systemd.services.buildkite-agent =
73      { description = "Buildkite Agent";
74        wantedBy = [ "multi-user.target" ];
75        after = [ "network.target" ];
76        environment.HOME = "/var/lib/buildkite-agent";
77        preStart = ''
78            ${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/lib/buildkite-agent/.ssh
79
80            echo "${cfg.openssh.privateKey}" > /var/lib/buildkite-agent/.ssh/id_rsa
81            ${pkgs.coreutils}/bin/chmod 600 /var/lib/buildkite-agent/.ssh/id_rsa
82
83            echo "${cfg.openssh.publicKey}" > /var/lib/buildkite-agent/.ssh/id_rsa.pub
84            ${pkgs.coreutils}/bin/chmod 600 /var/lib/buildkite-agent/.ssh/id_rsa.pub
85          '';
86
87        serviceConfig =
88          { ExecStart = "${pkgs.buildkite-agent}/bin/buildkite-agent start --config ${configFile}";
89            User = "buildkite-agent";
90            RestartSec = 5;
91            Restart = "on-failure";
92            TimeoutSec = 10;
93          };
94      };
95  };
96}