fi/nix-infra
1
2
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove hydra host

Browse source
This commit is contained in:
Fiona Grzebien 2026-05-17 01:24:09 +02:00
commit 5b44c4516c
Signed by: fi
SSH key fingerprint: SHA256:HQgl5VGC4+Yw3ds/0I/DqTge63SPBXvXwhNG/gRW26U
10 changed files with 0 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

51
config/hosts/hydra/configuration.nix
View file

@ -1,51 +0,0 @@
{ ... }:
{
boot = {
loader.grub = {
enable = true;
device = "/dev/vda";
};
binfmt.emulatedSystems = [
"armv6l-linux"
"armv7l-linux"
"aarch64-linux"
];
};
networking = {
hostName = "hydra";
firewall = {
enable = true;
allowedTCPPorts = [ 8443 ];
};
};
users.users.builder = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK/plZfxF/RtB+pJsUYx9HUgRcB56EoO0uj+j3AGzZta root@cherry"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKeIiHkHA5c6/jZx+BB28c5wchdzlFI7R1gbvNmPyoOg root@kiara"
];
};
nix = {
settings = {
trusted-users = [ "builder" ];
allowed-uris = "http:// https://";
};
buildMachines = [
{
hostName = "localhost";
systems = [
"x86_64-linux"
"armv6l-linux"
"armv7l-linux"
"aarch64-linux"
];
}
];
};
system.stateVersion = "23.05";
}

9
config/hosts/hydra/default.nix
View file

@ -1,9 +0,0 @@
{ ... }:
{
imports = [
./configuration.nix
./hydra.nix
./nix-serve.nix
./nginx.nix
];
}

14
config/hosts/hydra/hydra.nix
View file

@ -1,14 +0,0 @@
{ ... }:
{
services.hydra = {
enable = true;
hydraURL = "https://hydra.nekover.se";
listenHost = "localhost";
port = 3001;
useSubstitutes = true;
notificationSender = "hydra@robot.grzb.de";
extraConfig = "
binary_cache_public_uri = https://nix-cache.nekover.se
";
};
}

44
config/hosts/hydra/nginx.nix
View file

@ -1,44 +0,0 @@
{ ... }:
{
services.nginx = {
enable = true;
virtualHosts = {
"hydra.nekover.se" = {
forceSSL = true;
enableACME = true;
listen = [{
addr = "0.0.0.0";
port = 80;
}];
locations."/" = {
proxyPass = "http://localhost:3001";
};
extraConfig = ''
listen 0.0.0.0:8443 http2 ssl proxy_protocol;
set_real_ip_from 10.202.41.100; # IPv4 from web-public-2
set_real_ip_from 10.203.10.3; # IPv6 from valkyrie
real_ip_header proxy_protocol;
'';
};
"nix-cache.nekover.se" = {
forceSSL = true;
enableACME = true;
listen = [ {
addr = "0.0.0.0";
port = 80;
}];
locations."/" = {
proxyPass = "http://localhost:5005";
};
extraConfig = ''
listen 0.0.0.0:8443 http2 ssl proxy_protocol;
set_real_ip_from 10.202.41.100; # IPv4 from web-public-2
set_real_ip_from 10.203.10.3; # IPv6 from valkyrie
real_ip_header proxy_protocol;
'';
};
};
};
}

9
config/hosts/hydra/nix-serve.nix
View file

@ -1,9 +0,0 @@
{ ... }:
{
services.nix-serve = {
enable = true;
port = 5005;
bindAddress = "localhost";
secretKeyFile = "/secrets/signing-key.secret";
};
}

11
config/hosts/hydra/secrets.nix
View file

@ -1,11 +0,0 @@
{ keyCommandEnv, ... }:
{
deployment.keys."signing-key.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "hydra/signing-key" ];
destDir = "/secrets";
user = "root";
group = "root";
permissions = "0640";
uploadAt = "pre-activation";
};
}

1
config/hosts/valkyrie/nginx.nix
View file

@ -41,7 +41,6 @@
element-admin.nekover.se 10.202.41.100:8443; element-admin.nekover.se 10.202.41.100:8443;
fi.nekover.se 10.202.41.125:8443; fi.nekover.se 10.202.41.125:8443;
git.nekover.se 10.202.41.106:8443; git.nekover.se 10.202.41.106:8443;
hydra.nekover.se 10.202.41.121:8443;
id.nekover.se 10.202.41.124:8443; id.nekover.se 10.202.41.124:8443;
mas.nekover.se 10.202.41.112:8443; mas.nekover.se 10.202.41.112:8443;
matrix.nekover.se 10.202.41.112:8443; matrix.nekover.se 10.202.41.112:8443;

1
config/hosts/web-public-2/nginx.nix
View file

@ -21,7 +21,6 @@
element-admin.nekover.se 10.202.41.100:8443; element-admin.nekover.se 10.202.41.100:8443;
fi.nekover.se 10.202.41.125:8443; fi.nekover.se 10.202.41.125:8443;
git.nekover.se 10.202.41.106:8443; git.nekover.se 10.202.41.106:8443;
hydra.nekover.se 10.202.41.121:8443;
id.nekover.se 10.202.41.124:8443; id.nekover.se 10.202.41.124:8443;
mas.nekover.se 10.202.41.112:8443; mas.nekover.se 10.202.41.112:8443;
matrix.nekover.se 10.202.41.112:8443; matrix.nekover.se 10.202.41.112:8443;

6
flake.nix
View file

@ -40,12 +40,6 @@
}; };
} // builtins.mapAttrs (helper.generateColmenaHost) hosts; } // builtins.mapAttrs (helper.generateColmenaHost) hosts;
hydraJobs = {
nixConfigurations = builtins.mapAttrs (host: helper.generateNixConfiguration host {
inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver;
}) hosts;
};
# Generate a base VM image for Proxmox with `nix build .#base-proxmox` # Generate a base VM image for Proxmox with `nix build .#base-proxmox`
packages.x86_64-linux = { packages.x86_64-linux = {
base-proxmox = nixos-generators.nixosGenerate { base-proxmox = nixos-generators.nixosGenerate {

4
hosts.nix
View file

@ -27,10 +27,6 @@ let
}) hosts; }) hosts;
in in
generateDefaults { generateDefaults {
hydra = {
site = "vs";
environment = "proxmox";
};
ikiwiki = { ikiwiki = {
site = "vs"; site = "vs";
environment = "proxmox"; environment = "proxmox";