guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: hydra: Update the dover configuration for the berlin build farm.

From: Andreas Enge
Subject: 01/01: hydra: Update the dover configuration for the berlin build farm.
Date: Sat, 10 Apr 2021 08:38:19 -0400 (EDT) 
andreas pushed a commit to branch wip-dover
in repository maintenance.

commit 67ddb393e32546a0a304874296138fd71978c36b
Author: Andreas Enge <andreas@enge.fr>
AuthorDate: Sat Mar 27 17:01:51 2021 +0100

    hydra: Update the dover configuration for the berlin build farm.
    
    * hydra/dover.scm (berlin-peer): New variable.
    (%authorized-guix-keys): Disable bayfront.
    (operating-system): Add cuirass-remote-worker-service-type and
    wireguard-configuration. Enable substitutes.
---
 hydra/dover.scm | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/hydra/dover.scm b/hydra/dover.scm
index 784687e..7b3c52e 100644
--- a/hydra/dover.scm
+++ b/hydra/dover.scm
@@ -1,10 +1,10 @@
 ;; GuixSD configuration file for the SoftIron OverDrive 1000 build machines.
 ;; Copyright © 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
-;; Copyright © 2019 Andreas Enge <andreas@enge.fr`
+;; Copyright © 2019, 2021 Andreas Enge <andreas@enge.fr`
 ;; Released under the GNU GPLv3 or any later version.
 
 (use-modules (guix) (gnu))
-(use-service-modules networking mcron ssh)
+(use-service-modules networking mcron ssh avahi cuirass vpn)
 (use-package-modules screen ssh linux vim)
 
 (define (sysadmin name full-name)
@@ -33,8 +33,7 @@
 
 (define %authorized-guix-keys
   ;; List of authorized 'guix archive' keys.
-  (list (local-file "keys/guix/berlin.guixsd.org-export.pub")
-        (local-file "keys/guix/bayfront.guix.info-export.pub")))
+  (list (local-file "keys/guix/berlin.guixsd.org-export.pub")))
 
 (define gc-job
   ;; Run 'guix gc' at 3AM every day.
@@ -47,6 +46,13 @@
          (string-append #$btrfs-progs "/bin/btrfs balance "
                         "start -dusage=50 -musage=70 /")))
 
+(define berlin-peer
+  (wireguard-peer
+   (name "peer")
+   (endpoint "ci.guix.gnu.org:51820")
+   (public-key "wOIfhHqQ+JQmskRS2qSvNRgZGh33UxFDi8uuSXOltF0=")
+   (allowed-ips '("10.0.0.1/32"))))
+
 ;; The actual machine.
 
 (operating-system
@@ -97,11 +103,22 @@
 
                    (service ntp-service-type)
 
+                   (service avahi-service-type)
+                   (service cuirass-remote-worker-service-type
+                            (cuirass-remote-worker-configuration
+                             (workers 2)
+                             (server "10.0.0.1:5555") ;berlin
+                             (systems '("armhf-linux" "aarch64-linux"))))
+                   (service wireguard-service-type
+                            (wireguard-configuration
+                             (addresses '("10.0.0.4/32"))
+                             (peers (list berlin-peer))))
+
                    (modify-services %base-services
                      (guix-service-type config =>
                                         (guix-configuration
                                          (inherit config)
-                                         (use-substitutes? #f)
+                                         (use-substitutes? #t)
                                          (max-silent-time 7200)
                                          (authorized-keys
                                           %authorized-guix-keys))))))
reply via email to
[Prev in Thread] Current Thread [Next in Thread]