47 lines
1.2 KiB
Nix
47 lines
1.2 KiB
Nix
{ cluster, depot, lib, ... }:
|
|
|
|
let
|
|
inherit (cluster.config.services.hercules-ci-multi-agent) nodes secrets;
|
|
|
|
mapAgents = lib.flip lib.mapAttrs nodes;
|
|
|
|
mergeMap = f: let
|
|
outputs = mapAgents f;
|
|
in lib.pipe outputs [
|
|
(lib.mapAttrs (basename: basevalue:
|
|
lib.mapAttrs' (n: v:
|
|
lib.nameValuePair "${n}-${basename}" v
|
|
) basevalue
|
|
))
|
|
lib.attrValues
|
|
(lib.foldl' (a: b: a // b) {})
|
|
];
|
|
in
|
|
{
|
|
imports = [
|
|
./modules/multi-agent-refactored
|
|
];
|
|
|
|
systemd.services = mergeMap (_: _: {
|
|
hercules-ci-agent = {
|
|
# hercules-ci-agent-restarter should take care of this
|
|
restartIfChanged = false;
|
|
environment = {
|
|
AWS_SHARED_CREDENTIALS_FILE = secrets.cacheCredentials.path;
|
|
AWS_EC2_METADATA_DISABLED = "true";
|
|
};
|
|
serviceConfig.Slice = "builder.slice";
|
|
};
|
|
});
|
|
|
|
services.hercules-ci-agents = lib.genAttrs (lib.attrNames nodes) (org: {
|
|
enable = true;
|
|
package = depot.inputs.hercules-ci-agent.packages.hercules-ci-agent;
|
|
settings = {
|
|
clusterJoinTokenPath = secrets."clusterJoinToken-${org}".path;
|
|
binaryCachesPath = secrets.cacheConfig.path;
|
|
};
|
|
});
|
|
|
|
users.groups.hercules-ci-agent.members = map (org: "hci-${org}") (lib.attrNames nodes);
|
|
}
|