From 8a229b1654330a209c80fb11795204f4ff2eb0d7 Mon Sep 17 00:00:00 2001 From: jolheiser Date: Sun, 17 Mar 2024 13:31:03 -0500 Subject: [PATCH] wip: jenkins Signed-off-by: jolheiser --- machines/dragonwell/caddy.nix | 5 +++++ machines/dragonwell/default.nix | 2 +- machines/dragonwell/jenkins.nix | 23 +++++++++++++++++++++++ secrets/personal/jenkins.age | 11 +++++++++++ secrets/secrets.nix | 1 + 5 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 machines/dragonwell/jenkins.nix create mode 100644 secrets/personal/jenkins.age diff --git a/machines/dragonwell/caddy.nix b/machines/dragonwell/caddy.nix index 5169210..ab46971 100644 --- a/machines/dragonwell/caddy.nix +++ b/machines/dragonwell/caddy.nix @@ -58,6 +58,11 @@ reverse_proxy localhost:2884 ''; }; + "ci.jolheiser.com" = { + extraConfig = '' + reverse_proxy localhost:2423 + ''; + }; }; }; } diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix index dc6edda..c486c4d 100644 --- a/machines/dragonwell/default.nix +++ b/machines/dragonwell/default.nix @@ -2,7 +2,7 @@ let username = "jolheiser"; key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser''; in { - imports = [./caddy.nix ./dex.nix ./golink.nix ./gotosocial.nix ./restic.nix ./ugit.nix ./hardware.nix]; + imports = [./caddy.nix ./dex.nix ./golink.nix ./gotosocial.nix ./jenkins.nix ./restic.nix ./ugit.nix ./hardware.nix]; boot.tmp.cleanOnBoot = true; zramSwap.enable = true; diff --git a/machines/dragonwell/jenkins.nix b/machines/dragonwell/jenkins.nix new file mode 100644 index 0000000..d9b4d67 --- /dev/null +++ b/machines/dragonwell/jenkins.nix @@ -0,0 +1,23 @@ +{config, ...}: { + age.secrets.jenkins.file = ../../secrets/personal/jenkins.age; + services.jenkins = { + enable = true; + listenAddress = "localhost"; + port = 2423; + jobBuilder = { + accessTokenFile = config.age.secrets.jenkins.path; + nixJobs = [ + { + job = { + name = "echo"; + builders = [ + { + shell = "echo 'Hello, world!'"; + } + ]; + }; + } + ]; + }; + }; +} diff --git a/secrets/personal/jenkins.age b/secrets/personal/jenkins.age new file mode 100644 index 0000000..285b673 --- /dev/null +++ b/secrets/personal/jenkins.age @@ -0,0 +1,11 @@ +age-encryption.org/v1 +-> ssh-ed25519 E8j6/g AJiLqqUpu/SLAFvz6EXvZ6o1PXa1DrcBjf94gpEFq10 +ZYHjqsJ8tVer0YlJvJ11XQYx6P8FlB5Nj8Gr4BYZlCw +-> ssh-ed25519 f31uNA 0iFxySw9nqD6uhCyFTND0cNLAWnAcKVDhbP5dzizXGk +lr/gjZxUP0Ta8cRw24Zf26TLQmw+fRlElPqZvXR5d9g +-> @>-grease +0Y9PU1g/9/KPNt0XjFcHHsL36Txo/gKyedRC524UAu/OpX6Ob8TDN1DOKvlG9HQN +cmcvJ5sKHDfh0MCef1FnZM2vhSxINm/WE2AYpjs +--- 6RV0T/JXRFKZDzFFtqFTjLIdZTETLW6MVRcuHqz5tkw + 6CWJ\?0/;®I Ϭp +׃jUQh \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ae3e5b2..327e423 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -25,4 +25,5 @@ in { "personal/restic-repo.age".publicKeys = [jolheiser dragonwell]; "personal/dex.age".publicKeys = [jolheiser dragonwell]; "personal/dex-tailscale.age".publicKeys = [jolheiser dragonwell]; + "personal/jenkins.age".publicKeys = [jolheiser dragonwell]; }