From f916b84ebd6629d7471f50fbb468161285f5026e Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 2 Jan 2016 17:31:06 +0100 Subject: k default: root path for populate --- krebs/default.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'krebs') diff --git a/krebs/default.nix b/krebs/default.nix index 81ddd3ea6..15d0e8e2e 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -50,7 +50,6 @@ let out = { # Prepare target source via bind-mounting - (${populate (args // { infesting = true;}) }) (${nixos-install args}) @@ -103,6 +102,7 @@ let out = { #! /bin/sh # ${current-date} ${current-user-name}@${current-host-name} # krebs.nixos-install + (${populate (args // { root = "/mnt"; })}) ${rootssh target '' export PATH; PATH=/root/.nix-profile/bin:$PATH @@ -209,7 +209,7 @@ let out = { populate = { system ? current-host-name , target ? system - , infesting ? false + , root ? "" }@args: let out = '' #! /bin/sh @@ -223,7 +223,6 @@ let out = { ''; - target_prefix=lib.optionalString infesting "/mnt"; config = get-config system; current-host = config.krebs.hosts.${current-host-name}; @@ -232,7 +231,7 @@ let out = { methods.dir = config: let can-push = config.host.name == current-host.name; - target-path = target_prefix + config.target-path; + target-path = root + config.target-path; push-method = '' rsync \ --exclude .git \ @@ -252,7 +251,7 @@ let out = { throw "No way to push ${dir} from ${current-host.name} to ${target}"; methods.git = config: - let target-path = target_prefix + config.target-path; + let target-path = root + config.target-path; in rootssh target '' mkdir -p ${target-path} cd ${target-path} -- cgit v1.3.1 From f0e802d2593ebe7101968deb3593f1c120f552fd Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 2 Jan 2016 21:36:51 +0100 Subject: k 5 test/infest-cac-centos7: add timeouts, error handling --- krebs/5pkgs/test/infest-cac-centos7/notes | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/test/infest-cac-centos7/notes b/krebs/5pkgs/test/infest-cac-centos7/notes index eee0bfc34..6bfb6906e 100755 --- a/krebs/5pkgs/test/infest-cac-centos7/notes +++ b/krebs/5pkgs/test/infest-cac-centos7/notes @@ -55,9 +55,16 @@ old_trapstr=$(clear_defer) while true;do # Template 26: CentOS7 # TODO: use cac templates to determine the real Centos7 template in case it changes - name=$( cac build cpu=1 ram=512 storage=10 os=26 2>&1\ - | jq -r .servername) - id=servername:$name + out=$(cac build cpu=1 ram=512 storage=10 os=26 2>&1) + if name=$(echo "$out" | jq -r .servername);then + id=servername:$name + echo "got a working machine, id=$id" + else + echo "Unable to build a virtual machine, retrying in 15 seconds" >&2 + echo "Output of build program: $out" >&2 + sleep 15 + continue + fi clear_defer >/dev/null defer "cac delete $id" @@ -65,8 +72,8 @@ while true;do # TODO: timeout? wait_login_cac(){ - # we wait for 15 minutes - for t in `seq 90`;do + # we wait for 30 minutes + for t in `seq 180`;do # now we have a working cac server if cac ssh $1 -o ConnectTimeout=10 \ cat /etc/redhat-release | \ @@ -82,6 +89,7 @@ while true;do echo "unable to boot a working system within time frame, retrying..." >&2 echo "Cleaning up old image,last status: $(cac update;cac getserver $id | jq -r .status)" eval "$(clear_defer | sed 's/;exit//')" + sleep 15 else echo "got a working system" >&2 break -- cgit v1.3.1 From d73c8df6e4246f34e7a98091bc3c7dab9f90fdde Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 5 Jan 2016 16:07:13 +0100 Subject: k 5 snapraid: is part of upstream --- krebs/5pkgs/snapraid/default.nix | 33 --------------------------- makefu/1systems/omo.nix | 49 +++++++++++++++++++++++----------------- 2 files changed, 28 insertions(+), 54 deletions(-) delete mode 100644 krebs/5pkgs/snapraid/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/snapraid/default.nix b/krebs/5pkgs/snapraid/default.nix deleted file mode 100644 index 41db0f284..000000000 --- a/krebs/5pkgs/snapraid/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{stdenv, fetchurl}: -let - s = # Generated upstream information - rec { - baseName="jq"; - version="1.5"; - name="${baseName}-${version}"; - url=https://github.com/stedolan/jq/releases/download/jq-1.5/jq-1.5.tar.gz; - sha256="0g29kyz4ykasdcrb0zmbrp2jqs9kv1wz9swx849i2d1ncknbzln4"; - }; - buildInputs = [ - ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit buildInputs; - src = fetchurl { - inherit (s) url sha256; - }; - - # jq is linked to libjq: - configureFlags = [ - "LDFLAGS=-Wl,-rpath,\\\${libdir}" - ]; - meta = { - inherit (s) version; - description = ''A lightweight and flexible command-line JSON processor''; - license = stdenv.lib.licenses.mit ; - maintainers = [stdenv.lib.maintainers.raskin]; - platforms = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin; - }; -} - diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index d7d3dba00..65a25a2a1 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -2,9 +2,18 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: - -{ +{ config, pkgs, lib, ... }: +let + byid = dev: "/dev/disk/by-id/" + dev; + keyFile = "/dev/disk/by-id/usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; + rootDisk = byid "ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; + homePartition = byid "ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN-part3"; + cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; + cryptDisk1 = byid "ata-TP02000GB_TPW151006050068"; + cryptDisk2 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WCAZA5548487"; + # all physical disks + allDisks = [ rootDisk cryptDisk0 cryptDisk1 cryptDisk2 ]; +in { imports = [ # TODO: unlock home partition via ssh @@ -16,35 +25,33 @@ ../2configs/mail-client.nix ]; krebs.build.host = config.krebs.hosts.omo; - services.smartd.devices = [ - { device = "/dev/sda"; } - { device = "/dev/sdb"; } - { device = "/dev/sdc"; } - { device = "/dev/sdd"; } - { device = "/dev/sde"; } - ]; + services.smartd.devices = builtins.map (x: { device = x; }) allDisks; # AMD E350 fileSystems."/home" = { device = "/dev/mapper/home"; fsType = "ext4"; }; - powerManagement.powerUpCommands = '' - for i in a b c d e f g h i;do - ${pkgs.hdparm}/sbin/hdparm -S 100 /dev/sd$i - ${pkgs.hdparm}/sbin/hdparm -B 127 /dev/sd$i - ${pkgs.hdparm}/sbin/hdparm -y /dev/sd$i - ''; + powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' + ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} + ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} + ${pkgs.hdparm}/sbin/hdparm -y ${disk} + '') allDisks); boot = { initrd.luks = { - devices = [ - { name = "home"; - device = "/dev/disk/by-uuid/85bff22e-dcbb-4246-b030-faf6c1782995"; + devices = let + usbkey = name: device: { + inherit name device keyFile; keyFileSize = 4096; - keyFile = "/dev/disk/by-id/usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; } + }; + in [ + (usbkey "home" homePartition) + (usbkey "crypt0" cryptDisk0) + (usbkey "crypt1" cryptDisk1) + (usbkey "crypt2" cryptDisk2) ]; }; - loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; + loader.grub.device = rootDisk; initrd.availableKernelModules = [ "ahci" -- cgit v1.3.1