feat(infra): Internalize nix-lib, and make keys management simpler
All checks were successful
Check meta / check_meta (pull_request) Successful in 17s
Check meta / check_dns (pull_request) Successful in 16s
build configuration / build_compute01 (pull_request) Successful in 1m19s
build configuration / build_storage01 (pull_request) Successful in 1m15s
build configuration / build_vault01 (pull_request) Successful in 1m10s
build configuration / build_krz01 (pull_request) Successful in 2m4s
build configuration / build_web01 (pull_request) Successful in 1m40s
build configuration / build_web02 (pull_request) Successful in 1m12s
lint / check (pull_request) Successful in 24s
build configuration / build_geo01 (pull_request) Successful in 1m7s
build configuration / build_rescue01 (pull_request) Successful in 1m10s
build configuration / build_geo02 (pull_request) Successful in 1m7s
build configuration / build_bridge01 (pull_request) Successful in 1m8s
build configuration / push_to_cache_vault01 (pull_request) Successful in 1m56s
build configuration / push_to_cache_storage01 (pull_request) Successful in 1m57s
build configuration / push_to_cache_compute01 (pull_request) Successful in 2m19s
build configuration / push_to_cache_web01 (pull_request) Successful in 2m21s
build configuration / push_to_cache_krz01 (pull_request) Successful in 2m30s
build configuration / push_to_cache_geo01 (pull_request) Successful in 1m8s
build configuration / push_to_cache_web02 (pull_request) Successful in 1m17s
Check meta / check_meta (push) Successful in 17s
Check meta / check_dns (push) Successful in 17s
build configuration / push_to_cache_geo02 (pull_request) Successful in 1m11s
build configuration / push_to_cache_bridge01 (pull_request) Successful in 1m10s
build configuration / push_to_cache_rescue01 (pull_request) Successful in 1m23s
build configuration / build_storage01 (push) Successful in 1m16s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_web01 (push) Successful in 1m38s
build configuration / build_krz01 (push) Successful in 1m58s
lint / check (push) Successful in 25s
build configuration / build_web02 (push) Successful in 1m9s
build configuration / build_geo01 (push) Successful in 1m9s
build configuration / build_geo02 (push) Successful in 1m10s
build configuration / build_rescue01 (push) Successful in 1m15s
build configuration / build_bridge01 (push) Successful in 1m2s
build configuration / push_to_cache_storage01 (push) Successful in 1m25s
build configuration / push_to_cache_vault01 (push) Successful in 1m37s
build configuration / push_to_cache_web02 (push) Successful in 1m21s
build configuration / push_to_cache_compute01 (push) Successful in 1m56s
build configuration / push_to_cache_web01 (push) Successful in 2m18s
build configuration / push_to_cache_geo01 (push) Successful in 1m15s
build configuration / push_to_cache_krz01 (push) Successful in 2m25s
build configuration / push_to_cache_geo02 (push) Successful in 1m8s
build configuration / push_to_cache_bridge01 (push) Successful in 1m8s
build configuration / push_to_cache_rescue01 (push) Successful in 1m23s
All checks were successful
Check meta / check_meta (pull_request) Successful in 17s
Check meta / check_dns (pull_request) Successful in 16s
build configuration / build_compute01 (pull_request) Successful in 1m19s
build configuration / build_storage01 (pull_request) Successful in 1m15s
build configuration / build_vault01 (pull_request) Successful in 1m10s
build configuration / build_krz01 (pull_request) Successful in 2m4s
build configuration / build_web01 (pull_request) Successful in 1m40s
build configuration / build_web02 (pull_request) Successful in 1m12s
lint / check (pull_request) Successful in 24s
build configuration / build_geo01 (pull_request) Successful in 1m7s
build configuration / build_rescue01 (pull_request) Successful in 1m10s
build configuration / build_geo02 (pull_request) Successful in 1m7s
build configuration / build_bridge01 (pull_request) Successful in 1m8s
build configuration / push_to_cache_vault01 (pull_request) Successful in 1m56s
build configuration / push_to_cache_storage01 (pull_request) Successful in 1m57s
build configuration / push_to_cache_compute01 (pull_request) Successful in 2m19s
build configuration / push_to_cache_web01 (pull_request) Successful in 2m21s
build configuration / push_to_cache_krz01 (pull_request) Successful in 2m30s
build configuration / push_to_cache_geo01 (pull_request) Successful in 1m8s
build configuration / push_to_cache_web02 (pull_request) Successful in 1m17s
Check meta / check_meta (push) Successful in 17s
Check meta / check_dns (push) Successful in 17s
build configuration / push_to_cache_geo02 (pull_request) Successful in 1m11s
build configuration / push_to_cache_bridge01 (pull_request) Successful in 1m10s
build configuration / push_to_cache_rescue01 (pull_request) Successful in 1m23s
build configuration / build_storage01 (push) Successful in 1m16s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_web01 (push) Successful in 1m38s
build configuration / build_krz01 (push) Successful in 1m58s
lint / check (push) Successful in 25s
build configuration / build_web02 (push) Successful in 1m9s
build configuration / build_geo01 (push) Successful in 1m9s
build configuration / build_geo02 (push) Successful in 1m10s
build configuration / build_rescue01 (push) Successful in 1m15s
build configuration / build_bridge01 (push) Successful in 1m2s
build configuration / push_to_cache_storage01 (push) Successful in 1m25s
build configuration / push_to_cache_vault01 (push) Successful in 1m37s
build configuration / push_to_cache_web02 (push) Successful in 1m21s
build configuration / push_to_cache_compute01 (push) Successful in 1m56s
build configuration / push_to_cache_web01 (push) Successful in 2m18s
build configuration / push_to_cache_geo01 (push) Successful in 1m15s
build configuration / push_to_cache_krz01 (push) Successful in 2m25s
build configuration / push_to_cache_geo02 (push) Successful in 1m8s
build configuration / push_to_cache_bridge01 (push) Successful in 1m8s
build configuration / push_to_cache_rescue01 (push) Successful in 1m23s
This commit is contained in:
parent
53c865a335
commit
6c4099d369
45 changed files with 762 additions and 182 deletions
|
|
@ -368,10 +368,10 @@ in
|
|||
name: "A member of the external service ${name} admins was not found in the members list."
|
||||
) org.external)
|
||||
|
||||
# Check that all members have a keyFile
|
||||
# Check that all members have ssh keys
|
||||
(builtins.map (name: {
|
||||
assertion = builtins.pathExists "${builtins.toString ../keys}/${name}.keys";
|
||||
message = "No ssh keys file found for ${name}.";
|
||||
assertion = ((import ../keys)._keys.${name} or [ ]) != [ ];
|
||||
message = "No ssh keys found for ${name}.";
|
||||
}) members)
|
||||
];
|
||||
};
|
||||
|
|
|
|||
|
|
@ -5,12 +5,6 @@ let
|
|||
pkgs = import sources.nixpkgs { };
|
||||
|
||||
dns = import sources."dns.nix" { inherit pkgs; };
|
||||
|
||||
lib = import sources.nix-lib {
|
||||
inherit (pkgs) lib;
|
||||
|
||||
keysRoot = ../keys;
|
||||
};
|
||||
in
|
||||
|
||||
{
|
||||
|
|
@ -29,6 +23,14 @@ in
|
|||
pkgs.writers.writeJSON "meta.json" config;
|
||||
|
||||
dns = dns.util.writeZone "dgnum.eu" (
|
||||
pkgs.lib.recursiveUpdate { SOA.serial = 0; } (import ./dns.nix { inherit dns lib; })
|
||||
pkgs.lib.recursiveUpdate { SOA.serial = 0; } (
|
||||
import ./dns.nix {
|
||||
inherit dns;
|
||||
|
||||
lib = pkgs.lib // {
|
||||
extra = import ../lib/nix-lib;
|
||||
};
|
||||
}
|
||||
)
|
||||
);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue