Compare commits
No commits in common. "16324cdcf8975072fbe86b1c5765fc1858c03795" and "6d006b8b8d1d903fffd60eedbd57d6f24c06b4f4" have entirely different histories.
16324cdcf8
...
6d006b8b8d
3 changed files with 1 additions and 34 deletions
|
@ -423,16 +423,7 @@
|
||||||
hardware.rasdaemon.enable = true;
|
hardware.rasdaemon.enable = true;
|
||||||
services.prometheus.exporters.ipmi = {
|
services.prometheus.exporters.ipmi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "ipmi";
|
|
||||||
};
|
};
|
||||||
users.groups.ipmi = {};
|
|
||||||
systemd.services.prometheus-ipmi-exporter.serviceConfig = {
|
|
||||||
DeviceAllow = lib.mkAfter [ "/dev/ipmi0 rw" ];
|
|
||||||
BindPaths = lib.mkAfter [ "/dev/ipmi0" ];
|
|
||||||
};
|
|
||||||
services.udev.extraRules = lib.mkAfter ''
|
|
||||||
KERNEL=="ipmi*", MODE="660", GROUP="ipmi"
|
|
||||||
'';
|
|
||||||
|
|
||||||
my.services.seaweedfs = {
|
my.services.seaweedfs = {
|
||||||
securitySettings = {
|
securitySettings = {
|
||||||
|
|
6
third_party/default.nix
vendored
6
third_party/default.nix
vendored
|
@ -57,12 +57,6 @@ let
|
||||||
sha256 = "1jdyk6d80jmsg6qn7hw58088yydn78g3kn3lmgg8argihb69pf2i";
|
sha256 = "1jdyk6d80jmsg6qn7hw58088yydn78g3kn3lmgg8argihb69pf2i";
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
prometheus-ipmi-exporter = pkgs.prometheus-ipmi-exporter.override (old: {
|
|
||||||
freeipmi = old.freeipmi.overrideAttrs (oldAttrs: {
|
|
||||||
env.NIX_CFLAGS_COMPILE = "-DIPMI_DONT_CHECK_FOR_ROOT";
|
|
||||||
enableParallelBuilding = true;
|
|
||||||
});
|
|
||||||
});
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
nixpkgs = import ./nixpkgs {
|
nixpkgs = import ./nixpkgs {
|
||||||
|
|
|
@ -1,12 +1,8 @@
|
||||||
#!/usr/bin/env nix-shell
|
#!/usr/bin/env nix-shell
|
||||||
#!nix-shell -p nodePackages.firebase-tools -p vault -i bash
|
#!nix-shell -p nodePackages.firebase-tools -p vault -i bash
|
||||||
|
|
||||||
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
|
|
||||||
DEPOT="$(realpath "${SCRIPT_DIR}/../..")"
|
|
||||||
|
|
||||||
vault_path=unix:///run/tokend/sock
|
vault_path=unix:///run/tokend/sock
|
||||||
deploycmd="deploy"
|
deploycmd="deploy"
|
||||||
channelname=""
|
|
||||||
postdeploy () {
|
postdeploy () {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -14,29 +10,15 @@ postdeploy () {
|
||||||
if [[ "$(groups)" =~ (.* |^)"users"($| .*) ]] || ! test -f /etc/NIXOS; then
|
if [[ "$(groups)" =~ (.* |^)"users"($| .*) ]] || ! test -f /etc/NIXOS; then
|
||||||
vault_path=https://vault.int.lukegb.com
|
vault_path=https://vault.int.lukegb.com
|
||||||
channelname="$(id -un)"
|
channelname="$(id -un)"
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ $# -gt 0 ]]; then
|
|
||||||
channelname="$1"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "$channelname" != "" ]]; then
|
|
||||||
deploycmd="hosting:channel:deploy $channelname"
|
deploycmd="hosting:channel:deploy $channelname"
|
||||||
postdeploy () {
|
postdeploy () {
|
||||||
firebase hosting:channel:open $channelname --token="$token"
|
firebase hosting:channel:open $channelname --token="$token"
|
||||||
}
|
}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Building from $DEPOT" >&2
|
cd $(nix-build ../.. -A web.lukegbcom)
|
||||||
cd $(nix-build "$DEPOT" -A web.lukegbcom)
|
|
||||||
echo "Using vault at $vault_path to get token" >&2
|
|
||||||
token="$(vault read --field=token --address="$vault_path" gcp/roleset/lukegbcom-deployer/token)"
|
token="$(vault read --field=token --address="$vault_path" gcp/roleset/lukegbcom-deployer/token)"
|
||||||
|
|
||||||
if [[ "$channelname" == "" ]]; then
|
|
||||||
echo "Deploying to prod" >&2
|
|
||||||
else
|
|
||||||
echo "Deploying to preview channel '$channelname'" >&2
|
|
||||||
fi
|
|
||||||
firebase $deploycmd --token="$token"
|
firebase $deploycmd --token="$token"
|
||||||
# Do it twice because sometimes it doesn't actually do anything the first time
|
# Do it twice because sometimes it doesn't actually do anything the first time
|
||||||
firebase $deploycmd --token="$token"
|
firebase $deploycmd --token="$token"
|
||||||
|
|
Loading…
Reference in a new issue