From c208537f4954b4a330b149d264e9e15b1821610c Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Sun, 23 Jul 2023 13:44:48 +0200
Subject: [PATCH 1/2] Updated hypervisor input

---
 flake.lock                   |  5 +--
 flake.nix                    | 31 ++++++++-----------
 modules/buildbot/default.nix | 57 ++++++++++++++++++++++++++++++++++
 modules/buildbot/worker.py   | 59 ++++++++++++++++++++++++++++++++++++
 4 files changed, 131 insertions(+), 21 deletions(-)
 create mode 100644 modules/buildbot/default.nix
 create mode 100644 modules/buildbot/worker.py

diff --git a/flake.lock b/flake.lock
index 6a47414..ccc75ee 100644
--- a/flake.lock
+++ b/flake.lock
@@ -242,9 +242,9 @@
       },
       "locked": {
         "lastModified": 1688319245,
-        "narHash": "sha256-+fXRVu4TDH8mxmZpSByJZCprKfHduFTLOb7sTm4w0RQ=",
+        "narHash": "sha256-fVIbXKvHmxSUAKTMiXx799UasQwU2XT+op7bzvtfl8c=",
         "ref": "main",
-        "rev": "89b36124b161492f140185815ec5b76a0b29dba7",
+        "rev": "9f32a304708fd9c91c081db05eee1b4f2e0226cc",
         "revCount": 5,
         "type": "git",
         "url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor"
@@ -379,3 +379,4 @@
   "root": "root",
   "version": 7
 }
+
diff --git a/flake.nix b/flake.nix
index 61ef327..a906796 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,13 +1,6 @@
 {
   description = "NixOS configuration with flakes";
 
-  nixConfig.extra-substituters = [
-    "https://newtype.cachix.org"
-  ];
-  nixConfig.extra-trusted-public-keys = [
-    "newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
-  ];
-
   # To update all inputs:
   # $ nix flake update --recreate-lock-file
   inputs = {
@@ -88,19 +81,19 @@
             ] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
           };
           packages = {
-          #  netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
-          #    # this nixosSystem is built for x86_64 machines regardless of the host machine
-          #    pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
-          #    inherit (inputs.nixpkgs.lib) nixosSystem;
-          #    extraModules = [
-          #      self.inputs.nur.nixosModules.nur
-          #      { _module.args.inputs = self.inputs; }
-          #    ];
-          #  };
+            #  netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
+            #    # this nixosSystem is built for x86_64 machines regardless of the host machine
+            #    pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
+            #    inherit (inputs.nixpkgs.lib) nixosSystem;
+            #    extraModules = [
+            #      self.inputs.nur.nixosModules.nur
+            #      { _module.args.inputs = self.inputs; }
+            #    ];
+            #  };
 
-          #  netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
-          #    inherit (self'.packages) netboot;
-          #  };
+            #  netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
+            #    inherit (self'.packages) netboot;
+            #  };
           };
         };
         flake = {
diff --git a/modules/buildbot/default.nix b/modules/buildbot/default.nix
new file mode 100644
index 0000000..5b0caa5
--- /dev/null
+++ b/modules/buildbot/default.nix
@@ -0,0 +1,57 @@
+{ lib, pkgs, config, ... }:
+with lib;
+let
+  cfg = config.luj.buildbot;
+  port = "1810";
+  package = pkgs.buildbot-worker;
+  python = package.pythonModule;
+  home = "/var/lib/buildbot-worker";
+  buildbotDir = "${home}/worker";
+in
+{
+  #buildbot worker
+
+  nix.settings.allowed-users = [ "buildbot-worker" ];
+  users.users.buildbot-worker = {
+    description = "Buildbot Worker User.";
+    isSystemUser = true;
+    createHome = true;
+    home = "/var/lib/buildbot-worker";
+    group = "buildbot-worker";
+    useDefaultShell = true;
+  };
+  users.groups.buildbot-worker = { };
+
+  systemd.services.buildbot-worker = {
+    reloadIfChanged = true;
+    description = "Buildbot Worker.";
+    after = [ "network.target" "buildbot-master.service" ];
+    wantedBy = [ "multi-user.target" ];
+    path = [
+      pkgs.unstable.nix-eval-jobs
+      pkgs.git
+      pkgs.gh
+      pkgs.nix
+      pkgs.nix-output-monitor
+    ];
+    environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
+    environment.MASTER_URL = ''tcp:host=ci.julienmalka.me'';
+    environment.BUILDBOT_DIR = buildbotDir;
+    environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
+
+    serviceConfig = {
+      Type = "simple";
+      User = "buildbot-worker";
+      Group = "buildbot-worker";
+      WorkingDirectory = home;
+
+      # Restart buildbot with a delay. This time way we can use buildbot to deploy itself.
+      ExecReload = "+${pkgs.systemd}/bin/systemd-run --on-active=60 ${pkgs.systemd}/bin/systemctl restart buildbot-worker";
+      ExecStart = "${python.pkgs.twisted}/bin/twistd --nodaemon --pidfile= --logfile - --python ${./worker.py}";
+    };
+  };
+
+}
+
+
+
diff --git a/modules/buildbot/worker.py b/modules/buildbot/worker.py
new file mode 100644
index 0000000..a640eff
--- /dev/null
+++ b/modules/buildbot/worker.py
@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+
+import multiprocessing
+import os
+import socket
+from io import open
+
+from buildbot_worker.bot import Worker
+from twisted.application import service
+
+
+def require_env(key: str) -> str:
+    val = os.environ.get(key)
+    assert val is not None, "val is not set"
+    return val
+
+
+def setup_worker(application: service.Application, id: int) -> None:
+    basedir = f"{require_env('BUILDBOT_DIR')}-{id}"
+    os.makedirs(basedir, mode=0o700, exist_ok=True)
+
+    master_url = require_env("MASTER_URL")
+    hostname = socket.gethostname()
+    workername = f"{hostname}-{id}"
+
+    with open(
+        require_env("WORKER_PASSWORD_FILE"), "r", encoding="utf-8"
+    ) as passwd_file:
+        passwd = passwd_file.read().strip("\r\n")
+    keepalive = 600
+    umask = None
+    maxdelay = 300
+    numcpus = None
+    allow_shutdown = None
+
+    s = Worker(
+        None,
+        None,
+        workername,
+        passwd,
+        basedir,
+        keepalive,
+        connection_string=master_url,
+        umask=umask,
+        maxdelay=maxdelay,
+        numcpus=numcpus,
+        allow_shutdown=allow_shutdown,
+    )
+    s.setServiceParent(application)
+
+
+# note: this line is matched against to check that this is a worker
+# directory; do not edit it.
+application = service.Application("buildbot-worker")
+
+for i in range(14):
+    setup_worker(application, i)
+
+

From ebea10d242383fbb5d0c5f904e64f9358635213d Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Tue, 1 Aug 2023 16:48:49 +0200
Subject: [PATCH 2/2] added buildbot workers

---
 configurations.nix           | 1 +
 hosts/epyc.nix               | 2 ++
 modules/buildbot/default.nix | 4 ++--
 modules/buildbot/worker.py   | 5 ++---
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/configurations.nix b/configurations.nix
index 550d0fd..f14c0a0 100644
--- a/configurations.nix
+++ b/configurations.nix
@@ -36,6 +36,7 @@ let
     ./modules/network.nix
     ./modules/zsh.nix
     ./modules/ssh-cursed.nix
+    ./modules/buildbot
 
 
     disko.nixosModules.disko
diff --git a/hosts/epyc.nix b/hosts/epyc.nix
index 805fa33..b41c69a 100644
--- a/hosts/epyc.nix
+++ b/hosts/epyc.nix
@@ -18,6 +18,8 @@
     };
   };
 
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ];
+
   simd.arch = "znver3";
   system.stateVersion = "23.05";
 }
diff --git a/modules/buildbot/default.nix b/modules/buildbot/default.nix
index 5b0caa5..3691eab 100644
--- a/modules/buildbot/default.nix
+++ b/modules/buildbot/default.nix
@@ -28,14 +28,14 @@ in
     after = [ "network.target" "buildbot-master.service" ];
     wantedBy = [ "multi-user.target" ];
     path = [
-      pkgs.unstable.nix-eval-jobs
+      pkgs.nix-eval-jobs
       pkgs.git
       pkgs.gh
       pkgs.nix
       pkgs.nix-output-monitor
     ];
     environment.PYTHONPATH = "${python.withPackages (_: [package])}/${python.sitePackages}";
-    environment.MASTER_URL = ''tcp:host=ci.julienmalka.me'';
+    environment.MASTER_URL = ''TCP:2a01\\:e34\\:ec2a\\:8e60\\:8ec7\\:b5d2\\:f663\\:a67a:9989'';
     environment.BUILDBOT_DIR = buildbotDir;
     environment.WORKER_PASSWORD_FILE = "/var/lib/buildbot-worker/password.txt";
 
diff --git a/modules/buildbot/worker.py b/modules/buildbot/worker.py
index a640eff..198dfae 100644
--- a/modules/buildbot/worker.py
+++ b/modules/buildbot/worker.py
@@ -34,13 +34,12 @@ def setup_worker(application: service.Application, id: int) -> None:
     allow_shutdown = None
 
     s = Worker(
-        None,
-        None,
+        "2a01:e34:ec2a:8e60:8ec7:b5d2:f663:a67a",
+        9989,
         workername,
         passwd,
         basedir,
         keepalive,
-        connection_string=master_url,
         umask=umask,
         maxdelay=maxdelay,
         numcpus=numcpus,