about summary refs log tree commit diff
path: root/users/glittershark/system/system/machines/mugwump.nix
diff options
context:
space:
mode:
Diffstat (limited to 'users/glittershark/system/system/machines/mugwump.nix')
-rw-r--r--users/glittershark/system/system/machines/mugwump.nix30
1 files changed, 25 insertions, 5 deletions
diff --git a/users/glittershark/system/system/machines/mugwump.nix b/users/glittershark/system/system/machines/mugwump.nix
index 15b5c550f9..96bc1cca3f 100644
--- a/users/glittershark/system/system/machines/mugwump.nix
+++ b/users/glittershark/system/system/machines/mugwump.nix
@@ -117,6 +117,12 @@ with lib;
     };
   };
 
+  security.acme.certs."metrics.gws.fyi" = {
+    dnsProvider = "namecheap";
+    credentialsFile = "/etc/secrets/namecheap.env";
+    webroot = mkForce null;
+  };
+
   services.prometheus = {
     enable = true;
     exporters = {
@@ -178,9 +184,23 @@ with lib;
     timerConfig.OnCalendar = "minutely";
   };
 
-  security.acme.certs."metrics.gws.fyi" = {
-    dnsProvider = "namecheap";
-    credentialsFile = "/etc/secrets/namecheap.env";
-    webroot = mkForce null;
-  };
+  virtualisation.docker.enable = true;
+
+  services.buildkite-agents = listToAttrs (map (n: rec {
+    name = "mugwump-${toString n}";
+    value = {
+      inherit name;
+      enable = true;
+      tokenPath = "/etc/secrets/buildkite-agent-token";
+      privateSshKeyPath = "/etc/secrets/buildkite-ssh-key";
+      runtimePackages = with pkgs; [
+        docker
+        nix
+        gnutar
+      ];
+    };
+  }) (range 1 2));
+
+  users.users."buildkite-agent-mugwump-1".extraGroups = [ "docker" ];
+  users.users."buildkite-agent-mugwump-2".extraGroups = [ "docker" ];
 }
generated by cgit-pink 1.4.1 (git 2.44.0) at 2024-05-16T20ยท16+0000