diff options
author | Rodney Lorrimar <dev@rodney.id.au> | 2018-02-18 08:30:42 +0000 |
---|---|---|
committer | Rodney Lorrimar <dev@rodney.id.au> | 2018-02-20 08:17:14 +0000 |
commit | e552633c20db1c516f6fd46280627ff5f0ee33a0 (patch) | |
tree | c8503598b1cfee3e147ba6802c2f04b38e6e2f82 | |
parent | 21e9a3eb6fe8256019c4e0d6d4ff04d9348acb25 (diff) | |
download | nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar.gz nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar.bz2 nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar.lz nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar.xz nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.tar.zst nixlib-e552633c20db1c516f6fd46280627ff5f0ee33a0.zip |
nixos/buildkite-agent: add coreutils to PATH of service
This simplifies the service script and it's probable that many builds will need coreutils anyway.
-rw-r--r-- | nixos/modules/services/continuous-integration/buildkite-agent.nix | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/nixos/modules/services/continuous-integration/buildkite-agent.nix b/nixos/modules/services/continuous-integration/buildkite-agent.nix index 039567eb6051..0a0c9f665d25 100644 --- a/nixos/modules/services/continuous-integration/buildkite-agent.nix +++ b/nixos/modules/services/continuous-integration/buildkite-agent.nix @@ -196,13 +196,10 @@ in environment.systemPackages = [ cfg.package ]; systemd.services.buildkite-agent = - let copy = x: target: perms: - "cp -f ${x} ${target}; ${pkgs.coreutils}/bin/chmod ${toString perms} ${target}; "; - in { description = "Buildkite Agent"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; - path = cfg.runtimePackages; + path = cfg.runtimePackages ++ [ pkgs.coreutils ]; environment = config.networking.proxy.envVars // { HOME = cfg.dataDir; NIX_REMOTE = "daemon"; @@ -210,10 +207,14 @@ in ## NB: maximum care is taken so that secrets (ssh keys and the CI token) ## don't end up in the Nix store. - preStart = '' - ${pkgs.coreutils}/bin/mkdir -m 0700 -p ${cfg.dataDir}/.ssh - ${copy (toString cfg.openssh.privateKeyPath) "${cfg.dataDir}/.ssh/id_rsa" 600} - ${copy (toString cfg.openssh.publicKeyPath) "${cfg.dataDir}/.ssh/id_rsa.pub" 600} + preStart = let + sshDir = "${cfg.dataDir}/.ssh"; + in + '' + mkdir -m 0700 -p "${sshDir}" + cp -f "${toString cfg.openssh.privateKeyPath}" "${sshDir}/id_rsa" + cp -f "${toString cfg.openssh.publicKeyPath}" "${sshDir}/id_rsa.pub" + chmod 600 "${sshDir}"/id_rsa* cat > "${cfg.dataDir}/buildkite-agent.cfg" <<EOF token="$(cat ${toString cfg.tokenPath})" |