1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
pkgs:
{ lib, name, config, ... }:
let
inherit (builtins) all attrNames;
inherit (lib)
concatStrings filterAttrs hasSuffix mapAttrsToList mkOption ;
inherit (lib.types)
addCheck attrsOf bool either enum int listOf nullOr package path str
submodule
;
default = d: t: mkOption { type = t; default = d; };
optional = t: mkOption { type = nullOr t; default = null; };
readonly = d: t: mkOption { type = nullOr t; default = d; readOnly = true; };
in {
options = {
jre = {
package = mkOption {
description = "Java runtime package";
default = pkgs.jre8;
type = package;
};
properties = {
hudson.model.DirectoryBrowserSupport.CSP = optional str;
java.io.tmpdir = readonly "${config.home}/tmp" path;
java.util.logging.config.file = optional path;
};
};
war = mkOption {
description = "Jenkins web application archive (WAR)";
default = pkgs.jenkins;
type = path;
};
user = mkOption {
description = "User to run as";
default = "jenkins-${name}";
readOnly = true;
type = str;
};
home = mkOption {
description = "Jenkins data directory";
type = path;
default = "/jenkins/${name}";
};
master-access-control = mkOption {
description = ''
Enable Agent -> Master Access Control.
See https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control
'';
type = bool;
default = true;
};
nodes = mkOption {
description = ''
Nodes. Each value is either inline XML text or an XML file.
Any existing nodes, not mentioned here, are physically removed.
'';
type = attrsOf (either str path);
default = {};
};
jobs = mkOption {
description = ''
Jenkins jobs. Each value is either inline XML text or an XML file.
Any existing jobs, not mentioned here, are physically removed.
'';
type = attrsOf (either str path);
default = {};
};
config = mkOption {
description = ''
Jenkins XML configuration files. Either inline text or file. Any
existing XML files, not mentioned here, are physically removed. You
might want to add `config.xml` at least. You can use XInclude
facility to include sensitive pieces of configuration like passwords
or private keys. Those grains will be processed (expanded) to
create proper configuration files. Also they will be automatically
picked up and deployed (requires read-write mode of evaluation).
E. g. if you write '<xi:include href="/run/keys/github-oauth.xml"/>',
that file will be deployed as a secret key, and when Jenkins starts,
that piece will be replaced by the file contents. All configuration
files reside in Jenkins private directory so secrets remain secret.
'';
type = addCheck (attrsOf (either str path)) (aa: all (hasSuffix ".xml") (attrNames aa));
default = {};
};
path = mkOption {
description = ''
Additional packages available to Jenkins in PATH. You also may opt in specifying
paths to executables in various config files.
'';
type = listOf package;
default = [];
example = [ pkgs.gitMinimal ];
};
options = {
controlPort = optional int;
debug = optional (enum [1 2 3 4 5 6 7 8 9]);
httpKeepAliveTimeout = optional int;
httpListenAddress = default "127.0.0.1" str;
httpPort = default 8080 int;
prefix = optional str;
sessionTimeout = optional int;
};
};
}
|
