remove users.jenkins config start on slave config.

Uses standard NixOS user config merging.
Work in progress: The slave config does not actually start the slave agent. This just configures a
jenkins user if required. Bare minimum to enable a nice jenkins SSH slave.

4 files changed, 94 insertions, 67 deletions

diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index f3d6bdb297d..b419942057a 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -82,7 +82,7 @@
   ./services/backup/sitecopy-backup.nix
   ./services/backup/tarsnap.nix
   ./services/continuous-integration/jenkins/default.nix
-  ./services/continuous-integration/jenkins/user.nix
+  ./services/continuous-integration/jenkins/slave.nix
   ./services/databases/4store-endpoint.nix
   ./services/databases/4store.nix
   ./services/databases/couchdb.nix
diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix
index 6e3f6abbb87..c3dc59a9fbd 100644
--- a/nixos/modules/services/continuous-integration/jenkins/default.nix
+++ b/nixos/modules/services/continuous-integration/jenkins/default.nix
@@ -2,7 +2,6 @@
 with pkgs.lib;
 let
   cfg = config.services.jenkins;
-  userCfg = config.users.jenkins;
 in {
   options = {
     services.jenkins = {
@@ -18,15 +17,24 @@ in {
         default = "jenkins";
         type = with types; string;
         description = ''
-          User the jenkins server should execute under. Defaults to the "jenkins" user.
+          User the jenkins server should execute under.
+        '';
+      };
+
+      group = mkOption {
+        default = "jenkins";
+        type = with types; string;
+        description = ''
+          User the jenkins server should execute under.
         '';
       };
 
       home = mkOption {
-        default = userCfg.home;
+        default = "/var/lib/jenkins";
         type = with types; string;
         description = ''
-          The path to use as JENKINS_HOME. Defaults to the home of the "jenkins" user.
+          The path to use as JENKINS_HOME. If the default user "jenkins" is configured then
+          this is the home of the "jenkins" user.
         '';
       };
 
@@ -58,7 +66,20 @@ in {
   };
 
   config = mkIf cfg.enable {
-    users.jenkins.enable = true;
+    users.extraGroups = optional (cfg.group == "jenkins") {
+      name = "jenkins";
+      gid = config.ids.gids.jenkins;
+    };
+
+    users.extraUsers = optional (cfg.user == "jenkins") {
+      name = "jenkins";
+      description = "jenkins user";
+      createHome = true;
+      home = cfg.home;
+      group = cfg.group;
+      useDefaultShell = true;
+      uid = config.ids.uids.jenkins;
+    };
 
     systemd.services.jenkins = {
       description = "Jenkins Continuous Integration Server";
diff --git a/nixos/modules/services/continuous-integration/jenkins/slave.nix b/nixos/modules/services/continuous-integration/jenkins/slave.nix
new file mode 100644
index 00000000000..1d31ab830f6
--- /dev/null
+++ b/nixos/modules/services/continuous-integration/jenkins/slave.nix
@@ -0,0 +1,67 @@
+{ config, pkgs, ... }:
+with pkgs.lib;
+let
+  cfg = config.services.jenkinsSlave;
+  masterCfg = config.services.jenkins;
+in {
+  options = {
+    services.jenkinsSlave = {
+      # todo:
+      # * assure the profile of the jenkins user has a JRE and any specified packages. This would
+      # enable ssh slaves.
+      # * Optionally configure the node as a jenkins ad-hoc slave. This would imply configuration
+      # properties for the master node.
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          If true the system will be configured to work as a jenkins slave.
+          If the system is also configured to work as a jenkins master then this has no effect.
+          In progress: Currently only assures the jenkins user is configured.
+        '';
+      };
+
+      user = mkOption {
+        default = "jenkins";
+        type = with types; string;
+        description = ''
+          User the jenkins slave agent should execute under.
+        '';
+      };
+
+      group = mkOption {
+        default = "jenkins";
+        type = with types; string;
+        description = ''
+          User the jenkins slave agent should execute under.
+        '';
+      };
+
+      home = mkOption {
+        default = "/var/lib/jenkins";
+        type = with types; string;
+        description = ''
+          The path to use as JENKINS_HOME. If the default user "jenkins" is configured then
+          this is the home of the "jenkins" user.
+        '';
+      };
+    };
+  };
+
+  config = mkIf (cfg.enable && !masterCfg.enable) {
+    users.extraGroups = optional (cfg.group == "jenkins") {
+      name = "jenkins";
+      gid = config.ids.gids.jenkins;
+    };
+
+    users.extraUsers = optional (cfg.user == "jenkins") {
+      name = "jenkins";
+      description = "jenkins user";
+      createHome = true;
+      home = cfg.home;
+      group = cfg.group;
+      useDefaultShell = true;
+      uid = config.ids.uids.jenkins;
+    };
+  };
+}
diff --git a/nixos/modules/services/continuous-integration/jenkins/user.nix b/nixos/modules/services/continuous-integration/jenkins/user.nix
deleted file mode 100644
index cb4d9a60a4a..00000000000
--- a/nixos/modules/services/continuous-integration/jenkins/user.nix
+++ /dev/null
@@ -1,61 +0,0 @@
-{ config, pkgs, ... }:
-with pkgs.lib;
-let
-  cfg = config.users.jenkins;
-in {
-  options = {
-    users.jenkins = {
-      enable = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Whether to enable the jenkins user. By default enabling a jenkins service enables the
-          jenkins user. The "user" config property of the service can be used to select a different
-          user.
-        '';
-      };
-
-      extraGroups = mkOption {
-        default = [];
-        type = with types; listOf string;
-        description = ''
-          Extra groups of the "jenkins" user.
-        '';
-      };
-
-      group = mkOption {
-        default = "jenkins";
-        description = ''
-          Default group of "jenkins" user.
-        '';
-      };
-
-      home = mkOption {
-        default = "/var/lib/jenkins";
-        type = types.string;
-        description = ''
-          Home of the "jenkins" user and JENKINS_HOME.
-        '';
-      };
-    };
-  };
-
-  config = mkIf cfg.enable {
-    users.extraGroups = optional (cfg.group == "jenkins") {
-      name = "jenkins";
-      gid = config.ids.gids.jenkins;
-    };
-
-    users.extraUsers = {
-      jenkins = {
-        description = "jenkins user";
-        createHome = true;
-        home = cfg.home;
-        group = cfg.group;
-        extraGroups = cfg.extraGroups;
-        useDefaultShell = true;
-        uid = config.ids.uids.jenkins;
-      };
-    };
-  };
-}