Purpose of Hydra and NixOps

.i .ui coi rodo

I’ve been doing a deep dive into Hydra and NixOps lately, but Ive found information hard to come by, so I had a few questions just to make sure Im on the right track.

Firstly, should I be using hydra for code tests, and how does this workflow work in practice? for example with a Haskell program, I could write tests using whatever testing framework, and then I believe I could somehow add those to the checkPhase of the builder, and then it’ll show up in Hydra as a job? Is this how I should be doing my projects, and if so is there somewhere that goes into the specifics of writing code tests in a hydra compatible fashion?

Secondly, I’m trying to use NixOps to start deploying my networks (gotta get Nix everywhere I can :P) but Im unsure about a specific workflow step and how best to navigate that.

Currently I write my nixops flake, nixops create my network, then nixops deploy to get the ec2 instances instantiated. This will fail because the DNS records arent setup for ACME to get a certificate, so then I grab the new IP I’ve been given, set up the A record, and then rerun the deploy to get it to succeed.

I feel like there should be a better way of doing this that Im not realising, like a way to say “its ok if ACME fails, jsut retry it until it works” or something like that?

Finally, when using nixops with ec2 I believe it generates keypairs for SSH purposes. When buildig a hydra server, I want to have keys set up for the master and build slaves to communicate, and also for things like using it as a build server.

The way Ive seen the second keys handled is to just require people to run ssh-keygen in the folder before deploying, but I feel like it could be nixier, is there a way to generate this in nix at deploy time?

Sorry for the hodgepodge of questions, its been hard to find concrete information for a lot of this, anything helps :slight_smile:
Thank you


Hi, I am on the same road you were on and want to know if you figured this out. I am also looking at Hercules but have a huge project already configured in Hydra, seems nix-build issues could arise even with

stripRecurseForDerivations =
  lib.filterAttrsRecursive (n: _: n != "recurseForDerivations");

add to Herc nix files…