WIP: trigger nixops from panel

Closes #76.

Note I had not yet manage to successfully test this.

Manually trying the parameterized NixOps4 I tried using the following
command, tho I had yet to get this to work as well:

```sh
DEPLOYMENT='{"domain": "fediversity.net", "mastodon": {"enable": false},
"pixelfed": {"enable": true}, "peertube": {"enable": false}}' nix
develop --extra-experimental-features "configurable-impure-env"
--command nixops4 apply test
```

(or rather, I used a hardcoded Nix here so as to make it not use Lix.)

So far this had failed for me with:

```
the following units failed:
acme-mastodon.web.garage.fediversity.net.service
...
nixops4 error: Failed to create resource garage-configuration
```

flake.nix

@@ -58,7 +58,9 @@
             packages = [
               pkgs.nil
               inputs'.agenix.packages.default
-              inputs'.nixops4.packages.default
+              (inputs'.nixops4.packages.default.overrideAttrs {
+                impureEnvVars = [ "DEPLOYMENT" ];
+              })
               pkgs.httpie
               pkgs.jq
             ];

infra/flake-part.nix

@@ -21,7 +21,7 @@ let
   makeResourceModule =
     { vmName, isTestVm }:
     {
-      _module.args = { inherit inputs; };
+      _module.args = { inherit self inputs; };
       imports = [
         ./common/resource.nix
         (if isTestVm then ./test-machines + "/${vmName}" else ./machines + "/${vmName}")
@@ -143,7 +143,17 @@ in
   ## - We add a “test” deployment with all test machines.
   nixops4Deployments = genAttrs machines makeDeployment' // {
     default = makeDeployment machines;
-    test = makeTestDeployment (fromJSON (readFile ./test-machines/configuration.json));
+    test = makeTestDeployment (
+      fromJSON (
+        let
+          env = builtins.getEnv "DEPLOYMENT";
+        in
+        if env != "" then
+          env
+        else
+          builtins.trace "env var DEPLOYMENT not set, falling back to ./test-machines/configuration.json!" (readFile ./test-machines/configuration.json)
+      )
+    );
   };
   flake.nixosConfigurations =
     genAttrs machines (makeConfiguration false)

infra/machines/fedi201/fedipanel.nix

@@ -1,4 +1,5 @@
 {
+  self,
   config,
   ...
 }:
@@ -11,7 +12,12 @@ in
     ../../../panel/nix/configuration.nix
   ];
 
+  nix.settings = {
+    extra-experimental-features = "configurable-impure-env";
+  };
+
   environment.systemPackages = [
+    self
     panel
   ];
 
@@ -36,4 +42,7 @@ in
       STATIC_ROOT = "/var/lib/${name}/static";
     };
   };
+  systemd.services.${name}.env = {
+    REPO_DIR = builtins.trace self self;
+  };
 }

panel/README.md

@@ -4,6 +4,11 @@ The Fediversity Panel is a web service for managing Fediversity deployments with
 
 ## Development
 
+- In your [nix.conf](https://nix.dev/manual/nix/latest/command-ref/conf-file) (Nix) / `nix.settings` (NixOS),
+to your [`experimental-features`](https://nix.dev/manual/nix/latest/command-ref/conf-file#conf-experimental-features)
+add [`configurable-impure-env`](https://nix.dev/manual/nix/latest/development/experimental-features#xp-feature-configurable-impure-env).
+Note that this features is only available in Nix, not in Lix.
+
 - To obtain all tools related to this project, enter the development environment with `nix-shell`.
 
   If you want to do that automatically on entering this directory:

panel/default.nix

@@ -34,6 +34,8 @@ in
       export CREDENTIALS_DIRECTORY=${builtins.toString ./.credentials}
       export DATABASE_URL="sqlite:///${toString ./src}/db.sqlite3"
     '';
+    # FIXME: ending a path in a non-name produces a double hash :(
+    REPO_DIR = ./..;
   };
 
   tests = pkgs'.callPackage ./nix/tests.nix { };

panel/src/panel/migrations/0002_alter_configuration_value_and_more.py

@@ -0,0 +1,27 @@
+# Generated by Django 4.2.16 on 2025-03-09 21:25
+
+from django.conf import settings
+from django.db import migrations, models
+import pydantic.main
+
+from panel.configuration import Version
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('panel', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='configuration',
+            name='value',
+            field=models.JSONField(default=Version(Version.latest).model().model_dump_json, help_text='Stored configuration value'),
+        ),
+        migrations.AlterField(
+            model_name='configuration',
+            name='version',
+            field=models.JSONField(default=pydantic.main.BaseModel.model_dump_json, help_text='Stored configuration value'),
+        ),
+    ]

panel/src/panel/templates/configuration_form.html

@@ -5,8 +5,8 @@
 
   {{ form.as_p }}
 
-  <button class="button" disabled>Deploy</button>
-  <button class="button" type="submit" >Save</button>
+  <button class="button" type="submit" name="deploy">Deploy</button>
+  <button class="button" type="submit" name="save">Save</button>
 </form>
 
 <p><sub>Configuration schema version {{ version }}</sub></p>

panel/src/panel/views.py

@@ -1,6 +1,8 @@
 from enum import Enum
 
 from django.urls import reverse_lazy
+import os
+import subprocess
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.views.generic import TemplateView, DetailView
@@ -38,6 +40,12 @@ class ConfigurationForm(LoginRequiredMixin, FormView):
         """Get or create the configuration object for the current user"""
         obj, created = models.Configuration.objects.get_or_create(
             operator=self.request.user)
+        button_name = request.POST.get('save_draft') or request.POST.get('publish')
+        if button_name == 'deploy':
+            print("DEPLOYING:")
+            print(os.getenv("REPO_DIR"))
+            print(obj)
+            subprocess.run(["nix", "develop", "--command", "nixops4", "apply", "test"], cwd=os.getenv("REPO_DIR"), env={"DEPLOYMENT": obj})
         return obj
 
     # TODO(@fricklerhandwerk):