nixos-test-pixelfed-wip #22

Merged
taeer merged 11 commits from nixos-test-pixelfed-wip into main 2024-09-20 17:47:21 +02:00
10 changed files with 77 additions and 26 deletions
Showing only changes of commit 7f99fc48dd - Show all commits

27
fediversity/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ lib, ... }:
let
inherit (lib) mkOption;
inherit (lib.types) types;
in {
imports = [
./garage.nix
./mastodon.nix
./pixelfed.nix
./peertube.nix
];
options = {
fediversity = {
enable = mkOption {
type = types.bool;
default = false;
};
Niols marked this conversation as resolved Outdated
Outdated
Review

This can just be

fediversity = mkEnableOption "the collection of services bundled under fediversity";
This can just be ``` fediversity = mkEnableOption "the collection of services bundled under fediversity"; ```
Outdated
Review

Thanks! Done in 2ff8975b6b.

Thanks! Done in 2ff8975b6b2f19d5ffbd7574bd76494bf532d048.
mastodon.enable = mkOption { type = types.bool; default = false; };
pixelfed.enable = mkOption { type = types.bool; default = false; };
peertube.enable = mkOption { type = types.bool; default = false; };
Niols marked this conversation as resolved Outdated
Outdated
Review

You almost never need types.anything. And certainly in this case the set of sub-options should be defined. This can be done with simple attrsets

garage = {
  api = {
    url = mkOption {
      ...
    };
  };
};

Also

We don't need to have a very clear sense of which options belong where yet, but eventually I think the top-level fediversity options should be the ones that should be set publicly (via NixPanel), and probably the ports being used in garage shouldn't be among them.

I'm not sure what the right namespace to use for those options is... maybe fediversity-private or fediversity.private...

You almost never need `types.anything`. And certainly in this case the set of sub-options should be defined. This can be done with simple attrsets ``` garage = { api = { url = mkOption { ... }; }; }; ``` --- Also We don't need to have a very clear sense of which options belong where **yet**, but eventually I think the top-level `fediversity` options should be the ones that should be set publicly (via NixPanel), and probably the ports being used in garage shouldn't be among them. I'm not sure what the right namespace to use for those options is... maybe `fediversity-private` or `fediversity.private`...
Outdated
Review

Done in 73939b9d87.

Done in 73939b9d8752ed4193ebae1b865c306d8eae4971.
};
};
}

View file

@ -6,8 +6,10 @@ let
secret = "82b2b4cbef27bf8917b350d5b10a87c92fa9c8b13a415aeeea49726cf335d74e"; secret = "82b2b4cbef27bf8917b350d5b10a87c92fa9c8b13a415aeeea49726cf335d74e";
}; };
in in
# TODO: expand to a multi-machine setup # TODO: expand to a multi-machine setup
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep; inherit (lib) types mkOption mkEnableOption optionalString concatStringsSep;
inherit (lib.strings) escapeShellArg; inherit (lib.strings) escapeShellArg;
@ -53,7 +55,9 @@ let
${concatMapAttrs (ensureAccessScriptFn key) ensureAccess} ${concatMapAttrs (ensureAccessScriptFn key) ensureAccess}
''; '';
ensureKeysScript = concatMapAttrs ensureKeyScriptFn cfg.ensureKeys; ensureKeysScript = concatMapAttrs ensureKeyScriptFn cfg.ensureKeys;
in { in
{
# add in options to ensure creation of buckets and keys # add in options to ensure creation of buckets and keys
options = { options = {
services.garage = { services.garage = {
@ -126,7 +130,7 @@ in {
}; };
}; };
config = { config = lib.mkIf config.fediversity.enable {
virtualisation.diskSize = 2048; virtualisation.diskSize = 2048;
virtualisation.forwardPorts = [ virtualisation.forwardPorts = [
{ {

View file

@ -4,7 +4,10 @@ let
secret = "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34"; secret = "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34";
}; };
in in
{ config, lib, pkgs, ... }: {
{ config, lib, pkgs, ... }:
lib.mkIf (config.fediversity.enable && config.fediversity.mastodon.enable) {
#### garage setup #### garage setup
services.garage = { services.garage = {
ensureBuckets = { ensureBuckets = {

View file

@ -4,7 +4,10 @@ let
secret = "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395"; secret = "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395";
}; };
in in
{ config, lib, pkgs, ... }: {
{ config, lib, pkgs, ... }:
lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
networking.firewall.allowedTCPPorts = [ 80 9000 ]; networking.firewall.allowedTCPPorts = [ 80 9000 ];
services.garage = { services.garage = {

View file

@ -4,7 +4,10 @@ let
secret = "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987"; secret = "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987";
}; };
in in
{ config, lib, pkgs, ... }: {
{ config, lib, pkgs, ... }:
lib.mkIf (config.fediversity.enable && config.fediversity.pixelfed.enable) {
services.garage = { services.garage = {
ensureBuckets = { ensureBuckets = {
pixelfed = { pixelfed = {

View file

@ -5,7 +5,7 @@
nixpkgs.url = "github:radvendii/nixpkgs/nixos_rebuild_tests"; nixpkgs.url = "github:radvendii/nixpkgs/nixos_rebuild_tests";
}; };
outputs = { self, nixpkgs }: outputs = { self, nixpkgs }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
@ -13,10 +13,7 @@
nixosModules = { nixosModules = {
## Fediversity modules ## Fediversity modules
garage = import ./fediversity/garage.nix; fediversity = import ./fediversity;
mastodon = import ./fediversity/mastodon.nix;
peertube = import ./fediversity/peertube.nix;
pixelfed = import ./fediversity/pixelfed.nix;
## VM-specific modules ## VM-specific modules
interactive-vm = import ./vm/interactive-vm.nix; interactive-vm = import ./vm/interactive-vm.nix;
@ -28,27 +25,27 @@
nixosConfigurations = { nixosConfigurations = {
mastodon = nixpkgs.lib.nixosSystem { mastodon = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = with self.nixosModules; [ interactive-vm mastodon mastodon-vm garage ]; modules = with self.nixosModules; [ fediversity interactive-vm mastodon-vm ];
}; };
peertube = nixpkgs.lib.nixosSystem { peertube = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = with self.nixosModules; [ interactive-vm peertube peertube-vm garage ]; modules = with self.nixosModules; [ fediversity interactive-vm peertube-vm ];
}; };
pixelfed = nixpkgs.lib.nixosSystem { pixelfed = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = with self.nixosModules; [ interactive-vm pixelfed pixelfed-vm garage ]; modules = with self.nixosModules; [ fediversity interactive-vm pixelfed-vm ];
}; };
all = nixpkgs.lib.nixosSystem { all = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = with self.nixosModules; [ modules = with self.nixosModules; [
fediversity
interactive-vm interactive-vm
peertube peertube-vm peertube-vm
pixelfed pixelfed-vm pixelfed-vm
mastodon mastodon-vm mastodon-vm
garage
]; ];
}; };
}; };

View file

@ -37,7 +37,7 @@ pkgs.nixosTest {
nodes = { nodes = {
server = { config, ... }: { server = { config, ... }: {
virtualisation.memorySize = lib.mkVMOverride 4096; virtualisation.memorySize = lib.mkVMOverride 4096;
imports = with self.nixosModules; [ garage mastodon mastodon-vm ]; imports = with self.nixosModules; [ mastodon-vm ];
# TODO: pair down # TODO: pair down
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
python3 python3

View file

@ -136,11 +136,7 @@ pkgs.nixosTest {
memorySize = lib.mkVMOverride 8192; memorySize = lib.mkVMOverride 8192;
cores = 8; cores = 8;
}; };
imports = with self.nixosModules; [ imports = with self.nixosModules; [ pixelfed-vm ];
garage
pixelfed
pixelfed-vm
];
# TODO: pair down # TODO: pair down
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
python3 python3

View file

@ -1,9 +1,17 @@
{ modulesPath, lib, config, ... }: { { modulesPath, lib, config, ... }: {
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; imports = [
../fediversity
(modulesPath + "/virtualisation/qemu-vm.nix")
];
config = lib.mkMerge [ config = lib.mkMerge [
{ {
fediversity = {
enable = true;
mastodon.enable = true;
};
services.mastodon = { services.mastodon = {
# redirects to localhost, but allows it to have a proper domain name # redirects to localhost, but allows it to have a proper domain name
localDomain = "mastodon.localhost"; localDomain = "mastodon.localhost";

View file

@ -1,5 +1,15 @@
{ pkgs, modulesPath, ... }: { { pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
imports = [
../fediversity
(modulesPath + "/virtualisation/qemu-vm.nix")
];
fediversity = {
enable = true;
pixelfed.enable = true;
};
networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowedTCPPorts = [ 80 ];
services.pixelfed = { services.pixelfed = {
domain = "pixelfed.localhost"; domain = "pixelfed.localhost";