diff --git a/deployment/flake-part.nix b/deployment/flake-part.nix new file mode 100644 index 00000000..7d2a34f3 --- /dev/null +++ b/deployment/flake-part.nix @@ -0,0 +1,141 @@ +{ inputs, self, ... }: + +let + vmIdTo03d = + id: + let + sid = toString id; + in + if id >= 0 && id <= 9 then + "00${sid}" + else if id >= 10 && id <= 99 then + "0${sid}" + else + sid; + + allVmIds = # 100 -- 255 + let + allVmIdsFrom = x: if x > 255 then [ ] else [ x ] ++ allVmIdsFrom (x + 1); + in + allVmIdsFrom 100; + + makeInstaller = import ./makeInstaller.nix; + +in +{ + flake.nixosConfigurations.provisioning = + let + inherit (builtins) map listToAttrs; + makeProvisioningConfiguration = + vmid: + inputs.nixpkgs.lib.nixosSystem { + modules = [ + { procolix.vmid = vmid; } + ./procolixVm.nix + inputs.disko.nixosModules.default + ]; + }; + in + listToAttrs ( + map (vmid: { + name = "fedi${vmIdTo03d vmid}"; + value = makeProvisioningConfiguration vmid; + }) allVmIds + ); + + flake.isoInstallers.provisioning = + let + inherit (builtins) mapAttrs; + in + mapAttrs ( + vmname: + makeInstaller { + inherit (inputs) nixpkgs; + hostKeys = { + rsa = { + private = ./hostKeys/${vmname}/ssh_host_rsa_key; + public = ./hostKeys/${vmname}/ssh_host_rsa_key.pub; + }; + ed25519 = { + private = ./hostKeys/${vmname}/ssh_host_ed25519_key; + public = ./hostKeys/${vmname}/ssh_host_ed25519_key.pub; + }; + }; + } + ) self.nixosConfigurations.provisioning; + + nixops4Deployments.default = + { providers, ... }: + + let + inherit (builtins) readFile; + + makeProcolixVmResource = vmid: vmconfig: { + type = providers.local.exec; + imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; + ssh.opts = ""; + ssh.host = "95.215.187.${vmIdTo03d vmid}"; + ssh.hostPublicKey = readFile ./hostKeys/fedi${vmIdTo03d vmid}/ssh_host_ed25519_key.pub; + + nixpkgs = inputs.nixpkgs; + nixos.module = { + imports = [ + vmconfig + { procolix.vmid = vmid; } + ./procolixVm.nix + inputs.snf.nixosModules.fediversity + inputs.disko.nixosModules.default + ]; + }; + }; + + in + { + providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local; + + resources = { + fedi100 = makeProcolixVmResource 100 { }; + + fedi101 = makeProcolixVmResource 101 { + fediversity = { + enable = true; + domain = "fedi101.abundos.eu"; + pixelfed.enable = true; + }; + }; + + fedi102 = makeProcolixVmResource 102 { + fediversity = { + enable = true; + domain = "fedi102.abundos.eu"; + mastodon.enable = true; + + temp.cores = 1; # FIXME: should come from NixOps4 eventually + }; + }; + + fedi103 = makeProcolixVmResource 103 ( + { pkgs, ... }: + { + fediversity = { + enable = true; + domain = "fedi103.abundos.eu"; + peertube.enable = true; + + temp.peertubeSecretsFile = pkgs.writeText "secret" '' + 574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24 + ''; + }; + } + ); + + fedi120 = makeProcolixVmResource 120 { + fediversity = { + enable = true; + domain = "fedi120.abundos.eu"; + pixelfed.enable = true; + }; + }; + }; + }; +} diff --git a/deployment/flake.lock b/deployment/flake.lock deleted file mode 100644 index b08aa2bc..00000000 --- a/deployment/flake.lock +++ /dev/null @@ -1,1158 +0,0 @@ -{ - "nodes": { - "crane": { - "flake": false, - "locked": { - "lastModified": 1727316705, - "narHash": "sha256-/mumx8AQ5xFuCJqxCIOFCHTVlxHkMT21idpbgbm/TIE=", - "owner": "ipetkov", - "repo": "crane", - "rev": "5b03654ce046b5167e7b0bccbd8244cb56c16f0e", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "ref": "v0.19.0", - "repo": "crane", - "type": "github" - } - }, - "crane_2": { - "flake": false, - "locked": { - "lastModified": 1699217310, - "narHash": "sha256-xpW3VFUG7yE6UE6Wl0dhqencuENSkV7qpnpe9I8VbPw=", - "owner": "ipetkov", - "repo": "crane", - "rev": "d535642bbe6f377077f7c23f0febb78b1463f449", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "ref": "v0.15.0", - "repo": "crane", - "type": "github" - } - }, - "disko": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1727531434, - "narHash": "sha256-b+GBgCWd2N6pkiTkRZaMFOPztPO4IVTaclYPrQl2uLk=", - "owner": "nix-community", - "repo": "disko", - "rev": "b709e1cc33fcde71c7db43850a55ebe6449d0959", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, - "disko_2": { - "inputs": { - "nixpkgs": "nixpkgs_6" - }, - "locked": { - "lastModified": 1727347829, - "narHash": "sha256-y7cW6TjJKy+tu7efxeWI6lyg4VVx/9whx+OmrhmRShU=", - "owner": "nix-community", - "repo": "disko", - "rev": "1879e48907c14a70302ff5d0539c3b9b6f97feaa", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, - "dream2nix": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ], - "purescript-overlay": "purescript-overlay", - "pyproject-nix": "pyproject-nix" - }, - "locked": { - "lastModified": 1728585693, - "narHash": "sha256-rhx5SYpIkPu7d+rjF9FGGBVxS0BwAEkmYIsJg2a3E20=", - "owner": "nix-community", - "repo": "dream2nix", - "rev": "c6935471f7e1a9e190aaa9ac9823dca34e00d92a", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "dream2nix", - "type": "github" - } - }, - "dream2nix_2": { - "inputs": { - "nixpkgs": [ - "nixops4-nixos", - "nix-cargo-integration", - "nixpkgs" - ], - "purescript-overlay": "purescript-overlay_2", - "pyproject-nix": "pyproject-nix_2" - }, - "locked": { - "lastModified": 1722526955, - "narHash": "sha256-fFS8aDnfK9Qfm2FLnQ8pqWk8FzvFEv5LvTuZTZLREnc=", - "owner": "nix-community", - "repo": "dream2nix", - "rev": "3fd4c14d3683baac8d1f94286ae14fe160888b51", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "dream2nix", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1730504689, - "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "506278e768c2a08bec68eb62932193e341f55c90", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_2" - }, - "locked": { - "lastModified": 1726153070, - "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { - "inputs": { - "nixpkgs-lib": [ - "nixops4", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719994518, - "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_4": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_3" - }, - "locked": { - "lastModified": 1726153070, - "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_5": { - "inputs": { - "nixpkgs-lib": [ - "nixops4-nixos", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719994518, - "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "git-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1730814269, - "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "d70155fdc00df4628446352fc58adc640cd705c2", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "libgit2": { - "flake": false, - "locked": { - "lastModified": 1724328629, - "narHash": "sha256-7SuD4k+ORwFPwDm5Qr5eSV6GMVWjMfFed9KYi8riUQo=", - "owner": "libgit2", - "repo": "libgit2", - "rev": "782e29c906f6e44b120843356f286b6a97d89f88", - "type": "github" - }, - "original": { - "owner": "libgit2", - "repo": "libgit2", - "type": "github" - } - }, - "libgit2_2": { - "flake": false, - "locked": { - "lastModified": 1724328629, - "narHash": "sha256-7SuD4k+ORwFPwDm5Qr5eSV6GMVWjMfFed9KYi8riUQo=", - "owner": "libgit2", - "repo": "libgit2", - "rev": "782e29c906f6e44b120843356f286b6a97d89f88", - "type": "github" - }, - "original": { - "owner": "libgit2", - "repo": "libgit2", - "type": "github" - } - }, - "mk-naked-shell": { - "flake": false, - "locked": { - "lastModified": 1681286841, - "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", - "owner": "yusdacra", - "repo": "mk-naked-shell", - "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "mk-naked-shell", - "type": "github" - } - }, - "mk-naked-shell_2": { - "flake": false, - "locked": { - "lastModified": 1681286841, - "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", - "owner": "yusdacra", - "repo": "mk-naked-shell", - "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "mk-naked-shell", - "type": "github" - } - }, - "nix": { - "inputs": { - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts_3", - "libgit2": "libgit2", - "nixpkgs": [ - "nixops4", - "nixpkgs" - ], - "nixpkgs-23-11": "nixpkgs-23-11", - "nixpkgs-regression": "nixpkgs-regression", - "pre-commit-hooks": "pre-commit-hooks" - }, - "locked": { - "lastModified": 1719448136, - "narHash": "sha256-ya0iofP+QysNzN7Gx7Btfe83ZW1YLpSdkccUNMnbBFQ=", - "owner": "NixOS", - "repo": "nix", - "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nix", - "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", - "type": "github" - } - }, - "nix-cargo-integration": { - "inputs": { - "crane": "crane", - "dream2nix": "dream2nix", - "mk-naked-shell": "mk-naked-shell", - "nixpkgs": [ - "nixops4", - "nixpkgs" - ], - "parts": "parts", - "rust-overlay": "rust-overlay", - "treefmt": "treefmt" - }, - "locked": { - "lastModified": 1729750574, - "narHash": "sha256-87MJq1yxwAcAK/aKSaJ0i4HpaorweyiwRY6kNzsc7v8=", - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "rev": "d4f92d8c201479762727991bb290da18129b858c", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "type": "github" - } - }, - "nix-cargo-integration_2": { - "inputs": { - "crane": "crane_2", - "dream2nix": "dream2nix_2", - "mk-naked-shell": "mk-naked-shell_2", - "nixpkgs": [ - "nixops4-nixos", - "nixpkgs" - ], - "parts": "parts_2", - "rust-overlay": "rust-overlay_2", - "treefmt": "treefmt_2" - }, - "locked": { - "lastModified": 1724393640, - "narHash": "sha256-fjwO6Pv3d35F6UErY42hc7zXJr6ek0LhSZlgEu+eI04=", - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "rev": "3a8e3bb661db28522aa2d4a55f1fccf9f95ec33e", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "type": "github" - } - }, - "nix_2": { - "inputs": { - "flake-compat": "flake-compat_4", - "flake-parts": "flake-parts_5", - "libgit2": "libgit2_2", - "nixpkgs": [ - "nixops4-nixos", - "nixpkgs" - ], - "nixpkgs-23-11": "nixpkgs-23-11_2", - "nixpkgs-regression": "nixpkgs-regression_2", - "pre-commit-hooks": "pre-commit-hooks_2" - }, - "locked": { - "lastModified": 1719448136, - "narHash": "sha256-ya0iofP+QysNzN7Gx7Btfe83ZW1YLpSdkccUNMnbBFQ=", - "owner": "NixOS", - "repo": "nix", - "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nix", - "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", - "type": "github" - } - }, - "nixops4": { - "inputs": { - "flake-parts": "flake-parts_2", - "nix": "nix", - "nix-cargo-integration": "nix-cargo-integration", - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1729771744, - "narHash": "sha256-YsMiKjq91Hyjl0RcCTdxbw6961yAHE/yG8vU8m/dcVY=", - "owner": "nixops4", - "repo": "nixops4", - "rev": "78f39fd60c2891198a444c2f667df6199e7df173", - "type": "github" - }, - "original": { - "owner": "nixops4", - "repo": "nixops4", - "type": "github" - } - }, - "nixops4-nixos": { - "inputs": { - "flake-parts": "flake-parts_4", - "nix": "nix_2", - "nix-cargo-integration": "nix-cargo-integration_2", - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "lastModified": 1727424043, - "narHash": "sha256-00Tm2hCF8xBZk4HmzsaoPGtvRVamq3OujE5xWyHm8FI=", - "owner": "nixops4", - "repo": "nixops4", - "rev": "924af9b0f3666f22c638c02a21bc73a2ba002674", - "type": "github" - }, - "original": { - "owner": "nixops4", - "ref": "eval", - "repo": "nixops4", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1725194671, - "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-23-11": { - "locked": { - "lastModified": 1717159533, - "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - } - }, - "nixpkgs-23-11_2": { - "locked": { - "lastModified": 1717159533, - "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - } - }, - "nixpkgs-latest": { - "locked": { - "lastModified": 1727220152, - "narHash": "sha256-6ezRTVBZT25lQkvaPrfJSxYLwqcbNWm6feD/vG1FO0o=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "24959f933187217890b206788a85bfa73ba75949", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1730504152, - "narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" - } - }, - "nixpkgs-lib_2": { - "locked": { - "lastModified": 1725233747, - "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - } - }, - "nixpkgs-lib_3": { - "locked": { - "lastModified": 1725233747, - "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" - } - }, - "nixpkgs-regression": { - "locked": { - "lastModified": 1643052045, - "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - } - }, - "nixpkgs-regression_2": { - "locked": { - "lastModified": 1643052045, - "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1730741070, - "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1730958623, - "narHash": "sha256-JwQZIGSYnRNOgDDoIgqKITrPVil+RMWHsZH1eE1VGN0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "85f7e662eda4fa3a995556527c87b2524b691933", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1724819573, - "narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "71e91c409d1e654808b2621f28a327acfdad8dc2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1724819573, - "narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "71e91c409d1e654808b2621f28a327acfdad8dc2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1727672256, - "narHash": "sha256-9/79hjQc9+xyH+QxeMcRsA6hDyw6Z9Eo1/oxjvwirLk=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "1719f27dd95fd4206afb9cec9f415b539978827e", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { - "locked": { - "lastModified": 1725194671, - "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_7": { - "locked": { - "lastModified": 1730137230, - "narHash": "sha256-0kW6v0alzWIc/Dc/DoVZ7A9qNScv77bj/zYTKI67HZM=", - "owner": "radvendii", - "repo": "nixpkgs", - "rev": "df815998652a1d00ce7c059a1e5ef7d7c0548c90", - "type": "github" - }, - "original": { - "owner": "radvendii", - "ref": "nixos_rebuild_tests", - "repo": "nixpkgs", - "type": "github" - } - }, - "parts": { - "inputs": { - "nixpkgs-lib": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "parts_2": { - "inputs": { - "nixpkgs-lib": [ - "nixops4-nixos", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "pixelfed": { - "flake": false, - "locked": { - "lastModified": 1719823820, - "narHash": "sha256-CKjqnxp7p2z/13zfp4HQ1OAmaoUtqBKS6HFm6TV8Jwg=", - "owner": "pixelfed", - "repo": "pixelfed", - "rev": "4c245cf429330d01fcb8ebeb9aa8c84a9574a645", - "type": "github" - }, - "original": { - "owner": "pixelfed", - "ref": "v0.12.3", - "repo": "pixelfed", - "type": "github" - } - }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": [ - "nixops4", - "nix" - ], - "gitignore": [ - "nixops4", - "nix" - ], - "nixpkgs": [ - "nixops4", - "nix", - "nixpkgs" - ], - "nixpkgs-stable": [ - "nixops4", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1724857454, - "narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "pre-commit-hooks_2": { - "inputs": { - "flake-compat": [ - "nixops4-nixos", - "nix" - ], - "gitignore": [ - "nixops4-nixos", - "nix" - ], - "nixpkgs": [ - "nixops4-nixos", - "nix", - "nixpkgs" - ], - "nixpkgs-stable": [ - "nixops4-nixos", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1724857454, - "narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "purescript-overlay": { - "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "dream2nix", - "nixpkgs" - ], - "slimlock": "slimlock" - }, - "locked": { - "lastModified": 1724504251, - "narHash": "sha256-TIw+sac0NX0FeAneud+sQZT+ql1G/WEb7/Vb436rUXM=", - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "rev": "988b09676c2a0e6a46dfa3589aa6763c90476b8a", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "type": "github" - } - }, - "purescript-overlay_2": { - "inputs": { - "nixpkgs": [ - "nixops4-nixos", - "nix-cargo-integration", - "dream2nix", - "nixpkgs" - ], - "slimlock": "slimlock_2" - }, - "locked": { - "lastModified": 1696022621, - "narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=", - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "rev": "047c7933abd6da8aa239904422e22d190ce55ead", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "type": "github" - } - }, - "pyproject-nix": { - "flake": false, - "locked": { - "lastModified": 1702448246, - "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", - "owner": "davhau", - "repo": "pyproject.nix", - "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", - "type": "github" - }, - "original": { - "owner": "davhau", - "ref": "dream2nix", - "repo": "pyproject.nix", - "type": "github" - } - }, - "pyproject-nix_2": { - "flake": false, - "locked": { - "lastModified": 1702448246, - "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", - "owner": "davhau", - "repo": "pyproject.nix", - "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", - "type": "github" - }, - "original": { - "owner": "davhau", - "ref": "dream2nix", - "repo": "pyproject.nix", - "type": "github" - } - }, - "root": { - "inputs": { - "disko": "disko", - "flake-parts": "flake-parts", - "git-hooks": "git-hooks", - "nixops4": "nixops4", - "nixops4-nixos": "nixops4-nixos", - "nixpkgs": "nixpkgs_5", - "snf": "snf" - } - }, - "rust-overlay": { - "flake": false, - "locked": { - "lastModified": 1729736953, - "narHash": "sha256-Rb6JUop7NRklg0uzcre+A+Ebrn/ZiQPkm4QdKg6/3pw=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "29b1275740d9283467b8117499ec8cbb35250584", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_2": { - "flake": false, - "locked": { - "lastModified": 1724379657, - "narHash": "sha256-+CFDh1FUgyY7q0FiWhKJpHS7LlD3KbiqN5Z4Z+4bGmc=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "a18034322c7703fcfe5d7352a77981ba4a936a61", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "slimlock": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "dream2nix", - "purescript-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1688756706, - "narHash": "sha256-xzkkMv3neJJJ89zo3o2ojp7nFeaZc2G0fYwNXNJRFlo=", - "owner": "thomashoneyman", - "repo": "slimlock", - "rev": "cf72723f59e2340d24881fd7bf61cb113b4c407c", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "slimlock", - "type": "github" - } - }, - "slimlock_2": { - "inputs": { - "nixpkgs": [ - "nixops4-nixos", - "nix-cargo-integration", - "dream2nix", - "purescript-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1688610262, - "narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=", - "owner": "thomashoneyman", - "repo": "slimlock", - "rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "slimlock", - "type": "github" - } - }, - "snf": { - "inputs": { - "disko": "disko_2", - "nixpkgs": "nixpkgs_7", - "nixpkgs-latest": "nixpkgs-latest", - "pixelfed": "pixelfed" - }, - "locked": { - "lastModified": 1731341458, - "narHash": "sha256-n6OJFaUtqRgzu5pFsk3di2AadSpudWjF5QXIcUKgu4c=", - "ref": "refs/heads/main", - "rev": "49473c43c85e167e5ef0b1deccdfb40664774ec5", - "revCount": 104, - "type": "git", - "url": "https://git.fediversity.eu/fediversity/simple-nixos-fediverse.git" - }, - "original": { - "type": "git", - "url": "https://git.fediversity.eu/fediversity/simple-nixos-fediverse.git" - } - }, - "treefmt": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729613947, - "narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "aac86347fb5063960eccb19493e0cadcdb4205ca", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, - "treefmt_2": { - "inputs": { - "nixpkgs": [ - "nixops4-nixos", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1724338379, - "narHash": "sha256-kKJtaiU5Ou+e/0Qs7SICXF22DLx4V/WhG1P6+k4yeOE=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "070f834771efa715f3e74cd8ab93ecc96fabc951", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/deployment/flake.nix b/deployment/flake.nix deleted file mode 100644 index eca366dd..00000000 --- a/deployment/flake.nix +++ /dev/null @@ -1,184 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; - flake-parts.url = "github:hercules-ci/flake-parts"; - git-hooks.url = "github:cachix/git-hooks.nix"; - - # snf.url = "path:/home/niols/git/fediversity/simple-nixos-fediverse"; #dev - snf.url = "git+https://git.fediversity.eu/fediversity/simple-nixos-fediverse.git"; - disko.url = "github:nix-community/disko"; - - nixops4.url = "github:nixops4/nixops4"; - nixops4-nixos.url = "github:nixops4/nixops4/eval"; - }; - - outputs = - inputs@{ - self, - flake-parts, - nixpkgs, - snf, - ... - }: - flake-parts.lib.mkFlake { inherit inputs; } { - - imports = [ - inputs.nixops4-nixos.modules.flake.default - inputs.git-hooks.flakeModule - ]; - - systems = [ - "x86_64-linux" - "aarch64-linux" - "aarch64-darwin" - "x86_64-darwin" - ]; - - perSystem = - { - config, - inputs', - pkgs, - ... - }: - { - formatter = pkgs.nixfmt-rfc-style; - - pre-commit.settings.hooks = { - nixfmt-rfc-style.enable = true; - deadnix.enable = true; - }; - - devShells.default = pkgs.mkShell { - packages = [ inputs'.nixops4.packages.default ]; - shellHook = config.pre-commit.installationScript; - }; - }; - - flake.vmIdTo03d = - id: - let - sid = toString id; - in - if id >= 0 && id <= 9 then - "00${sid}" - else if id >= 10 && id <= 99 then - "0${sid}" - else - sid; - - flake.allVmIds = # 100 -- 255 - let - allVmIdsFrom = x: if x > 255 then [ ] else [ x ] ++ allVmIdsFrom (x + 1); - in - allVmIdsFrom 100; - - flake.nixosConfigurations.provisioning = - let - inherit (builtins) map listToAttrs; - makeProvisioningConfiguration = - vmid: - nixpkgs.lib.nixosSystem { - modules = [ - { procolix.vmid = vmid; } - ./procolixVm.nix - inputs.disko.nixosModules.default - ]; - }; - in - listToAttrs ( - map (vmid: { - name = "fedi${self.vmIdTo03d vmid}"; - value = makeProvisioningConfiguration vmid; - }) self.allVmIds - ); - - flake.isoInstallers.provisioning = - let - inherit (builtins) mapAttrs; - in - mapAttrs ( - vmname: - snf.mkInstaller { - inherit nixpkgs; - hostKeys = { - rsa = { - private = ./hostKeys/${vmname}/ssh_host_rsa_key; - public = ./hostKeys/${vmname}/ssh_host_rsa_key.pub; - }; - ed25519 = { - private = ./hostKeys/${vmname}/ssh_host_ed25519_key; - public = ./hostKeys/${vmname}/ssh_host_ed25519_key.pub; - }; - }; - } - ) self.nixosConfigurations.provisioning; - - nixops4Deployments.default = - { providers, ... }: - - let - inherit (builtins) readFile; - - makeProcolixVmResource = vmid: vmconfig: { - type = providers.local.exec; - imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; - ssh.opts = ""; - ssh.host = "95.215.187.${self.vmIdTo03d vmid}"; - ssh.hostPublicKey = readFile ./hostKeys/fedi${self.vmIdTo03d vmid}/ssh_host_ed25519_key.pub; - - nixpkgs = inputs.nixpkgs; - nixos.module = { - imports = [ - vmconfig - { procolix.vmid = vmid; } - ./procolixVm.nix - inputs.snf.nixosModules.fediversity - inputs.disko.nixosModules.default - ]; - }; - }; - - in - { - providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local; - - resources = { - fedi100 = makeProcolixVmResource 100 { }; - - fedi101 = makeProcolixVmResource 101 { - fediversity = { - enable = true; - domain = "fedi101.abundos.eu"; - pixelfed.enable = true; - }; - }; - - fedi102 = makeProcolixVmResource 102 { - fediversity = { - enable = true; - domain = "fedi102.abundos.eu"; - mastodon.enable = true; - - temp.cores = 1; # FIXME: should come from NixOps4 eventually - }; - }; - - fedi103 = makeProcolixVmResource 103 ( - { pkgs, ... }: - { - fediversity = { - enable = true; - domain = "fedi103.abundos.eu"; - peertube.enable = true; - - temp.peertubeSecretsFile = pkgs.writeText "secret" '' - 574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24 - ''; - }; - } - ); - }; - }; - }; -} diff --git a/services/installer.nix b/deployment/makeInstaller.nix similarity index 100% rename from services/installer.nix rename to deployment/makeInstaller.nix diff --git a/flake.lock b/flake.lock index 8e4758e4..22f064ae 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,105 @@ { "nodes": { + "crane": { + "flake": false, + "locked": { + "lastModified": 1727316705, + "narHash": "sha256-/mumx8AQ5xFuCJqxCIOFCHTVlxHkMT21idpbgbm/TIE=", + "owner": "ipetkov", + "repo": "crane", + "rev": "5b03654ce046b5167e7b0bccbd8244cb56c16f0e", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "v0.19.0", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { + "flake": false, + "locked": { + "lastModified": 1699217310, + "narHash": "sha256-xpW3VFUG7yE6UE6Wl0dhqencuENSkV7qpnpe9I8VbPw=", + "owner": "ipetkov", + "repo": "crane", + "rev": "d535642bbe6f377077f7c23f0febb78b1463f449", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "v0.15.0", + "repo": "crane", + "type": "github" + } + }, + "disko": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1731274291, + "narHash": "sha256-cZ0QMpv5p2a6WEE+o9uu0a4ma6RzQDOQTbm7PbixWz8=", + "owner": "nix-community", + "repo": "disko", + "rev": "486250f404f4a4f4f33f8f669d83ca5f6e6b7dfc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "dream2nix": { + "inputs": { + "nixpkgs": [ + "nixops4", + "nix-cargo-integration", + "nixpkgs" + ], + "purescript-overlay": "purescript-overlay", + "pyproject-nix": "pyproject-nix" + }, + "locked": { + "lastModified": 1728585693, + "narHash": "sha256-rhx5SYpIkPu7d+rjF9FGGBVxS0BwAEkmYIsJg2a3E20=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "c6935471f7e1a9e190aaa9ac9823dca34e00d92a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, + "dream2nix_2": { + "inputs": { + "nixpkgs": [ + "nixops4-nixos", + "nix-cargo-integration", + "nixpkgs" + ], + "purescript-overlay": "purescript-overlay_2", + "pyproject-nix": "pyproject-nix_2" + }, + "locked": { + "lastModified": 1722526955, + "narHash": "sha256-fFS8aDnfK9Qfm2FLnQ8pqWk8FzvFEv5LvTuZTZLREnc=", + "owner": "nix-community", + "repo": "dream2nix", + "rev": "3fd4c14d3683baac8d1f94286ae14fe160888b51", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "dream2nix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -16,6 +116,54 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -34,11 +182,91 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, + "locked": { + "lastModified": 1726153070, + "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": [ + "nixops4", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, + "locked": { + "lastModified": 1726153070, + "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_5": { + "inputs": { + "nixpkgs-lib": [ + "nixops4-nixos", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "git-hooks": { "inputs": { "flake-compat": "flake-compat", "gitignore": "gitignore", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-stable": "nixpkgs-stable" }, "locked": { @@ -76,6 +304,223 @@ "type": "github" } }, + "libgit2": { + "flake": false, + "locked": { + "lastModified": 1724328629, + "narHash": "sha256-7SuD4k+ORwFPwDm5Qr5eSV6GMVWjMfFed9KYi8riUQo=", + "owner": "libgit2", + "repo": "libgit2", + "rev": "782e29c906f6e44b120843356f286b6a97d89f88", + "type": "github" + }, + "original": { + "owner": "libgit2", + "repo": "libgit2", + "type": "github" + } + }, + "libgit2_2": { + "flake": false, + "locked": { + "lastModified": 1724328629, + "narHash": "sha256-7SuD4k+ORwFPwDm5Qr5eSV6GMVWjMfFed9KYi8riUQo=", + "owner": "libgit2", + "repo": "libgit2", + "rev": "782e29c906f6e44b120843356f286b6a97d89f88", + "type": "github" + }, + "original": { + "owner": "libgit2", + "repo": "libgit2", + "type": "github" + } + }, + "mk-naked-shell": { + "flake": false, + "locked": { + "lastModified": 1681286841, + "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", + "owner": "yusdacra", + "repo": "mk-naked-shell", + "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "mk-naked-shell", + "type": "github" + } + }, + "mk-naked-shell_2": { + "flake": false, + "locked": { + "lastModified": 1681286841, + "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", + "owner": "yusdacra", + "repo": "mk-naked-shell", + "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "mk-naked-shell", + "type": "github" + } + }, + "nix": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts_3", + "libgit2": "libgit2", + "nixpkgs": [ + "nixops4", + "nixpkgs" + ], + "nixpkgs-23-11": "nixpkgs-23-11", + "nixpkgs-regression": "nixpkgs-regression", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1719448136, + "narHash": "sha256-ya0iofP+QysNzN7Gx7Btfe83ZW1YLpSdkccUNMnbBFQ=", + "owner": "NixOS", + "repo": "nix", + "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nix", + "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", + "type": "github" + } + }, + "nix-cargo-integration": { + "inputs": { + "crane": "crane", + "dream2nix": "dream2nix", + "mk-naked-shell": "mk-naked-shell", + "nixpkgs": [ + "nixops4", + "nixpkgs" + ], + "parts": "parts", + "rust-overlay": "rust-overlay", + "treefmt": "treefmt" + }, + "locked": { + "lastModified": 1729750574, + "narHash": "sha256-87MJq1yxwAcAK/aKSaJ0i4HpaorweyiwRY6kNzsc7v8=", + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "rev": "d4f92d8c201479762727991bb290da18129b858c", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "type": "github" + } + }, + "nix-cargo-integration_2": { + "inputs": { + "crane": "crane_2", + "dream2nix": "dream2nix_2", + "mk-naked-shell": "mk-naked-shell_2", + "nixpkgs": [ + "nixops4-nixos", + "nixpkgs" + ], + "parts": "parts_2", + "rust-overlay": "rust-overlay_2", + "treefmt": "treefmt_2" + }, + "locked": { + "lastModified": 1724393640, + "narHash": "sha256-fjwO6Pv3d35F6UErY42hc7zXJr6ek0LhSZlgEu+eI04=", + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "rev": "3a8e3bb661db28522aa2d4a55f1fccf9f95ec33e", + "type": "github" + }, + "original": { + "owner": "yusdacra", + "repo": "nix-cargo-integration", + "type": "github" + } + }, + "nix_2": { + "inputs": { + "flake-compat": "flake-compat_4", + "flake-parts": "flake-parts_5", + "libgit2": "libgit2_2", + "nixpkgs": [ + "nixops4-nixos", + "nixpkgs" + ], + "nixpkgs-23-11": "nixpkgs-23-11_2", + "nixpkgs-regression": "nixpkgs-regression_2", + "pre-commit-hooks": "pre-commit-hooks_2" + }, + "locked": { + "lastModified": 1719448136, + "narHash": "sha256-ya0iofP+QysNzN7Gx7Btfe83ZW1YLpSdkccUNMnbBFQ=", + "owner": "NixOS", + "repo": "nix", + "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nix", + "rev": "ed129267dcd7dd2cce48c09b17aefd6cfc488bcd", + "type": "github" + } + }, + "nixops4": { + "inputs": { + "flake-parts": "flake-parts_2", + "nix": "nix", + "nix-cargo-integration": "nix-cargo-integration", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1729771744, + "narHash": "sha256-YsMiKjq91Hyjl0RcCTdxbw6961yAHE/yG8vU8m/dcVY=", + "owner": "nixops4", + "repo": "nixops4", + "rev": "78f39fd60c2891198a444c2f667df6199e7df173", + "type": "github" + }, + "original": { + "owner": "nixops4", + "repo": "nixops4", + "type": "github" + } + }, + "nixops4-nixos": { + "inputs": { + "flake-parts": "flake-parts_4", + "nix": "nix_2", + "nix-cargo-integration": "nix-cargo-integration_2", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1727424043, + "narHash": "sha256-00Tm2hCF8xBZk4HmzsaoPGtvRVamq3OujE5xWyHm8FI=", + "owner": "nixops4", + "repo": "nixops4", + "rev": "924af9b0f3666f22c638c02a21bc73a2ba002674", + "type": "github" + }, + "original": { + "owner": "nixops4", + "ref": "eval", + "repo": "nixops4", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1730958623, @@ -92,6 +537,38 @@ "type": "github" } }, + "nixpkgs-23-11": { + "locked": { + "lastModified": 1717159533, + "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + } + }, + "nixpkgs-23-11_2": { + "locked": { + "lastModified": 1717159533, + "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { "lastModified": 1730504152, @@ -104,6 +581,62 @@ "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" } }, + "nixpkgs-lib_2": { + "locked": { + "lastModified": 1725233747, + "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + } + }, + "nixpkgs-lib_3": { + "locked": { + "lastModified": 1725233747, + "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-regression_2": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, "nixpkgs-stable": { "locked": { "lastModified": 1730741070, @@ -121,6 +654,54 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1730958623, + "narHash": "sha256-JwQZIGSYnRNOgDDoIgqKITrPVil+RMWHsZH1eE1VGN0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "85f7e662eda4fa3a995556527c87b2524b691933", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1724819573, + "narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "71e91c409d1e654808b2621f28a327acfdad8dc2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1724819573, + "narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "71e91c409d1e654808b2621f28a327acfdad8dc2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { "locked": { "lastModified": 1727672256, "narHash": "sha256-9/79hjQc9+xyH+QxeMcRsA6hDyw6Z9Eo1/oxjvwirLk=", @@ -136,11 +717,335 @@ "type": "github" } }, + "parts": { + "inputs": { + "nixpkgs-lib": [ + "nixops4", + "nix-cargo-integration", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nixops4-nixos", + "nix-cargo-integration", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": [ + "nixops4", + "nix" + ], + "gitignore": [ + "nixops4", + "nix" + ], + "nixpkgs": [ + "nixops4", + "nix", + "nixpkgs" + ], + "nixpkgs-stable": [ + "nixops4", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1724857454, + "narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks_2": { + "inputs": { + "flake-compat": [ + "nixops4-nixos", + "nix" + ], + "gitignore": [ + "nixops4-nixos", + "nix" + ], + "nixpkgs": [ + "nixops4-nixos", + "nix", + "nixpkgs" + ], + "nixpkgs-stable": [ + "nixops4-nixos", + "nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1724857454, + "narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "purescript-overlay": { + "inputs": { + "flake-compat": "flake-compat_3", + "nixpkgs": [ + "nixops4", + "nix-cargo-integration", + "dream2nix", + "nixpkgs" + ], + "slimlock": "slimlock" + }, + "locked": { + "lastModified": 1724504251, + "narHash": "sha256-TIw+sac0NX0FeAneud+sQZT+ql1G/WEb7/Vb436rUXM=", + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "rev": "988b09676c2a0e6a46dfa3589aa6763c90476b8a", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "type": "github" + } + }, + "purescript-overlay_2": { + "inputs": { + "nixpkgs": [ + "nixops4-nixos", + "nix-cargo-integration", + "dream2nix", + "nixpkgs" + ], + "slimlock": "slimlock_2" + }, + "locked": { + "lastModified": 1696022621, + "narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=", + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "rev": "047c7933abd6da8aa239904422e22d190ce55ead", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "purescript-overlay", + "type": "github" + } + }, + "pyproject-nix": { + "flake": false, + "locked": { + "lastModified": 1702448246, + "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", + "owner": "davhau", + "repo": "pyproject.nix", + "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", + "type": "github" + }, + "original": { + "owner": "davhau", + "ref": "dream2nix", + "repo": "pyproject.nix", + "type": "github" + } + }, + "pyproject-nix_2": { + "flake": false, + "locked": { + "lastModified": 1702448246, + "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", + "owner": "davhau", + "repo": "pyproject.nix", + "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", + "type": "github" + }, + "original": { + "owner": "davhau", + "ref": "dream2nix", + "repo": "pyproject.nix", + "type": "github" + } + }, "root": { "inputs": { + "disko": "disko", "flake-parts": "flake-parts", "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_2" + "nixops4": "nixops4", + "nixops4-nixos": "nixops4-nixos", + "nixpkgs": "nixpkgs_5" + } + }, + "rust-overlay": { + "flake": false, + "locked": { + "lastModified": 1729736953, + "narHash": "sha256-Rb6JUop7NRklg0uzcre+A+Ebrn/ZiQPkm4QdKg6/3pw=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "29b1275740d9283467b8117499ec8cbb35250584", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { + "flake": false, + "locked": { + "lastModified": 1724379657, + "narHash": "sha256-+CFDh1FUgyY7q0FiWhKJpHS7LlD3KbiqN5Z4Z+4bGmc=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "a18034322c7703fcfe5d7352a77981ba4a936a61", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "slimlock": { + "inputs": { + "nixpkgs": [ + "nixops4", + "nix-cargo-integration", + "dream2nix", + "purescript-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688756706, + "narHash": "sha256-xzkkMv3neJJJ89zo3o2ojp7nFeaZc2G0fYwNXNJRFlo=", + "owner": "thomashoneyman", + "repo": "slimlock", + "rev": "cf72723f59e2340d24881fd7bf61cb113b4c407c", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "slimlock", + "type": "github" + } + }, + "slimlock_2": { + "inputs": { + "nixpkgs": [ + "nixops4-nixos", + "nix-cargo-integration", + "dream2nix", + "purescript-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688610262, + "narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=", + "owner": "thomashoneyman", + "repo": "slimlock", + "rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6", + "type": "github" + }, + "original": { + "owner": "thomashoneyman", + "repo": "slimlock", + "type": "github" + } + }, + "treefmt": { + "inputs": { + "nixpkgs": [ + "nixops4", + "nix-cargo-integration", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729613947, + "narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "aac86347fb5063960eccb19493e0cadcdb4205ca", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt_2": { + "inputs": { + "nixpkgs": [ + "nixops4-nixos", + "nix-cargo-integration", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1724338379, + "narHash": "sha256-kKJtaiU5Ou+e/0Qs7SICXF22DLx4V/WhG1P6+k4yeOE=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "070f834771efa715f3e74cd8ab93ecc96fabc951", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 7192e506..59a40fc6 100644 --- a/flake.nix +++ b/flake.nix @@ -3,6 +3,11 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; flake-parts.url = "github:hercules-ci/flake-parts"; git-hooks.url = "github:cachix/git-hooks.nix"; + + disko.url = "github:nix-community/disko"; + + nixops4.url = "github:nixops4/nixops4"; + nixops4-nixos.url = "github:nixops4/nixops4/eval"; }; outputs = @@ -15,10 +20,21 @@ "aarch64-darwin" ]; - imports = [ inputs.git-hooks.flakeModule ]; + imports = [ + inputs.git-hooks.flakeModule + inputs.nixops4-nixos.modules.flake.default + + ./deployment/flake-part.nix + ./services/flake-part.nix + ]; perSystem = - { config, pkgs, ... }: + { + config, + pkgs, + inputs', + ... + }: { formatter = pkgs.nixfmt-rfc-style; @@ -44,7 +60,13 @@ }; }; - devShells.default = pkgs.mkShell { shellHook = config.pre-commit.installationScript; }; + devShells.default = pkgs.mkShell { + packages = [ + pkgs.nil + inputs'.nixops4.packages.default + ]; + shellHook = config.pre-commit.installationScript; + }; }; }; } diff --git a/services/.envrc b/services/.envrc deleted file mode 100644 index 3550a30f..00000000 --- a/services/.envrc +++ /dev/null @@ -1 +0,0 @@ -use flake diff --git a/services/disk-layout.nix b/services/disk-layout.nix deleted file mode 100644 index 13f1a207..00000000 --- a/services/disk-layout.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ ... }: -{ - disko.devices.disk.main = { - device = "/dev/sda"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - MBR = { - priority = 0; - size = "1M"; - type = "EF02"; - }; - ESP = { - priority = 1; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - priority = 2; - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; - }; - }; - }; - }; -} diff --git a/services/flake-part.nix b/services/flake-part.nix new file mode 100644 index 00000000..01c941a2 --- /dev/null +++ b/services/flake-part.nix @@ -0,0 +1,14 @@ +{ self, ... }: + +{ + flake.nixosModules.fediversity = import ./fediversity; + + perSystem = + { pkgs, ... }: + { + checks = { + mastodon-garage = import ./tests/mastodon-garage.nix { inherit self pkgs; }; + pixelfed-garage = import ./tests/pixelfed-garage.nix { inherit self pkgs; }; + }; + }; +} diff --git a/services/flake.lock b/services/flake.lock deleted file mode 100644 index 42218659..00000000 --- a/services/flake.lock +++ /dev/null @@ -1,187 +0,0 @@ -{ - "nodes": { - "disko": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1727347829, - "narHash": "sha256-y7cW6TjJKy+tu7efxeWI6lyg4VVx/9whx+OmrhmRShU=", - "owner": "nix-community", - "repo": "disko", - "rev": "1879e48907c14a70302ff5d0539c3b9b6f97feaa", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "git-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1730814269, - "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "d70155fdc00df4628446352fc58adc640cd705c2", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1725194671, - "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-latest": { - "locked": { - "lastModified": 1727220152, - "narHash": "sha256-6ezRTVBZT25lQkvaPrfJSxYLwqcbNWm6feD/vG1FO0o=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "24959f933187217890b206788a85bfa73ba75949", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1730741070, - "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1730768919, - "narHash": "sha256-8AKquNnnSaJRXZxc5YmF/WfmxiHX6MMZZasRP6RRQkE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a04d33c0c3f1a59a2c1cb0c6e34cd24500e5a1dc", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1730137230, - "narHash": "sha256-0kW6v0alzWIc/Dc/DoVZ7A9qNScv77bj/zYTKI67HZM=", - "owner": "radvendii", - "repo": "nixpkgs", - "rev": "df815998652a1d00ce7c059a1e5ef7d7c0548c90", - "type": "github" - }, - "original": { - "owner": "radvendii", - "ref": "nixos_rebuild_tests", - "repo": "nixpkgs", - "type": "github" - } - }, - "pixelfed": { - "flake": false, - "locked": { - "lastModified": 1719823820, - "narHash": "sha256-CKjqnxp7p2z/13zfp4HQ1OAmaoUtqBKS6HFm6TV8Jwg=", - "owner": "pixelfed", - "repo": "pixelfed", - "rev": "4c245cf429330d01fcb8ebeb9aa8c84a9574a645", - "type": "github" - }, - "original": { - "owner": "pixelfed", - "ref": "v0.12.3", - "repo": "pixelfed", - "type": "github" - } - }, - "root": { - "inputs": { - "disko": "disko", - "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_3", - "nixpkgs-latest": "nixpkgs-latest", - "pixelfed": "pixelfed" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/services/flake.nix b/services/flake.nix deleted file mode 100644 index b55b2812..00000000 --- a/services/flake.nix +++ /dev/null @@ -1,135 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:radvendii/nixpkgs/nixos_rebuild_tests"; - nixpkgs-latest.url = "github:nixos/nixpkgs"; - git-hooks.url = "github:cachix/git-hooks.nix"; - - pixelfed = { - url = "github:pixelfed/pixelfed?ref=v0.12.3"; - flake = false; - }; - disko.url = "github:nix-community/disko"; - }; - - outputs = - { - self, - nixpkgs, - nixpkgs-latest, - git-hooks, - pixelfed, - disko, - }: - let - system = "x86_64-linux"; - lib = nixpkgs.lib; - pkgs = nixpkgs.legacyPackages.${system}; - pkgsLatest = nixpkgs-latest.legacyPackages.${system}; - bleedingFediverseOverlay = ( - _: _: { - pixelfed = pkgsLatest.pixelfed.overrideAttrs (old: { - src = pixelfed; - patches = (old.patches or [ ]) ++ [ ./fediversity/pixelfed-group-permissions.patch ]; - }); - ## TODO: give mastodon, peertube the same treatment - } - ); - in - { - nixosModules = { - ## Bleeding-edge fediverse packages - bleedingFediverse = { - nixpkgs.overlays = [ bleedingFediverseOverlay ]; - }; - ## Fediversity modules - fediversity = import ./fediversity; - - ## VM-specific modules - interactive-vm = import ./vm/interactive-vm.nix; - garage-vm = import ./vm/garage-vm.nix; - mastodon-vm = import ./vm/mastodon-vm.nix; - peertube-vm = import ./vm/peertube-vm.nix; - pixelfed-vm = import ./vm/pixelfed-vm.nix; - - disk-layout = import ./disk-layout.nix; - }; - - nixosConfigurations = { - mastodon = nixpkgs.lib.nixosSystem { - inherit system; - modules = with self.nixosModules; [ - disko.nixosModules.default - disk-layout - bleedingFediverse - fediversity - interactive-vm - garage-vm - mastodon-vm - ]; - }; - - peertube = nixpkgs.lib.nixosSystem { - inherit system; - modules = with self.nixosModules; [ - disko.nixosModules.default - disk-layout - bleedingFediverse - fediversity - interactive-vm - garage-vm - peertube-vm - ]; - }; - - pixelfed = nixpkgs.lib.nixosSystem { - inherit system; - modules = with self.nixosModules; [ - disko.nixosModules.default - disk-layout - bleedingFediverse - fediversity - interactive-vm - garage-vm - pixelfed-vm - ]; - }; - - all = nixpkgs.lib.nixosSystem { - inherit system; - modules = with self.nixosModules; [ - disko.nixosModules.default - disk-layout - bleedingFediverse - fediversity - interactive-vm - garage-vm - peertube-vm - pixelfed-vm - mastodon-vm - ]; - }; - }; - - ## Fully-feature ISO installer - mkInstaller = import ./installer.nix; - installers = lib.mapAttrs (_: config: self.mkInstaller nixpkgs config) self.nixosConfigurations; - - checks.${system} = { - mastodon-garage = import ./tests/mastodon-garage.nix { inherit pkgs self; }; - pixelfed-garage = import ./tests/pixelfed-garage.nix { inherit pkgs self; }; - - pre-commit = git-hooks.lib.${system}.run { - src = ./.; - hooks = { - nixfmt-rfc-style.enable = true; - deadnix.enable = true; - }; - }; - }; - - devShells.${system}.default = pkgs.mkShell { - inputs = with pkgs; [ nil ]; - shellHook = self.checks.${system}.pre-commit.shellHook; - }; - }; -} diff --git a/services/tests/mastodon-garage.nix b/services/tests/mastodon-garage.nix index 242e8650..b0a9d625 100644 --- a/services/tests/mastodon-garage.nix +++ b/services/tests/mastodon-garage.nix @@ -43,10 +43,9 @@ pkgs.nixosTest { { virtualisation.memorySize = lib.mkVMOverride 4096; imports = with self.nixosModules; [ - bleedingFediverse fediversity - garage-vm - mastodon-vm + ../vm/garage-vm.nix + ../vm/mastodon-vm.nix ]; # TODO: pair down environment.systemPackages = with pkgs; [ diff --git a/services/tests/pixelfed-garage.nix b/services/tests/pixelfed-garage.nix index bdac4029..849a45cb 100644 --- a/services/tests/pixelfed-garage.nix +++ b/services/tests/pixelfed-garage.nix @@ -143,10 +143,9 @@ pkgs.nixosTest { cores = 8; }; imports = with self.nixosModules; [ - bleedingFediverse fediversity - garage-vm - pixelfed-vm + ../vm/garage-vm.nix + ../vm/pixelfed-vm.nix ]; # TODO: pair down environment.systemPackages = with pkgs; [