From 86ac7345a9e569082a627efc315859e6402e3a98 Mon Sep 17 00:00:00 2001 From: Valentin Gagarin Date: Wed, 25 Sep 2024 12:08:34 +0200 Subject: [PATCH] use npins at least that works --- default.nix | 103 +++++++++++++++++++++++++++++++++++++++++++++ npins/default.nix | 80 +++++++++++++++++++++++++++++++++++ npins/sources.json | 32 ++++++++++++++ 3 files changed, 215 insertions(+) create mode 100644 default.nix create mode 100644 npins/default.nix create mode 100644 npins/sources.json diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..6540aea --- /dev/null +++ b/default.nix @@ -0,0 +1,103 @@ +let + inputs = import ./npins; + system = "x86_64-linux"; + pkgs = import inputs.nixpkgs { config = { }; overlays = [ ]; system = builtins.currentSystem; }; + lib = import "${inputs.nixpkgs}/lib" // { inherit nixosSystem; }; + nixosSystem = args: + import "${inputs.nixpkgs}/nixos/lib/eval-config.nix" + ( + { + inherit lib; + # Allow system to be set modularly in nixpkgs.system. + # We set it to null, to remove the "legacy" entrypoint's + # non-hermetic default. + system = null; + + modules = args.modules; + } + // builtins.removeAttrs args [ "modules" ] + ); +in +rec { + nixosModules = { + disko = "${inputs.disko}/module.nix"; + disk-layout = import ./vm/disk-layout.nix; + interactive-vm = import ./vm/interactive-vm.nix; + mastodon-vm = import ./vm/mastodon-vm.nix; + peertube-vm = import ./vm/peertube-vm.nix; + pixelfed-vm = import ./vm/pixelfed-vm.nix; + }; + + # test with + # nix-build -A nixosConfigurations..installTest + nixosConfigurations = { + mastodon = nixosSystem { + inherit system; + modules = with nixosModules; [ + disko + disk-layout + interactive-vm + mastodon-vm + ]; + }; + + peertube = nixosSystem { + inherit system; + modules = with nixosModules; [ + disko + disk-layout + interactive-vm + peertube-vm + ]; + }; + + pixelfed = nixosSystem { + inherit system; + modules = with nixosModules; [ + disko + disk-layout + interactive-vm + pixelfed-vm + ]; + }; + + all = nixosSystem { + inherit system; + modules = with nixosModules; [ + interactive-vm + disko + disk-layout + peertube-vm + pixelfed-vm + mastodon-vm + ]; + }; + }; + + # build with + # nix-build -A installers. + installers = + let + installer = (import ./installer.nix) { inherit lib; outPath = inputs.nixpkgs; }; + in + lib.mapAttrs (_: config: installer config) nixosConfigurations; + + # run with + # $(nix-build -A deploy. --no-out-link)/bin/deploy + deploy = + let + deployCommand = (pkgs.callPackage ./deploy.nix { }); + in + lib.mapAttrs (name: config: deployCommand name config) nixosConfigurations; + + tests = { + mastodon-garage = import ./tests/mastodon-garage.nix { inherit pkgs; }; + pixelfed-garage = import ./tests/pixelfed-garage.nix { inherit pkgs; }; + }; + + shell = pkgs.mkShell { + packages = with pkgs; [ + nil + ]; + }; +} diff --git a/npins/default.nix b/npins/default.nix new file mode 100644 index 0000000..5e7d086 --- /dev/null +++ b/npins/default.nix @@ -0,0 +1,80 @@ +# Generated by npins. Do not modify; will be overwritten regularly +let + data = builtins.fromJSON (builtins.readFile ./sources.json); + version = data.version; + + mkSource = + spec: + assert spec ? type; + let + path = + if spec.type == "Git" then + mkGitSource spec + else if spec.type == "GitRelease" then + mkGitSource spec + else if spec.type == "PyPi" then + mkPyPiSource spec + else if spec.type == "Channel" then + mkChannelSource spec + else + builtins.throw "Unknown source type ${spec.type}"; + in + spec // { outPath = path; }; + + mkGitSource = + { + repository, + revision, + url ? null, + hash, + branch ? null, + ... + }: + assert repository ? type; + # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository + # In the latter case, there we will always be an url to the tarball + if url != null then + (builtins.fetchTarball { + inherit url; + sha256 = hash; # FIXME: check nix version & use SRI hashes + }) + else + assert repository.type == "Git"; + let + urlToName = + url: rev: + let + matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url; + + short = builtins.substring 0 7 rev; + + appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; + in + "${if matched == null then "source" else builtins.head matched}${appendShort}"; + name = urlToName repository.url revision; + in + builtins.fetchGit { + url = repository.url; + rev = revision; + inherit name; + # hash = hash; + }; + + mkPyPiSource = + { url, hash, ... }: + builtins.fetchurl { + inherit url; + sha256 = hash; + }; + + mkChannelSource = + { url, hash, ... }: + builtins.fetchTarball { + inherit url; + sha256 = hash; + }; +in +if version == 3 then + builtins.mapAttrs (_: mkSource) data.pins +else + throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" diff --git a/npins/sources.json b/npins/sources.json new file mode 100644 index 0000000..c348f35 --- /dev/null +++ b/npins/sources.json @@ -0,0 +1,32 @@ +{ + "pins": { + "disko": { + "type": "GitRelease", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "disko" + }, + "pre_releases": false, + "version_upper_bound": null, + "release_prefix": null, + "version": "v1.8.0", + "revision": "624fd86460e482017ed9c3c3c55a3758c06a4e7f", + "url": "https://api.github.com/repos/nix-community/disko/tarball/v1.8.0", + "hash": "06ifryv6rw25cz8zda4isczajdgrvcl3aqr145p8njxx5jya2d77" + }, + "nixpkgs": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "radvendii", + "repo": "nixpkgs" + }, + "branch": "nixos_rebuild_tests", + "revision": "8648620e5c0d8a63f7319bbdaaa9a7f3bccae0f0", + "url": "https://github.com/radvendii/nixpkgs/archive/8648620e5c0d8a63f7319bbdaaa9a7f3bccae0f0.tar.gz", + "hash": "18s3731h59rby16hv1vkdjaib91h3myxbr041fndq6j5m7jjkbap" + } + }, + "version": 3 +} \ No newline at end of file