kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

rm bash-proxmox

Browse source 
Signed-off-by: Kiara Grouwstra <kiara@procolix.eu>
This commit is contained in:
Kiara Grouwstra 2025-10-11 14:37:39 +02:00
parent 3c375da97c
commit 0758f6aa5b
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
8 changed files with 64 additions and 374 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
deployment/check/common/data-model.nix
View file

@ -28,7 +28,6 @@ let
proxmox-user proxmox-user
proxmox-password proxmox-password
node-name node-name
vm-names
; ;
inherit (lib) mkOption types; inherit (lib) mkOption types;
eval = eval =
@ -313,38 +312,6 @@ let
}; };
}; };
}; };
single-nixos-vm-bash-proxmox = environment: {
resources."operator-environment".login-shell.username = "operator";
implementation =
{
required-resources,
deployment-name,
}:
{
bash-proxmox-host = {
nixos-configuration = mkNixosConfiguration environment required-resources;
system = targetSystem;
# ssh = {
# username = "root";
# host = nodeName;
# key-file = null;
# inherit sshOpts;
# };
module = self;
inherit
args
deployment-name
# proxmox-host
proxmox-user
proxmox-password
node-name
vm-names
;
proxmox-host = nodeName;
root-path = pathToRoot;
};
};
};
single-nixos-vm-tf-proxmox = environment: { single-nixos-vm-tf-proxmox = environment: {
resources."operator-environment".login-shell = { resources."operator-environment".login-shell = {
wheel = true; wheel = true;
@ -421,17 +388,6 @@ let
configuration = config."example-configuration"; configuration = config."example-configuration";
}; };
}; };
"bash-proxmox-deployment" =
let
env = config.environments."single-nixos-vm-bash-proxmox";
in
mkOption {
type = env.resource-mapping.output-type;
default = env.deployment {
deployment-name = "bash-proxmox-deployment";
configuration = config."example-configuration";
};
};
"tf-proxmox-deployment" = "tf-proxmox-deployment" =
let let
env = config.environments."single-nixos-vm-tf-proxmox"; env = config.environments."single-nixos-vm-tf-proxmox";

10
deployment/check/data-model-bash-proxmox/constants.nix
View file

@ -1,10 +0,0 @@
{
targetMachines = [
"pve"
];
pathToRoot = builtins.path {
path = ../../..;
name = "root";
};
pathFromRoot = "/deployment/check/data-model-bash-proxmox";
}

46
deployment/check/data-model-bash-proxmox/default.nix
View file

@ -1,46 +0,0 @@
{
inputs,
sources,
system,
}:
let
pkgs = import sources.nixpkgs-stable {
inherit system;
overlays = [ overlay ];
};
overlay = _: _: {
inherit
(import "${sources.proxmox-nixos}/pkgs" {
craneLib = pkgs.callPackage "${sources.crane}/lib" { };
# breaks from https://github.com/NixOS/nixpkgs/commit/06b354eb2dc535c57e9b4caaa16d79168f117a26,
# which updates libvncserver to 0.9.15, which was not yet patched at https://git.proxmox.com/?p=vncterm.git.
inherit pkgs;
# not so picky about version for our purposes
pkgs-unstable = pkgs;
})
proxmox-ve
pve-ha-manager
;
};
in
pkgs.testers.runNixOSTest {
node.specialArgs = {
inherit
sources
pkgs
;
};
imports = [
../../data-model.nix
../../function.nix
../common/nixosTest.nix
./nixosTest.nix
];
_module.args = { inherit inputs sources; };
inherit (import ./constants.nix)
targetMachines
pathToRoot
pathFromRoot
;
}

103
deployment/check/data-model-bash-proxmox/nixosTest.nix
View file

@ -1,103 +0,0 @@
{
lib,
pkgs,
sources,
...
}:
let
inherit (pkgs) system;
deployment-config = {
inherit (import ./constants.nix) pathToRoot;
nodeName = "pve";
targetSystem = system;
sshOpts = [ ];
proxmox-user = "root@pam";
proxmox-password = "mytestpw";
node-name = "pve";
vm-names = [ "test14" ];
};
# FIXME generate the image `nixos-generate` was to make, but now do it for a desired `-c configuration.nix` rather than whatever generic thing now
deployment =
(import ../common/data-model.nix {
inherit system;
config = deployment-config;
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
})."bash-proxmox-deployment".bash-proxmox-host;
in
{
_class = "nixosTest";
imports = [
../common/data-model-options.nix
];
name = "deployment-model";
sourceFileset = lib.fileset.unions [
../../run/tf-proxmox/run.sh
];
nodes.pve =
{ sources, ... }:
{
imports = [
"${sources.proxmox-nixos}/modules/proxmox-ve"
];
users.users.root = {
password = "mytestpw";
hashedPasswordFile = lib.mkForce null;
};
services.proxmox-ve = {
enable = true;
ipAddress = "192.168.1.1";
};
virtualisation = {
diskSize = 2 * 1024;
memorySize = 2048;
};
};
nodes.deployer =
{ ... }:
{
nix.nixPath = [
(lib.concatStringsSep ":" (lib.mapAttrsToList (k: v: k + "=" + v) sources))
];
environment.systemPackages = [
deployment.run
];
# needed only when building from deployer
system.extraDependenciesFromModule =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
hello
];
};
system.extraDependencies = [
pkgs.gnu-config
pkgs.byacc
pkgs.stdenv
pkgs.stdenvNoCC
sources.nixpkgs
pkgs.vte
];
};
extraTestScript = ''
pve.wait_for_unit("pveproxy.service")
assert "running" in pve.succeed("pveproxy status")
pve.succeed("mkdir -p /run/pve")
assert "Proxmox" in pve.succeed("curl -s -i -k https://localhost:8006")
# pve.succeed("pvesh get /nodes && exit 1")
# pve.succeed("pvesh set /access/password --userid root@pam --password mypwdlol --confirmation-password mytestpw 1>&2")
# pve.succeed("curl -s -i -k -d '{\"userid\":\"root@pam\",\"password\":\"mypwdhaha\",\"confirmation-password\":\"mypwdlol\"}' -X PUT https://localhost:8006/api2/json/access/password 1>&2")
with subtest("Run the deployment"):
deployer.succeed("""
${lib.getExe deployment.run}
""")
# target.succeed("su - operator -c hello 1>&2")
'';
}

38
deployment/check/data-model-tf/options.nix Normal file
View file

@ -0,0 +1,38 @@
{
lib,
...
}:
let
inherit (lib) mkOption types;
in
{
options = {
targetSystem = mkOption {
type = types.str;
description = "name of the host to deploy to";
};
sshOpts = mkOption {
description = "Extra SSH options (`-o`) to use.";
type = types.listOf types.str;
default = [ ];
example = "ConnectTimeout=60";
};
httpBackend = mkOption {
description = "environment variables to configure the TF HTTP back-end, see <https://developer.hashicorp.com/terraform/language/backend/http#configuration-variables>";
type = types.attrsOf (types.either types.str types.int);
};
proxmox-user = mkOption {
description = "The ProxmoX user to use.";
type = types.str;
default = "root@pam";
};
proxmox-password = mkOption {
description = "The ProxmoX password to use.";
type = types.str;
};
node-name = mkOption {
description = "the name of the ProxmoX node to use.";
type = types.str;
};
};
}

120
deployment/data-model.nix
View file

@ -284,115 +284,6 @@ let
}; };
}); });
}; };
bash-proxmox-host = mkOption {
description = "A bash deployment by SSH to create or update a NixOS VM in ProxmoX.";
type = submodule (bash-proxmox-host: {
options = {
system = mkOption {
description = "The architecture of the system to deploy to.";
type = types.str;
};
inherit nixos-configuration;
# TODO: add proxmox info
module = mkOption {
description = "The module to call to obtain the NixOS configuration from.";
type = types.str;
};
args = mkOption {
description = "The arguments with which to call the module to obtain the NixOS configuration.";
type = types.attrs;
};
deployment-name = mkOption {
description = "The name of the deployment for which to obtain the NixOS configuration.";
type = types.str;
};
root-path = mkOption {
description = "The path to the root of the repository.";
type = types.path;
};
proxmox-host = mkOption {
description = "The host of the ProxmoX instance to use.";
type = types.str;
default = "192.168.51.81";
};
vm-names = mkOption {
description = "The names of VMs to provision.";
type = types.listOf types.str;
};
proxmox-user = mkOption {
description = "The ProxmoX user to use.";
type = types.str;
default = "root@pam";
};
# TODO: is sensitivity here handled properly?
proxmox-password = mkOption {
description = "The ProxmoX password to use.";
type = types.str;
};
node-name = mkOption {
description = "the name of the ProxmoX node to use.";
type = types.str;
};
run = mkOption {
type = types.package;
# error: The option `.run' is read-only, but it's set multiple times.
# readOnly = true;
default =
let
deployment-type = "bash-proxmox-host";
inherit (bash-proxmox-host.config)
system
module
args
deployment-name
root-path
node-name
proxmox-host
proxmox-user
proxmox-password
vm-names
;
nixos_conf = writeConfig {
inherit
system
module
args
deployment-name
root-path
deployment-type
;
};
in
pkgs.writers.writeBashBin "provision-proxmox.sh"
(withPackages [
pkgs.httpie
pkgs.jq
])
''
bash ./infra/proxmox-remove.sh \
--api-url "https://${proxmox-host}:8006/api2/json" \
--username "${proxmox-user}" \
--password "${proxmox-password}" \
--node "${node-name}" \
7014
# ^ hardcoded ID of test14
# ${lib.concatStringsSep " " vm-names}
bash ./infra/proxmox-provision.sh \
--api-url "https://${proxmox-host}:8006/api2/json" \
--username "${proxmox-user}" \
--password "${proxmox-password}" \
--node "${node-name}" \
${
# lib.concatStringsSep " " vm-names
lib.concatStringsSep " " (lib.lists.map (k: "${k}:${nixos_conf}") vm-names)
}
# ${lib.concatStringsSep " " vm-names}
'';
};
};
});
};
tf-proxmox-host = mkOption { tf-proxmox-host = mkOption {
description = "A Terraform deployment by SSH to update a single existing NixOS host."; description = "A Terraform deployment by SSH to update a single existing NixOS host.";
# type = submodule (tf-host: { # type = submodule (tf-host: {
@ -555,8 +446,6 @@ let
"deployment/run/tf-proxmox" "deployment/run/tf-proxmox"
]; ];
}; };
proxmox-host = "192.168.51.81"; # root@fediversity-proxmox
vm-names = [ "test14" ];
vm_name = "test14"; vm_name = "test14";
in in
lib.trace (lib.strings.toJSON environment) pkgs.writers.writeBashBin "deploy-tf-proxmox.sh" lib.trace (lib.strings.toJSON environment) pkgs.writers.writeBashBin "deploy-tf-proxmox.sh"
@ -570,15 +459,6 @@ let
'' ''
set -e set -e
# bash ./infra/proxmox-remove.sh \
# --api-url "https://${proxmox-host}:8006/api2/json" \
# --username "${proxmox-user}" \
# --password "${proxmox-password}" \
# --node "${node-name}" \
# 7014
# # ^ hardcoded ID of test14
# # ${lib.concatStringsSep " " vm-names}
# TODO after install: $nix_host_keys # TODO after install: $nix_host_keys
# cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key # cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key
# chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key # chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key

4
deployment/flake-part.nix
View file

@ -41,10 +41,6 @@
inherit inputs sources system; inherit inputs sources system;
}; };
deployment-model-bash-proxmox = import ./check/data-model-bash-proxmox {
inherit inputs sources system;
};
deployment-model-tf-proxmox = import ./check/data-model-tf-proxmox { deployment-model-tf-proxmox = import ./check/data-model-tf-proxmox {
inherit inputs sources system; inherit inputs sources system;
}; };

73
flake.nix
View file

@ -78,54 +78,33 @@
# api_token = "terraform@pve!provider=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" # api_token = "terraform@pve!provider=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
# kiara@ProcoliX!dsdfsfdsfd=30df234b-02f3-4ed9-b778-00d28ad3499c # kiara@ProcoliX!dsdfsfdsfd=30df234b-02f3-4ed9-b778-00d28ad3499c
# # iso: No bootable option or device was found apps.default =
# apps.default = let let
# inherit (pkgs) system; inherit (pkgs) system;
# deployment = deployment =
# (import ./deployment/check/common/data-model.nix { (import ./deployment/check/common/data-model.nix {
# inherit system; inherit system;
# config = { config = {
# targetSystem = system; targetSystem = system;
# nodeName = "192.168.51.81"; # root@fediversity-proxmox nodeName = "192.168.51.81"; # root@fediversity-proxmox
# pathToRoot = builtins.path { pathToRoot = builtins.path {
# path = ./.; path = ./.;
# name = "root"; name = "root";
# }; };
# sshOpts = []; sshOpts = [ ];
# proxmox-user = "kiara@ProcoliX"; proxmox-user = "kiara@ProcoliX";
# proxmox-password = ""; proxmox-password = "";
# node-name = "node051"; node-name = "node051";
# vm-names = [ "test14" ]; bridge = "ovsbr0";
# }; vlanId = 1305;
# })."bash-proxmox-deployment".bash-proxmox-host;
# in {
# type = "app";
# program = deployment.run;
# };
apps.default = let
inherit (pkgs) system;
deployment =
(import ./deployment/check/common/data-model.nix {
inherit system;
config = {
targetSystem = system;
nodeName = "192.168.51.81"; # root@fediversity-proxmox
pathToRoot = builtins.path {
path = ./.;
name = "root";
}; };
sshOpts = []; # opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
proxmox-user = "kiara@ProcoliX"; })."tf-proxmox-deployment".tf-proxmox-host;
proxmox-password = ""; in
node-name = "node051"; {
}; type = "app";
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call program = deployment.run;
})."tf-proxmox-deployment".tf-proxmox-host; };
in {
type = "app";
program = deployment.run;
};
}; };
} }