rm corresponding nixops deployments

2025-04-18 13:36:27 +02:00 · 2025-04-18 13:36:27 +02:00 · 0de70fb9d7
commit 0de70fb9d7
parent f184fd3944
18 changed files with 47 additions and 48 deletions
--- a/deployment/README.md
+++ b/deployment/README.md
@ -1,6 +0,0 @@
-# Deployment
-
-This repository contains work to generate a full Fediversity deployment from a
-minimal configuration. This is different from [`../services/`](../services) that
-focuses on one machine, providing a polished and unified interface to different
-Fediverse services.
--- a/infra/dev/.terraform.lock.hcl
+++ b/infra/dev/.terraform.lock.hcl
@ -0,0 +1,9 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/hashicorp/external" {
+  version = "2.3.4"
+  hashes = [
+    "h1:hBFp4dEKKevoZEsMW32ralBqrO7cTxTPYdWPqc4Ff+s=",
+  ]
+}
--- a/infra/dev/.terraform/modules/modules.json
+++ b/infra/dev/.terraform/modules/modules.json
@ -0,0 +1 @@
+{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"nixos","Source":"../sync-nix","Dir":"../sync-nix"}]}
--- a/infra/dev/.terraform/plugin_path
+++ b/infra/dev/.terraform/plugin_path
@ -0,0 +1,3 @@
+[
+  "/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers"
+]
--- a/infra/dev/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
+++ b/infra/dev/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
@ -0,0 +1 @@
+/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
--- a/infra/dev/terraform.tfstate
+++ b/infra/dev/terraform.tfstate
@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.9.0","serial":7,"lineage":"c441e8b7-409b-c7ad-85b9-27549f9ee16d","outputs":{},"resources":[{"module":"module.nixos[\"fedipanel\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"104476c354d745011877f63e653ae58b"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"fedipanel\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"schema_version":0,"attributes":{"id":"909398aa-e751-1dc8-a61a-7eb33df17006","input":null,"output":null,"triggers_replace":{"value":[{"hash":"104476c354d745011877f63e653ae58b"},"fedi201","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `forgejo` import `forgejo.nix`\n    ./../../machines/dev/fedi201/fedipanel.nix\n    # FIXME: get VM details from TF\n    ./../../machines/dev/fedi201\n  ];\n}\n",{"terraform":{"domain":"abundos.eu","hostname":"fedi201"}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string"}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]}],"check_results":null}
--- a/infra/dev/terraform.tfstate.backup
+++ b/infra/dev/terraform.tfstate.backup
@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.9.0","serial":5,"lineage":"c441e8b7-409b-c7ad-85b9-27549f9ee16d","outputs":{},"resources":[{"module":"module.nixos[\"fedipanel\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"c9bc7d95c831fa099e803674e850b509"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"fedipanel\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"status":"tainted","schema_version":0,"attributes":{"id":"16edc410-f42a-0489-5326-65fa4b53cf31","input":null,"output":null,"triggers_replace":{"value":[{"hash":"c9bc7d95c831fa099e803674e850b509"},"fedi201","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `forgejo` import `forgejo.nix`\n    ./../../machines/dev/fedi201/fedipanel.nix\n    # FIXME: get VM details from TF\n    ./../../machines/dev/fedi201\n  ];\n}\n",{"terraform":{"domain":"abundos.eu","hostname":"fedi201"}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string"}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]}],"check_results":null}
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -1,12 +1,11 @@
 {
-  self,
  inputs,
  lib,
  ...
 }:

 let
-  inherit (builtins) readDir readFile fromJSON;
+  inherit (builtins) readDir;
  inherit (lib)
    attrNames
    mkOption
@ -65,35 +64,6 @@ let
    };
  makeDeployment' = vmName: makeDeployment [ vmName ];

-  ## Given an attrset of test configurations (key = test machine name, value =
-  ## NixOS configuration module), make a deployment with those machines'
-  ## configurations as resources.
-  makeTestDeployment =
-    (import ../deployment)
-      {
-        inherit lib;
-        inherit (inputs) nixops4 nixops4-nixos;
-        inherit (self.nixosModules) fediversity;
-      }
-      {
-        garageConfigurationResource = makeResourceModule {
-          vmName = "test01";
-          isTestVm = true;
-        };
-        mastodonConfigurationResource = makeResourceModule {
-          vmName = "test06"; # somehow `test02` has a problem - use test06 instead
-          isTestVm = true;
-        };
-        peertubeConfigurationResource = makeResourceModule {
-          vmName = "test05";
-          isTestVm = true;
-        };
-        pixelfedConfigurationResource = makeResourceModule {
-          vmName = "test04";
-          isTestVm = true;
-        };
-      };
-
  nixops4ResourceNixosMockOptions = {
    ## NOTE: We allow the use of a few options from
    ## `inputs.nixops4-nixos.modules.nixops4Resource.nixos` such that we can
@ -159,17 +129,6 @@ in
  ## - We add a “test” deployment with all test machines.
  nixops4Deployments = genAttrs machines makeDeployment' // {
    default = makeDeployment machines;
-    test = makeTestDeployment (
-      fromJSON (
-        let
-          env = builtins.getEnv "DEPLOYMENT";
-        in
-        if env != "" then
-          env
-        else
-          builtins.trace "env var DEPLOYMENT not set, falling back to ./test-machines/configuration.json!" (readFile ./test-machines/configuration.json)
-      )
-    );
  };
  flake.nixosConfigurations =
    genAttrs machines (makeConfiguration false)
--- a/infra/operator/.terraform.lock.hcl
+++ b/infra/operator/.terraform.lock.hcl
@ -0,0 +1,9 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/hashicorp/external" {
+  version = "2.3.4"
+  hashes = [
+    "h1:hBFp4dEKKevoZEsMW32ralBqrO7cTxTPYdWPqc4Ff+s=",
+  ]
+}
--- a/infra/operator/.terraform/modules/modules.json
+++ b/infra/operator/.terraform/modules/modules.json
@ -0,0 +1 @@
+{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"nixos","Source":"../sync-nix","Dir":"../sync-nix"}]}
--- a/infra/operator/.terraform/plugin_path
+++ b/infra/operator/.terraform/plugin_path
@ -0,0 +1,3 @@
+[
+  "/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers"
+]
--- a/infra/operator/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
+++ b/infra/operator/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
@ -0,0 +1 @@
+/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
--- a/infra/operator/terraform.tfstate
+++ b/infra/operator/terraform.tfstate
@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.9.0","serial":7,"lineage":"b39bdfbe-91a7-d39b-96f5-71d9e0c9d47f","outputs":{},"resources":[{"module":"module.nixos[\"garage\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"a871537a6a7f4dbf5614ebaff5005606"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"garage\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"schema_version":0,"attributes":{"id":"79db5288-d7d6-24e4-4f23-5bfc353c97b9","input":null,"output":null,"triggers_replace":{"value":[{"hash":"a871537a6a7f4dbf5614ebaff5005606"},"test01","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `mastodon` import `mastodon.nix`\n    ./../../machines/operator/test01/garage.nix\n    # FIXME: get VM details from TF\n    ./../../machines/operator/test01\n  ];\n  ## FIXME: switch root authentication to users with password-less sudo, see #24\n  users.users.root.openssh.authorizedKeys.keys = let\n    keys = import ../../keys;\n  in builtins.attrValues keys.contributors ++ [\n    # allow our panel vm access to the test machines\n    keys.panel\n  ];\n}\n",{"terraform":{"domain":"fediversity.net","hostname":"test01","initialUser":{"displayName":"Testy McTestface","email":"test@test.com","password":"testtest","username":"test"}}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string","initialUser":["object",{"displayName":"string","email":"string","password":"string","username":"string"}]}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]},{"module":"module.nixos[\"mastodon\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"a871537a6a7f4dbf5614ebaff5005606"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"mastodon\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"schema_version":0,"attributes":{"id":"fde5cd73-a82c-c8ee-becd-51e2822652c4","input":null,"output":null,"triggers_replace":{"value":[{"hash":"a871537a6a7f4dbf5614ebaff5005606"},"test06","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `mastodon` import `mastodon.nix`\n    ./../../machines/operator/test06/mastodon.nix\n    # FIXME: get VM details from TF\n    ./../../machines/operator/test06\n  ];\n  ## FIXME: switch root authentication to users with password-less sudo, see #24\n  users.users.root.openssh.authorizedKeys.keys = let\n    keys = import ../../keys;\n  in builtins.attrValues keys.contributors ++ [\n    # allow our panel vm access to the test machines\n    keys.panel\n  ];\n}\n",{"terraform":{"domain":"fediversity.net","hostname":"test06","initialUser":{"displayName":"Testy McTestface","email":"test@test.com","password":"testtest","username":"test"}}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string","initialUser":["object",{"displayName":"string","email":"string","password":"string","username":"string"}]}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]}],"check_results":null}
--- a/infra/operator/terraform.tfstate.backup
+++ b/infra/operator/terraform.tfstate.backup
@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.9.0","serial":4,"lineage":"b39bdfbe-91a7-d39b-96f5-71d9e0c9d47f","outputs":{},"resources":[{"module":"module.nixos[\"garage\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"02bdde9db2e3d40aaabcb0fd5bf5939b"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"garage\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"status":"tainted","schema_version":0,"attributes":{"id":"618c1781-9035-8b5a-573a-53ff5407256b","input":null,"output":null,"triggers_replace":{"value":[{"hash":"02bdde9db2e3d40aaabcb0fd5bf5939b"},"test01","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `mastodon` import `mastodon.nix`\n    ./../../machines/operator/test01/garage.nix\n    # FIXME: get VM details from TF\n    ./../../machines/operator/test01\n  ];\n  ## FIXME: switch root authentication to users with password-less sudo, see #24\n  users.users.root.openssh.authorizedKeys.keys = let\n    keys = import ../keys;\n  in builtins.attrValues keys.contributors ++ [\n    # allow our panel vm access to the test machines\n    keys.panel\n  ];\n}\n",{"terraform":{"domain":"fediversity.net","hostname":"test01","initialUser":{"displayName":"Testy McTestface","email":"test@test.com","password":"testtest","username":"test"}}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string","initialUser":["object",{"displayName":"string","email":"string","password":"string","username":"string"}]}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]},{"module":"module.nixos[\"mastodon\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"02bdde9db2e3d40aaabcb0fd5bf5939b"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"mastodon\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"status":"tainted","schema_version":0,"attributes":{"id":"00be3f3d-b7c2-1356-a62c-8eb3106fc7d5","input":null,"output":null,"triggers_replace":{"value":[{"hash":"02bdde9db2e3d40aaabcb0fd5bf5939b"},"test06","{\n  # note interpolations here TF ones\n  imports = [\n    # shared NixOS config\n    ./../common/shared.nix\n    # FIXME: separate template options by service\n    ./options.nix\n    # for service `mastodon` import `mastodon.nix`\n    ./../../machines/operator/test06/mastodon.nix\n    # FIXME: get VM details from TF\n    ./../../machines/operator/test06\n  ];\n  ## FIXME: switch root authentication to users with password-less sudo, see #24\n  users.users.root.openssh.authorizedKeys.keys = let\n    keys = import ../keys;\n  in builtins.attrValues keys.contributors ++ [\n    # allow our panel vm access to the test machines\n    keys.panel\n  ];\n}\n",{"terraform":{"domain":"fediversity.net","hostname":"test06","initialUser":{"displayName":"Testy McTestface","email":"test@test.com","password":"testtest","username":"test"}}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string","initialUser":["object",{"displayName":"string","email":"string","password":"string","username":"string"}]}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]}],"check_results":null}
--- a/infra/sync-nix/.npins.json
+++ b/infra/sync-nix/.npins.json
@ -0,0 +1 @@
+{"agenix":"/nix/store/glsqq1xn5al7d528hvlbm4hl3ladxmka-source","disko":"/nix/store/7wf9q0mb1i43x9dr1qlyfaraq15n6sii-source","flake-inputs":"/nix/store/fqln0bcp6mp75k4sl0cav2f0np60lwhj-source","git-hooks":"/nix/store/8bh3jgq1riy3jxm07vy4xxzvk9xd74pc-source","gitignore":"/nix/store/g5v3sgqy6a0fsmas7mnapc196flrplix-source","home-manager":"/nix/store/cq3b3cx5rv9d0zj57kch9wmxzc2rm8dc-source","htmx":"/nix/store/mwqqk0qmldzvv4xj9kq2lbah2flhc44z-source","nix-unit":"/nix/store/4g1vvy7bhwh16cyd2r8ibq7n6ygk1wvk-source","nixpkgs":"/nix/store/g1bajdwbkcmms8cqd9s8zbq8zxhkyx91-source"}
--- a/infra/sync-nix/.terraform.lock.hcl
+++ b/infra/sync-nix/.terraform.lock.hcl
@ -0,0 +1,9 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/hashicorp/external" {
+  version = "2.3.4"
+  hashes = [
+    "h1:hBFp4dEKKevoZEsMW32ralBqrO7cTxTPYdWPqc4Ff+s=",
+  ]
+}
--- a/infra/sync-nix/.terraform/plugin_path
+++ b/infra/sync-nix/.terraform/plugin_path
@ -0,0 +1,3 @@
+[
+  "/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers"
+]
--- a/infra/sync-nix/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
+++ b/infra/sync-nix/.terraform/providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
@ -0,0 +1 @@
+/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64
				`@ -0,0 +1 @@`
				`{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"nixos","Source":"../sync-nix","Dir":"../sync-nix"}]}`
				`@ -0,0 +1 @@`
				`/nix/store/zbjjm6vgdj1p2v21qshd9np3ajdnhniy-opentofu-1.9.0/libexec/terraform-providers/registry.opentofu.org/hashicorp/external/2.3.4/linux_amd64`
				`@ -0,0 +1 @@`
				{"version":4,"terraform_version":"1.9.0","serial":7,"lineage":"c441e8b7-409b-c7ad-85b9-27549f9ee16d","outputs":{},"resources":[{"module":"module.nixos[\"fedipanel\"]","mode":"data","type":"external","name":"hash","provider":"provider[\"registry.opentofu.org/hashicorp/external\"]","instances":[{"schema_version":0,"attributes":{"id":"-","program":["sh","-c","echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""],"query":null,"result":{"hash":"104476c354d745011877f63e653ae58b"},"working_dir":null},"sensitive_attributes":[]}]},{"module":"module.nixos[\"fedipanel\"]","mode":"managed","type":"terraform_data","name":"nixos","provider":"provider[\"terraform.io/builtin/terraform\"]","instances":[{"schema_version":0,"attributes":{"id":"909398aa-e751-1dc8-a61a-7eb33df17006","input":null,"output":null,"triggers_replace":{"value":[{"hash":"104476c354d745011877f63e653ae58b"},"fedi201","{\n # note interpolations here TF ones\n imports = [\n # shared NixOS config\n ./../common/shared.nix\n # FIXME: separate template options by service\n ./options.nix\n # for service `forgejo` import `forgejo.nix`\n ./../../machines/dev/fedi201/fedipanel.nix\n # FIXME: get VM details from TF\n ./../../machines/dev/fedi201\n ];\n}\n",{"terraform":{"domain":"abundos.eu","hostname":"fedi201"}}],"type":["tuple",[["map","string"],"string","string",["map",["object",{"domain":"string","hostname":"string"}]]]]}},"sensitive_attributes":[],"dependencies":["module.nixos.data.external.hash"]}]}],"check_results":null}
				`@ -0,0 +1 @@`
				{"agenix":"/nix/store/glsqq1xn5al7d528hvlbm4hl3ladxmka-source","disko":"/nix/store/7wf9q0mb1i43x9dr1qlyfaraq15n6sii-source","flake-inputs":"/nix/store/fqln0bcp6mp75k4sl0cav2f0np60lwhj-source","git-hooks":"/nix/store/8bh3jgq1riy3jxm07vy4xxzvk9xd74pc-source","gitignore":"/nix/store/g5v3sgqy6a0fsmas7mnapc196flrplix-source","home-manager":"/nix/store/cq3b3cx5rv9d0zj57kch9wmxzc2rm8dc-source","htmx":"/nix/store/mwqqk0qmldzvv4xj9kq2lbah2flhc44z-source","nix-unit":"/nix/store/4g1vvy7bhwh16cyd2r8ibq7n6ygk1wvk-source","nixpkgs":"/nix/store/g1bajdwbkcmms8cqd9s8zbq8zxhkyx91-source"}