From af3b2a62fd723f851254f06608dcd8ddce6c2c02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Thu, 27 Mar 2025 15:49:38 +0100 Subject: [PATCH] Create a configuration resource even if the service is disabled --- deployment/default.nix | 147 +++++++++++++++++++---------------------- 1 file changed, 69 insertions(+), 78 deletions(-) diff --git a/deployment/default.nix b/deployment/default.nix index 032cb3e6..89bc89d9 100644 --- a/deployment/default.nix +++ b/deployment/default.nix @@ -36,7 +36,7 @@ panelConfig: let - inherit (lib) mkMerge mkIf; + inherit (lib) mkIf; in @@ -101,90 +101,81 @@ in in - mkMerge [ + { + garage-configuration = makeConfigurationResource garageConfigurationResource ( + { pkgs, ... }: + mkIf (panelConfig.mastodon.enable || panelConfig.peertube.enable || panelConfig.pixelfed.enable) { + fediversity = { + inherit (panelConfig) domain; + garage.enable = true; + pixelfed = pixelfedS3KeyConfig { inherit pkgs; }; + mastodon = mastodonS3KeyConfig { inherit pkgs; }; + peertube = peertubeS3KeyConfig { inherit pkgs; }; + }; + } + ); - (mkIf (panelConfig.mastodon.enable || panelConfig.peertube.enable || panelConfig.pixelfed.enable) { - garage-configuration = makeConfigurationResource garageConfigurationResource ( - { pkgs, ... }: - { - fediversity = { - inherit (panelConfig) domain; - garage.enable = true; - pixelfed = pixelfedS3KeyConfig { inherit pkgs; }; - mastodon = mastodonS3KeyConfig { inherit pkgs; }; - peertube = peertubeS3KeyConfig { inherit pkgs; }; + mastodon-configuration = makeConfigurationResource mastodonConfigurationResource ( + { pkgs, ... }: + mkIf panelConfig.mastodon.enable { + fediversity = { + inherit (panelConfig) domain; + temp.initialUser = { + inherit (panelConfig.initialUser) username email displayName; + # FIXME: disgusting, but nvm, this is going to be replaced by + # proper central authentication at some point + passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; }; - } - ); - }) - (mkIf panelConfig.mastodon.enable { - mastodon-configuration = makeConfigurationResource mastodonConfigurationResource ( - { pkgs, ... }: - { - fediversity = { - inherit (panelConfig) domain; - temp.initialUser = { - inherit (panelConfig.initialUser) username email displayName; - # FIXME: disgusting, but nvm, this is going to be replaced by - # proper central authentication at some point - passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; - }; - - mastodon = mastodonS3KeyConfig { inherit pkgs; } // { - enable = true; - }; - - temp.cores = 1; # FIXME: should come from NixOps4 eventually + mastodon = mastodonS3KeyConfig { inherit pkgs; } // { + enable = true; }; - } - ); - }) - (mkIf panelConfig.peertube.enable { - peertube-configuration = makeConfigurationResource peertubeConfigurationResource ( - { pkgs, ... }: - { - fediversity = { - inherit (panelConfig) domain; - temp.initialUser = { - inherit (panelConfig.initialUser) username email displayName; - # FIXME: disgusting, but nvm, this is going to be replaced by - # proper central authentication at some point - passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; - }; + temp.cores = 1; # FIXME: should come from NixOps4 eventually + }; + } + ); - peertube = peertubeS3KeyConfig { inherit pkgs; } // { - enable = true; - ## NOTE: Only ever used for testing anyway. - ## - ## FIXME: Generate and store in NixOps4's state. - secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24"; - }; + peertube-configuration = makeConfigurationResource peertubeConfigurationResource ( + { pkgs, ... }: + mkIf panelConfig.peertube.enable { + fediversity = { + inherit (panelConfig) domain; + temp.initialUser = { + inherit (panelConfig.initialUser) username email displayName; + # FIXME: disgusting, but nvm, this is going to be replaced by + # proper central authentication at some point + passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; }; - } - ); - }) - (mkIf panelConfig.pixelfed.enable { - pixelfed-configuration = makeConfigurationResource pixelfedConfigurationResource ( - { pkgs, ... }: - { - fediversity = { - inherit (panelConfig) domain; - temp.initialUser = { - inherit (panelConfig.initialUser) username email displayName; - # FIXME: disgusting, but nvm, this is going to be replaced by - # proper central authentication at some point - passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; - }; - - pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // { - enable = true; - }; + peertube = peertubeS3KeyConfig { inherit pkgs; } // { + enable = true; + ## NOTE: Only ever used for testing anyway. + ## + ## FIXME: Generate and store in NixOps4's state. + secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24"; }; - } - ); - }) - ]; + }; + } + ); + + pixelfed-configuration = makeConfigurationResource pixelfedConfigurationResource ( + { pkgs, ... }: + mkIf panelConfig.pixelfed.enable { + fediversity = { + inherit (panelConfig) domain; + temp.initialUser = { + inherit (panelConfig.initialUser) username email displayName; + # FIXME: disgusting, but nvm, this is going to be replaced by + # proper central authentication at some point + passwordFile = pkgs.writeText "password" panelConfig.initialUser.password; + }; + + pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // { + enable = true; + }; + }; + } + ); + }; }