move from dev to operator

revert add qemu import
2025-06-19 15:01:43 +02:00 · 2025-06-19 15:01:43 +02:00 · b0543ebfd8
commit b0543ebfd8
parent f2546ef1a7
8 changed files with 59 additions and 11 deletions
--- a/deployment/configuration.sample.json
+++ b/deployment/configuration.sample.json
@ -3,6 +3,7 @@
  "mastodon": { "enable": false },
  "peertube": { "enable": false },
  "pixelfed": { "enable": false },
+  "attic": { "enable": false },
  "initialUser": {
    "displayName": "Testy McTestface",
    "username": "test",
--- a/deployment/default.nix
+++ b/deployment/default.nix
@ -24,6 +24,7 @@
  mastodonConfigurationResource,
  peertubeConfigurationResource,
  pixelfedConfigurationResource,
+  atticConfigurationResource,
 }:

 ## From the hosting provider's perspective, the function is meant to be
@ -55,6 +56,7 @@ let
    mastodon = nonNull panelConfigNullable.mastodon { enable = false; };
    peertube = nonNull panelConfigNullable.peertube { enable = false; };
    pixelfed = nonNull panelConfigNullable.pixelfed { enable = false; };
+    attic = nonNull panelConfigNullable.attic { enable = false; };
  };
 in

@ -107,6 +109,13 @@ in
            s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKb5615457d44214411e673b7b";
            s3SecretKeyFile = pkgs.writeText "s3SecretKey" "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987";
          };
+        atticS3KeyConfig =
+          { pkgs, ... }:
+          {
+            # REVIEW: how were these generated above? how do i add one?
+            s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKaaaaaaaaaaaaaaaaaaaaaaaa";
+            s3SecretKeyFile = pkgs.writeText "s3SecretKey" "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+          };

        makeConfigurationResource = resourceModule: config: {
          type = providers.local.exec;
@ -140,13 +149,14 @@ in
      {
        garage-configuration = makeConfigurationResource garageConfigurationResource (
          { pkgs, ... }:
-          mkIf (cfg.mastodon.enable || cfg.peertube.enable || cfg.pixelfed.enable) {
+          mkIf (cfg.mastodon.enable || cfg.peertube.enable || cfg.pixelfed.enable || cfg.attic.enable) {
            fediversity = {
              inherit (cfg) domain;
              garage.enable = true;
              pixelfed = pixelfedS3KeyConfig { inherit pkgs; };
              mastodon = mastodonS3KeyConfig { inherit pkgs; };
              peertube = peertubeS3KeyConfig { inherit pkgs; };
+              attic = atticS3KeyConfig { inherit pkgs; };
            };
          }
        );
@ -213,6 +223,25 @@ in
            };
          }
        );
+
+        attic-configuration = makeConfigurationResource atticConfigurationResource (
+          { pkgs, ... }:
+          mkIf cfg.attic.enable {
+            fediversity = {
+              inherit (cfg) domain;
+              temp.initialUser = {
+                inherit (cfg.initialUser) username email displayName;
+                # FIXME: disgusting, but nvm, this is going to be replaced by
+                # proper central authentication at some point
+                passwordFile = pkgs.writeText "password" cfg.initialUser.password;
+              };
+
+              attic = atticS3KeyConfig { inherit pkgs; } // {
+                enable = true;
+              };
+            };
+          }
+        );
      };
  };
 }
--- a/deployment/options.nix
+++ b/deployment/options.nix
@ -71,6 +71,19 @@ in
        });
      default = null;
    };
+    attic = mkOption {
+      description = ''
+        Configuration for the Attic service
+      '';
+      type =
+        with types;
+        nullOr (submodule {
+          options = {
+            enable = lib.mkEnableOption "Attic";
+          };
+        });
+      default = null;
+    };
    initialUser = mkOption {
      description = ''
        Some services require an initial user to access them.
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -107,6 +107,10 @@ let
          vmName = "test04";
          isTestVm = true;
        };
+        atticConfigurationResource = makeResourceModule {
+          vmName = "test12";
+          isTestVm = true;
+        };
      };

  nixops4ResourceNixosMockOptions = {
--- a/machines/dev/fedi200/default.nix
+++ b/machines/dev/fedi200/default.nix
@ -16,11 +16,4 @@
      gateway = "2a00:51c0:13:1305::1";
    };
  };
-
-  nixos.module = {
-    imports = [
-      ../../../infra/common/proxmox-qemu-vm.nix
-      ../../../services/fediversity/attic
-    ];
-  };
 }
--- a/machines/operator/test12/default.nix
+++ b/machines/operator/test12/default.nix
@ -18,4 +18,11 @@
      gateway = "2a00:51c0:13:1305::1";
    };
  };
+
+  nixos.module = {
+    imports = [
+      ../../../infra/common/proxmox-qemu-vm.nix
+      ../../../services/fediversity/attic
+    ];
+  };
 }
--- a/services/fediversity/attic/default.nix
+++ b/services/fediversity/attic/default.nix
@ -9,11 +9,11 @@ let
  sources = import ../../../npins;
  inherit
    (import "${sources.nix-templating}/lib.nix" {
-      inherit pkgs lib;
+      inherit pkgs;
      nix_templater = pkgs.callPackage "${sources.nix-templating}/pkgs/nix_templater" { };
    })
    fileContents
-    template
+    template_text
    ;
 in
 {
@ -103,7 +103,7 @@ in
        mode = "monolithic";

        environmentFile = "${
-          template {
+          template_text {
            name = "attic.env";
            outPath = "./attic.env";
            text = ''
--- a/services/fediversity/default.nix
+++ b/services/fediversity/default.nix
@ -13,6 +13,7 @@ in
    ./mastodon
    ./pixelfed
    ./peertube
+    ./attic
  ];

  options = {