kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

unname config (#585)

Browse source 
Reviewed-on: fediversity/fediversity#585
This commit is contained in:
Kiara Grouwstra 2025-11-14 11:06:19 +01:00
parent f1c8b35dd7
commit b6e1b5cba7
1 changed files with 490 additions and 475 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

93
deployment/run/default.nix
View file

@ -68,12 +68,14 @@ let
httpBackend = mkOption { httpBackend = mkOption {
description = "environment variables to configure the TF HTTP back-end, see <https://developer.hashicorp.com/terraform/language/backend/http#configuration-variables>"; description = "environment variables to configure the TF HTTP back-end, see <https://developer.hashicorp.com/terraform/language/backend/http#configuration-variables>";
# type = types.attrsOf (types.either types.str types.int); # type = types.attrsOf (types.either types.str types.int);
type = types.submodule (http-backend: { type = types.submodule (
{ config, ... }:
{
options = { options = {
value = mkOption { value = mkOption {
readOnly = true; readOnly = true;
default = lib.mapAttrs' (k: v: lib.nameValuePair "TF_HTTP_${lib.toUpper k}" (builtins.toString v)) { default = lib.mapAttrs' (k: v: lib.nameValuePair "TF_HTTP_${lib.toUpper k}" (builtins.toString v)) {
inherit (http-backend.config) inherit (config)
address address
update_method update_method
lock_address lock_address
@ -101,7 +103,7 @@ let
lock_address = mkOption { lock_address = mkOption {
description = "The address of the lock REST endpoint."; description = "The address of the lock REST endpoint.";
type = str; type = str;
default = http-backend.config.address; default = config.address;
}; };
lock_method = mkOption { lock_method = mkOption {
description = "The HTTP method to use when locking."; description = "The HTTP method to use when locking.";
@ -111,7 +113,7 @@ let
unlock_address = mkOption { unlock_address = mkOption {
description = "The address of the unlock REST endpoint."; description = "The address of the unlock REST endpoint.";
type = str; type = str;
default = http-backend.config.address; default = config.address;
}; };
unlock_method = mkOption { unlock_method = mkOption {
description = "The HTTP method to use when unlocking."; description = "The HTTP method to use when unlocking.";
@ -149,7 +151,8 @@ let
default = 30; default = 30;
}; };
}; };
}); }
);
}; };
host-ssh = mkOption { host-ssh = mkOption {
description = "SSH connection info to connect to a single host."; description = "SSH connection info to connect to a single host.";
@ -182,7 +185,9 @@ in
{ {
ssh-host = mkOption { ssh-host = mkOption {
description = "A deployment by SSH to update a single existing NixOS host."; description = "A deployment by SSH to update a single existing NixOS host.";
type = submodule (ssh-host: { type = submodule (
{ config, ... }:
{
options = { options = {
system = mkOption { system = mkOption {
description = "The architecture of the system to deploy to."; description = "The architecture of the system to deploy to.";
@ -212,7 +217,7 @@ in
readOnly = true; readOnly = true;
default = default =
let let
inherit (ssh-host.config) inherit (config)
system system
ssh ssh
caller caller
@ -254,7 +259,8 @@ in
''; '';
}; };
}; };
}); }
);
}; };
nixops4 = mkOption { nixops4 = mkOption {
description = "A NixOps4 NixOS deployment. For an example, see https://github.com/nixops4/nixops4-nixos/blob/main/example/deployment.nix."; description = "A NixOps4 NixOS deployment. For an example, see https://github.com/nixops4/nixops4-nixos/blob/main/example/deployment.nix.";
@ -262,7 +268,9 @@ in
}; };
tf-host = mkOption { tf-host = mkOption {
description = "A Terraform deployment by SSH to update a single existing NixOS host."; description = "A Terraform deployment by SSH to update a single existing NixOS host.";
type = submodule (tf-host: { type = submodule (
{ config, ... }:
{
options = { options = {
system = mkOption { system = mkOption {
description = "The architecture of the system to deploy to."; description = "The architecture of the system to deploy to.";
@ -291,7 +299,7 @@ in
readOnly = true; readOnly = true;
default = default =
let let
inherit (tf-host.config) inherit (config)
system system
ssh ssh
caller caller
@ -331,7 +339,8 @@ in
}; };
}; };
}; };
}); }
);
}; };
tf-proxmox-template = mkOption { tf-proxmox-template = mkOption {
description = '' description = ''
@ -340,7 +349,9 @@ in
(https://registry.terraform.io/providers/bpg/proxmox/latest/docs#environment-variables-summary) (https://registry.terraform.io/providers/bpg/proxmox/latest/docs#environment-variables-summary)
with role `PVEDatastoreAdmin`. with role `PVEDatastoreAdmin`.
''; '';
type = submodule (tf-host: { type = submodule (
{ config, ... }:
{
options = { options = {
system = mkOption { system = mkOption {
description = "The architecture of the system to deploy to."; description = "The architecture of the system to deploy to.";
@ -362,7 +373,7 @@ in
readOnly = true; readOnly = true;
default = default =
let let
inherit (tf-host.config) inherit (config)
system system
ssh ssh
httpBackend httpBackend
@ -374,7 +385,7 @@ in
; ;
machine = import ../nixos.nix { machine = import ../nixos.nix {
inherit sources system; inherit sources system;
configuration = tf-host.config.nixos-configuration; configuration = config.nixos-configuration;
}; };
name = "fediversity-template"; name = "fediversity-template";
@ -414,7 +425,8 @@ in
''; '';
}; };
}; };
}); }
);
}; };
tf-proxmox-vm = mkOption { tf-proxmox-vm = mkOption {
description = '' description = ''
@ -423,7 +435,9 @@ in
(https://registry.terraform.io/providers/bpg/proxmox/latest/docs#environment-variables-summary) (https://registry.terraform.io/providers/bpg/proxmox/latest/docs#environment-variables-summary)
with roles `PVEVMAdmin PVEDatastoreAdmin PVESDNUser`. with roles `PVEVMAdmin PVEDatastoreAdmin PVESDNUser`.
''; '';
type = submodule (tf-host: { type = submodule (
{ config, ... }:
{
options = { options = {
system = mkOption { system = mkOption {
description = "The architecture of the system to deploy to."; description = "The architecture of the system to deploy to.";
@ -506,7 +520,7 @@ in
readOnly = true; readOnly = true;
default = default =
let let
inherit (tf-host.config) inherit (config)
system system
ssh ssh
caller caller
@ -571,11 +585,14 @@ in
}); });
}; };
}; };
}); }
);
}; };
tf-netbox-store-ips = mkOption { tf-netbox-store-ips = mkOption {
description = "Store a range of IPs in a Netbox instance."; description = "Store a range of IPs in a Netbox instance.";
type = submodule (tf-netbox-store-ips: { type = submodule (
{ config, ... }:
{
options = { options = {
inherit httpBackend; inherit httpBackend;
startAddress = mkOption { startAddress = mkOption {
@ -593,7 +610,7 @@ in
readOnly = true; readOnly = true;
default = default =
let let
inherit (tf-netbox-store-ips.config) inherit (config)
httpBackend httpBackend
startAddress startAddress
endAddress endAddress
@ -609,36 +626,34 @@ in
}; };
}; };
}; };
}); }
);
}; };
tf-netbox-get-ip = mkOption { tf-netbox-get-ip = mkOption {
description = "Get an available IP from a Netbox instance."; description = "Get an available IP from a Netbox instance.";
type = submodule (tf-netbox-get-ip: { type = submodule (
{ config, ... }:
{
options = { options = {
inherit httpBackend; inherit httpBackend;
run = mkOption { run = mkOption {
type = types.package; type = types.package;
readOnly = true; readOnly = true;
default = default = tfApply {
let inherit (config) httpBackend;
inherit (tf-netbox-get-ip.config)
httpBackend
;
in
tfApply {
inherit httpBackend;
directory = "tf-netbox-get-ip"; directory = "tf-netbox-get-ip";
environment = { environment = {
}; };
}; };
}; };
}; };
}); }
);
}; };
octodns-zone = mkOption { octodns-zone = mkOption {
description = "Manage DNS records."; description = "Manage DNS records.";
type = submodule ( type = submodule (
octodns-zone: { config, ... }:
let let
dns = pkgs.callPackage sources."dns.nix" { }; dns = pkgs.callPackage sources."dns.nix" { };
in in
@ -715,14 +730,14 @@ in
}; };
configuration = mkOption { configuration = mkOption {
type = submodule { type = submodule {
options = octodns-zone.config.providers.${octodns-zone.config.provider}.configuration; options = config.providers.${config.provider}.configuration;
}; };
default = { }; default = { };
}; };
package = mkOption { package = mkOption {
type = types.package; type = types.package;
example = "The package of the OctoDNS provider to deploy to, see <https://search.nixos.org/packages?channel=unstable&query=octodns-providers>."; example = "The package of the OctoDNS provider to deploy to, see <https://search.nixos.org/packages?channel=unstable&query=octodns-providers>.";
default = pkgs.octodns-providers.${octodns-zone.config.provider}; default = pkgs.octodns-providers.${config.provider};
}; };
packages = mkOption { packages = mkOption {
type = types.listOf types.package; type = types.listOf types.package;
@ -733,7 +748,7 @@ in
.withProviders .withProviders
(_: [ (_: [
pkgs.octodns-providers.bind pkgs.octodns-providers.bind
octodns-zone.config.package config.package
]) ])
) )
]; ];
@ -742,7 +757,7 @@ in
type = types.path; type = types.path;
default = default =
let let
inherit (octodns-zone.config) inherit (config)
domain domain
zone zone
providers providers
@ -762,7 +777,7 @@ in
{ {
inherit class; inherit class;
} }
// octodns-zone.config.configuration // config.configuration
// (lib.genAttrs secrets (k: "env/${lib.toUpper "${provider}_${k}"}")); // (lib.genAttrs secrets (k: "env/${lib.toUpper "${provider}_${k}"}"));
config = { config = {
file_extension = ""; file_extension = "";
@ -789,7 +804,7 @@ in
type = types.package; type = types.package;
default = default =
let let
inherit (octodns-zone.config) inherit (config)
packages packages
conf conf
provider provider
@ -805,7 +820,7 @@ in
type = types.package; type = types.package;
default = default =
let let
inherit (octodns-zone.config) inherit (config)
packages packages
conf conf
provider provider