kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

simplify

Browse source 
Signed-off-by: Kiara Grouwstra <kiara@procolix.eu>
This commit is contained in:
Kiara Grouwstra 2025-09-23 13:42:49 +02:00
parent 6426e70b84
commit bd631227e7
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
1 changed files with 118 additions and 178 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

296
deployment/data-model.nix
View file

@ -388,197 +388,137 @@ let
tf-proxmox-host = mkOption {
description = "A Terraform deployment by SSH to update a single existing NixOS host.";
# type = submodule (tf-host: {
type = submodule (
tf-host:
let
raw = {
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw.nix";
formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw-efi.nix";
formatAttr = "raw";
fileExtension = ".img";
type = submodule (tf-host: {
options = {
system = mkOption {
description = "The architecture of the system to deploy to.";
type = types.str;
};
format = raw;
# qcow = {
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow.nix";
# formatAttr = "qcow";
# fileExtension = ".qcow2";
# };
# format = qcow;
# qcow-efi = {
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow-efi.nix";
# formatAttr = "qcow-efi";
# fileExtension = ".qcow2";
# };
# format = qcow-efi;
inherit (format) formatConfig fileExtension formatAttr;
# inherit (format) formatConfig fileExtension; # formatAttr
in
{
options = {
system = mkOption {
description = "The architecture of the system to deploy to.";
type = types.str;
};
inherit nixos-configuration;
ssh = host-ssh;
# TODO: add proxmox info
module = mkOption {
description = "The module to call to obtain the NixOS configuration from.";
type = types.str;
};
args = mkOption {
description = "The arguments with which to call the module to obtain the NixOS configuration.";
type = types.attrs;
};
deployment-name = mkOption {
description = "The name of the deployment for which to obtain the NixOS configuration.";
type = types.str;
};
root-path = mkOption {
description = "The path to the root of the repository.";
type = types.path;
};
proxmox-user = mkOption {
description = "The ProxmoX user to use.";
type = types.str;
default = "root@pam";
};
# TODO: is sensitivity here handled properly?
proxmox-password = mkOption {
description = "The ProxmoX password to use.";
type = types.str;
};
node-name = mkOption {
description = "the name of the ProxmoX node to use.";
type = types.str;
};
run = mkOption {
type = types.package;
# error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times.
# readOnly = true;
default =
let
inherit (tf-host.config)
inherit nixos-configuration;
ssh = host-ssh;
# TODO: add proxmox info
module = mkOption {
description = "The module to call to obtain the NixOS configuration from.";
type = types.str;
};
args = mkOption {
description = "The arguments with which to call the module to obtain the NixOS configuration.";
type = types.attrs;
};
deployment-name = mkOption {
description = "The name of the deployment for which to obtain the NixOS configuration.";
type = types.str;
};
root-path = mkOption {
description = "The path to the root of the repository.";
type = types.path;
};
proxmox-user = mkOption {
description = "The ProxmoX user to use.";
type = types.str;
default = "root@pam";
};
# TODO: is sensitivity here handled properly?
proxmox-password = mkOption {
description = "The ProxmoX password to use.";
type = types.str;
};
node-name = mkOption {
description = "the name of the ProxmoX node to use.";
type = types.str;
};
run = mkOption {
type = types.package;
# error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times.
# readOnly = true;
default =
let
inherit (tf-host.config)
system
ssh
module
args
deployment-name
root-path
proxmox-user
proxmox-password
node-name
;
inherit (ssh)
host
username
key-file
sshOpts
;
deployment-type = "tf-proxmox-host";
nixos_conf = writeConfig {
inherit
system
ssh
module
args
deployment-name
root-path
proxmox-user
proxmox-password
node-name
deployment-type
;
# image = let
# # TODO parameterize things to let this flow into the terraform
# # btw qcow can be made by nixos-generators (qcow, qcow-efi) or by `image.repart`
# # wait, so i generate an image for the nixos config from the data model? how would i then propagate that to deploy?
# gen = import "${pkgs.nixos-generators}/share/nixos-generator/nixos-generate.nix" {
# inherit system formatConfig;
# inherit (sources) nixpkgs;
# # configuration = import "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix";
# # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/proxmox.nix";
# configuration = tf-host.config.nixos-configuration;
# # configuration = {
# # imports = [
# # # "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix"
# # # "${sources.nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
# # # "${sources.agenix}/modules/age.nix"
# # # "${sources.disko}/module.nix"
# # # "${sources.home-manager}/nixos"
# # ];
# # };
# };
# machine = gen.config;
# in
# machine.system.build.${formatAttr};
inherit (ssh)
};
# machine = import nixos_conf;
machine = import ./nixos.nix {
inherit sources system;
configuration = tf-host.config.nixos-configuration;
};
environment = {
key_file = key-file;
ssh_opts = sshOpts;
inherit
host
username
key-file
sshOpts
nixos_conf
;
deployment-type = "tf-proxmox-host";
nixos_conf = writeConfig {
inherit
system
module
args
deployment-name
root-path
deployment-type
;
};
environment = {
key_file = key-file;
ssh_opts = sshOpts;
inherit
host
nixos_conf
;
proxmox_user = proxmox-user;
proxmox_password = proxmox-password;
ssh_user = username;
node_name = node-name;
# image = "${image}/nixos${fileExtension}";
# image = "${image}/nixos.img";
};
# image = "${image}/nixos${fileExtension}";
# image = "${image}/nixos.img";
tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
proxmox-host = "192.168.51.81"; # root@fediversity-proxmox
vm-names = [ "test14" ];
vm_name = "test14";
in
pkgs.writers.writeBashBin "deploy-tf-proxmox.sh"
(withPackages [
pkgs.jq
pkgs.qemu
pkgs.nixos-generators
pkgs.httpie
(pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; })
])
''
set -xe
proxmox_user = proxmox-user;
proxmox_password = proxmox-password;
ssh_user = username;
node_name = node-name;
image = "${machine.config.system.build.image}/${machine.config.boot.uki.name}.raw";
};
tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
proxmox-host = "192.168.51.81"; # root@fediversity-proxmox
vm-names = [ "test14" ];
vm_name = "test14";
in
pkgs.writers.writeBashBin "deploy-tf-proxmox.sh"
(withPackages [
pkgs.jq
pkgs.qemu
pkgs.nixos-generators
pkgs.httpie
(pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; })
])
lib.trace
(lib.strings.toJSON environment)
''
set -xe
# bash ./infra/proxmox-remove.sh \
# --api-url "https://${proxmox-host}:8006/api2/json" \
# --username "${proxmox-user}" \
# --password "${proxmox-password}" \
# --node "${node-name}" \
# 7014
# # ^ hardcoded ID of test14
# # ${lib.concatStringsSep " " vm-names}
# bash ./infra/proxmox-remove.sh \
# --api-url "https://${proxmox-host}:8006/api2/json" \
# --username "${proxmox-user}" \
# --password "${proxmox-password}" \
# --node "${node-name}" \
# 7014
# # ^ hardcoded ID of test14
# # ${lib.concatStringsSep " " vm-names}
# TODO after install: $nix_host_keys
# cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key
# chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key
# cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub
# chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub
# TODO after install: $nix_host_keys
# cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key
# chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key
# cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub
# chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub
qemu-img convert -f raw -O qcow2 -C ${(import nixos_conf).config.system.build.image}/monkey.raw /tmp/disk.qcow2
exit 1
# TF_VAR_image=/tmp/disk.qcow2 \
env ${
toString (
lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") (
lib.trace (lib.strings.toJSON environment) environment
)
)
} \
TF_VAR_image=/tmp/disk.qcow2 \
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
# env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
# tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
'';
};
env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
'';
};
}
);
};
});
};
};
in