From bd631227e79575a35a6347c501b5386cbd6233cc Mon Sep 17 00:00:00 2001 From: Kiara Grouwstra Date: Tue, 23 Sep 2025 13:42:49 +0200 Subject: [PATCH] simplify Signed-off-by: Kiara Grouwstra --- deployment/data-model.nix | 296 +++++++++++++++----------------------- 1 file changed, 118 insertions(+), 178 deletions(-) diff --git a/deployment/data-model.nix b/deployment/data-model.nix index 351e8eaf..3da31774 100644 --- a/deployment/data-model.nix +++ b/deployment/data-model.nix @@ -388,197 +388,137 @@ let tf-proxmox-host = mkOption { description = "A Terraform deployment by SSH to update a single existing NixOS host."; # type = submodule (tf-host: { - type = submodule ( - tf-host: - let - raw = { - # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw.nix"; - formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw-efi.nix"; - formatAttr = "raw"; - fileExtension = ".img"; + type = submodule (tf-host: { + options = { + system = mkOption { + description = "The architecture of the system to deploy to."; + type = types.str; }; - format = raw; - # qcow = { - # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow.nix"; - # formatAttr = "qcow"; - # fileExtension = ".qcow2"; - # }; - # format = qcow; - # qcow-efi = { - # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow-efi.nix"; - # formatAttr = "qcow-efi"; - # fileExtension = ".qcow2"; - # }; - # format = qcow-efi; - inherit (format) formatConfig fileExtension formatAttr; - # inherit (format) formatConfig fileExtension; # formatAttr - in - { - options = { - system = mkOption { - description = "The architecture of the system to deploy to."; - type = types.str; - }; - inherit nixos-configuration; - ssh = host-ssh; - # TODO: add proxmox info - module = mkOption { - description = "The module to call to obtain the NixOS configuration from."; - type = types.str; - }; - args = mkOption { - description = "The arguments with which to call the module to obtain the NixOS configuration."; - type = types.attrs; - }; - deployment-name = mkOption { - description = "The name of the deployment for which to obtain the NixOS configuration."; - type = types.str; - }; - root-path = mkOption { - description = "The path to the root of the repository."; - type = types.path; - }; - proxmox-user = mkOption { - description = "The ProxmoX user to use."; - type = types.str; - default = "root@pam"; - }; - # TODO: is sensitivity here handled properly? - proxmox-password = mkOption { - description = "The ProxmoX password to use."; - type = types.str; - }; - node-name = mkOption { - description = "the name of the ProxmoX node to use."; - type = types.str; - }; - run = mkOption { - type = types.package; - # error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times. - # readOnly = true; - default = - let - inherit (tf-host.config) + inherit nixos-configuration; + ssh = host-ssh; + # TODO: add proxmox info + module = mkOption { + description = "The module to call to obtain the NixOS configuration from."; + type = types.str; + }; + args = mkOption { + description = "The arguments with which to call the module to obtain the NixOS configuration."; + type = types.attrs; + }; + deployment-name = mkOption { + description = "The name of the deployment for which to obtain the NixOS configuration."; + type = types.str; + }; + root-path = mkOption { + description = "The path to the root of the repository."; + type = types.path; + }; + proxmox-user = mkOption { + description = "The ProxmoX user to use."; + type = types.str; + default = "root@pam"; + }; + # TODO: is sensitivity here handled properly? + proxmox-password = mkOption { + description = "The ProxmoX password to use."; + type = types.str; + }; + node-name = mkOption { + description = "the name of the ProxmoX node to use."; + type = types.str; + }; + run = mkOption { + type = types.package; + # error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times. + # readOnly = true; + default = + let + inherit (tf-host.config) + system + ssh + module + args + deployment-name + root-path + proxmox-user + proxmox-password + node-name + ; + inherit (ssh) + host + username + key-file + sshOpts + ; + deployment-type = "tf-proxmox-host"; + nixos_conf = writeConfig { + inherit system - ssh module args deployment-name root-path - proxmox-user - proxmox-password - node-name + deployment-type ; - # image = let - # # TODO parameterize things to let this flow into the terraform - # # btw qcow can be made by nixos-generators (qcow, qcow-efi) or by `image.repart` - # # wait, so i generate an image for the nixos config from the data model? how would i then propagate that to deploy? - # gen = import "${pkgs.nixos-generators}/share/nixos-generator/nixos-generate.nix" { - # inherit system formatConfig; - # inherit (sources) nixpkgs; - # # configuration = import "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix"; - # # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/proxmox.nix"; - # configuration = tf-host.config.nixos-configuration; - # # configuration = { - # # imports = [ - # # # "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix" - # # # "${sources.nixpkgs}/nixos/modules/profiles/qemu-guest.nix" - # # # "${sources.agenix}/modules/age.nix" - # # # "${sources.disko}/module.nix" - # # # "${sources.home-manager}/nixos" - # # ]; - # # }; - # }; - # machine = gen.config; - # in - # machine.system.build.${formatAttr}; - inherit (ssh) + }; + # machine = import nixos_conf; + machine = import ./nixos.nix { + inherit sources system; + configuration = tf-host.config.nixos-configuration; + }; + + environment = { + key_file = key-file; + ssh_opts = sshOpts; + inherit host - username - key-file - sshOpts + nixos_conf ; - deployment-type = "tf-proxmox-host"; - nixos_conf = writeConfig { - inherit - system - module - args - deployment-name - root-path - deployment-type - ; - }; - environment = { - key_file = key-file; - ssh_opts = sshOpts; - inherit - host - nixos_conf - ; - proxmox_user = proxmox-user; - proxmox_password = proxmox-password; - ssh_user = username; - node_name = node-name; - # image = "${image}/nixos${fileExtension}"; - # image = "${image}/nixos.img"; - }; - # image = "${image}/nixos${fileExtension}"; - # image = "${image}/nixos.img"; - tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { }; - proxmox-host = "192.168.51.81"; # root@fediversity-proxmox - vm-names = [ "test14" ]; - vm_name = "test14"; - in - pkgs.writers.writeBashBin "deploy-tf-proxmox.sh" - (withPackages [ - pkgs.jq - pkgs.qemu - pkgs.nixos-generators - pkgs.httpie - (pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; }) - ]) - '' - set -xe + proxmox_user = proxmox-user; + proxmox_password = proxmox-password; + ssh_user = username; + node_name = node-name; + image = "${machine.config.system.build.image}/${machine.config.boot.uki.name}.raw"; + }; + tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { }; + proxmox-host = "192.168.51.81"; # root@fediversity-proxmox + vm-names = [ "test14" ]; + vm_name = "test14"; + in + pkgs.writers.writeBashBin "deploy-tf-proxmox.sh" + (withPackages [ + pkgs.jq + pkgs.qemu + pkgs.nixos-generators + pkgs.httpie + (pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; }) + ]) + lib.trace + (lib.strings.toJSON environment) + '' + set -xe - # bash ./infra/proxmox-remove.sh \ - # --api-url "https://${proxmox-host}:8006/api2/json" \ - # --username "${proxmox-user}" \ - # --password "${proxmox-password}" \ - # --node "${node-name}" \ - # 7014 - # # ^ hardcoded ID of test14 - # # ${lib.concatStringsSep " " vm-names} + # bash ./infra/proxmox-remove.sh \ + # --api-url "https://${proxmox-host}:8006/api2/json" \ + # --username "${proxmox-user}" \ + # --password "${proxmox-password}" \ + # --node "${node-name}" \ + # 7014 + # # ^ hardcoded ID of test14 + # # ${lib.concatStringsSep " " vm-names} - # TODO after install: $nix_host_keys - # cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key - # chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key - # cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub - # chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub + # TODO after install: $nix_host_keys + # cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key + # chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key + # cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub + # chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub - qemu-img convert -f raw -O qcow2 -C ${(import nixos_conf).config.system.build.image}/monkey.raw /tmp/disk.qcow2 - - exit 1 - - # TF_VAR_image=/tmp/disk.qcow2 \ - - env ${ - toString ( - lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") ( - lib.trace (lib.strings.toJSON environment) environment - ) - ) - } \ - TF_VAR_image=/tmp/disk.qcow2 \ - tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh - - # env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \ - # tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh - ''; - }; + env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \ + tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh + ''; }; - } - ); + }; + }); }; }; in