kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

simplify

Browse source 
Signed-off-by: Kiara Grouwstra <kiara@procolix.eu>
This commit is contained in:
Kiara Grouwstra 2025-09-23 13:42:49 +02:00
parent 6426e70b84
commit bd631227e7
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
1 changed files with 118 additions and 178 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

296
deployment/data-model.nix
View file

@ -388,197 +388,137 @@ let
tf-proxmox-host = mkOption { tf-proxmox-host = mkOption {
description = "A Terraform deployment by SSH to update a single existing NixOS host."; description = "A Terraform deployment by SSH to update a single existing NixOS host.";
# type = submodule (tf-host: { # type = submodule (tf-host: {
type = submodule ( type = submodule (tf-host: {
tf-host: options = {
let system = mkOption {
raw = { description = "The architecture of the system to deploy to.";
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw.nix"; type = types.str;
formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/raw-efi.nix";
formatAttr = "raw";
fileExtension = ".img";
}; };
format = raw; inherit nixos-configuration;
# qcow = { ssh = host-ssh;
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow.nix"; # TODO: add proxmox info
# formatAttr = "qcow"; module = mkOption {
# fileExtension = ".qcow2"; description = "The module to call to obtain the NixOS configuration from.";
# }; type = types.str;
# format = qcow; };
# qcow-efi = { args = mkOption {
# formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/qcow-efi.nix"; description = "The arguments with which to call the module to obtain the NixOS configuration.";
# formatAttr = "qcow-efi"; type = types.attrs;
# fileExtension = ".qcow2"; };
# }; deployment-name = mkOption {
# format = qcow-efi; description = "The name of the deployment for which to obtain the NixOS configuration.";
inherit (format) formatConfig fileExtension formatAttr; type = types.str;
# inherit (format) formatConfig fileExtension; # formatAttr };
in root-path = mkOption {
{ description = "The path to the root of the repository.";
options = { type = types.path;
system = mkOption { };
description = "The architecture of the system to deploy to."; proxmox-user = mkOption {
type = types.str; description = "The ProxmoX user to use.";
}; type = types.str;
inherit nixos-configuration; default = "root@pam";
ssh = host-ssh; };
# TODO: add proxmox info # TODO: is sensitivity here handled properly?
module = mkOption { proxmox-password = mkOption {
description = "The module to call to obtain the NixOS configuration from."; description = "The ProxmoX password to use.";
type = types.str; type = types.str;
}; };
args = mkOption { node-name = mkOption {
description = "The arguments with which to call the module to obtain the NixOS configuration."; description = "the name of the ProxmoX node to use.";
type = types.attrs; type = types.str;
}; };
deployment-name = mkOption { run = mkOption {
description = "The name of the deployment for which to obtain the NixOS configuration."; type = types.package;
type = types.str; # error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times.
}; # readOnly = true;
root-path = mkOption { default =
description = "The path to the root of the repository."; let
type = types.path; inherit (tf-host.config)
}; system
proxmox-user = mkOption { ssh
description = "The ProxmoX user to use."; module
type = types.str; args
default = "root@pam"; deployment-name
}; root-path
# TODO: is sensitivity here handled properly? proxmox-user
proxmox-password = mkOption { proxmox-password
description = "The ProxmoX password to use."; node-name
type = types.str; ;
}; inherit (ssh)
node-name = mkOption { host
description = "the name of the ProxmoX node to use."; username
type = types.str; key-file
}; sshOpts
run = mkOption { ;
type = types.package; deployment-type = "tf-proxmox-host";
# error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times. nixos_conf = writeConfig {
# readOnly = true; inherit
default =
let
inherit (tf-host.config)
system system
ssh
module module
args args
deployment-name deployment-name
root-path root-path
proxmox-user deployment-type
proxmox-password
node-name
; ;
# image = let };
# # TODO parameterize things to let this flow into the terraform # machine = import nixos_conf;
# # btw qcow can be made by nixos-generators (qcow, qcow-efi) or by `image.repart` machine = import ./nixos.nix {
# # wait, so i generate an image for the nixos config from the data model? how would i then propagate that to deploy? inherit sources system;
# gen = import "${pkgs.nixos-generators}/share/nixos-generator/nixos-generate.nix" { configuration = tf-host.config.nixos-configuration;
# inherit system formatConfig; };
# inherit (sources) nixpkgs;
# # configuration = import "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix"; environment = {
# # formatConfig = "${pkgs.nixos-generators}/share/nixos-generator/formats/proxmox.nix"; key_file = key-file;
# configuration = tf-host.config.nixos-configuration; ssh_opts = sshOpts;
# # configuration = { inherit
# # imports = [
# # # "${pkgs.nixos-generators}/share/nixos-generator/configuration.nix"
# # # "${sources.nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
# # # "${sources.agenix}/modules/age.nix"
# # # "${sources.disko}/module.nix"
# # # "${sources.home-manager}/nixos"
# # ];
# # };
# };
# machine = gen.config;
# in
# machine.system.build.${formatAttr};
inherit (ssh)
host host
username nixos_conf
key-file
sshOpts
; ;
deployment-type = "tf-proxmox-host"; proxmox_user = proxmox-user;
nixos_conf = writeConfig { proxmox_password = proxmox-password;
inherit ssh_user = username;
system node_name = node-name;
module image = "${machine.config.system.build.image}/${machine.config.boot.uki.name}.raw";
args };
deployment-name tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
root-path proxmox-host = "192.168.51.81"; # root@fediversity-proxmox
deployment-type vm-names = [ "test14" ];
; vm_name = "test14";
}; in
environment = { pkgs.writers.writeBashBin "deploy-tf-proxmox.sh"
key_file = key-file; (withPackages [
ssh_opts = sshOpts; pkgs.jq
inherit pkgs.qemu
host pkgs.nixos-generators
nixos_conf pkgs.httpie
; (pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; })
proxmox_user = proxmox-user; ])
proxmox_password = proxmox-password; lib.trace
ssh_user = username; (lib.strings.toJSON environment)
node_name = node-name; ''
# image = "${image}/nixos${fileExtension}"; set -xe
# image = "${image}/nixos.img";
};
# image = "${image}/nixos${fileExtension}";
# image = "${image}/nixos.img";
tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
proxmox-host = "192.168.51.81"; # root@fediversity-proxmox
vm-names = [ "test14" ];
vm_name = "test14";
in
pkgs.writers.writeBashBin "deploy-tf-proxmox.sh"
(withPackages [
pkgs.jq
pkgs.qemu
pkgs.nixos-generators
pkgs.httpie
(pkgs.callPackage ./run/tf-proxmox/tf.nix { inherit sources; })
])
''
set -xe
# bash ./infra/proxmox-remove.sh \ # bash ./infra/proxmox-remove.sh \
# --api-url "https://${proxmox-host}:8006/api2/json" \ # --api-url "https://${proxmox-host}:8006/api2/json" \
# --username "${proxmox-user}" \ # --username "${proxmox-user}" \
# --password "${proxmox-password}" \ # --password "${proxmox-password}" \
# --node "${node-name}" \ # --node "${node-name}" \
# 7014 # 7014
# # ^ hardcoded ID of test14 # # ^ hardcoded ID of test14
# # ${lib.concatStringsSep " " vm-names} # # ${lib.concatStringsSep " " vm-names}
# TODO after install: $nix_host_keys # TODO after install: $nix_host_keys
# cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key # cp $tmpdir/${vm_name}_host_key /mnt/etc/ssh/ssh_host_ed25519_key
# chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key # chmod 600 /mnt/etc/ssh/ssh_host_ed25519_key
# cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub # cp $tmpdir/${vm_name}_host_key.pub /mnt/etc/ssh/ssh_host_ed25519_key.pub
# chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub # chmod 644 /mnt/etc/ssh/ssh_host_ed25519_key.pub
qemu-img convert -f raw -O qcow2 -C ${(import nixos_conf).config.system.build.image}/monkey.raw /tmp/disk.qcow2 env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
exit 1 '';
# TF_VAR_image=/tmp/disk.qcow2 \
env ${
toString (
lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") (
lib.trace (lib.strings.toJSON environment) environment
)
)
} \
TF_VAR_image=/tmp/disk.qcow2 \
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
# env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
# tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
'';
};
}; };
} };
); });
}; };
}; };
in in