kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

centralize TF

Browse source 
Signed-off-by: Kiara Grouwstra <kiara@procolix.eu>
This commit is contained in:
Kiara Grouwstra 2025-11-10 13:22:22 +01:00
parent 18bc596e76
commit ca8ba444b7
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
9 changed files with 78 additions and 210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
deployment/check/data-model-tf/02-opentofu-sandboxed-init.patch → deployment/02-opentofu-sandboxed-init.patch
View file

22
deployment/check/data-model-tf/default.nix
View file

@ -9,27 +9,7 @@ let
terraform-backend = terraform-backend =
prev.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/te/terraform-backend/package.nix" prev.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/te/terraform-backend/package.nix"
{ }; { };
# FIXME centralize overlays opentofu = pkgs.callPackage ../../tf.nix { };
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
opentofu =
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
});
}; };
pkgs = import sources.nixpkgs { pkgs = import sources.nixpkgs {
inherit system; inherit system;

22
deployment/check/netbox-ips/default.nix
View file

@ -9,27 +9,7 @@ let
terraform-backend = terraform-backend =
prev.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/te/terraform-backend/package.nix" prev.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/te/terraform-backend/package.nix"
{ }; { };
# FIXME centralize overlays opentofu = pkgs.callPackage ../../tf.nix { };
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
opentofu =
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
});
}; };
pkgs = import sources.nixpkgs { pkgs = import sources.nixpkgs {
inherit system; inherit system;

27
deployment/run/tf-netbox-get-ip/tf.nix
View file

@ -1,9 +1,6 @@
# FIXME: use overlays so this gets imported just once?
{ {
pkgs, pkgs,
}: }:
# FIXME centralize overlays
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
let let
sources = import ../../../npins; sources = import ../../../npins;
mkProvider = mkProvider =
@ -12,27 +9,7 @@ let
{ mkProviderFetcher = { repo, ... }: sources.${repo}; } // args { mkProviderFetcher = { repo, ... }: sources.${repo}; } // args
); );
in in
( (pkgs.callPackage ../../tf.nix { }).withPlugins (_: [
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})
).withPlugins
(_: [
(mkProvider { (mkProvider {
owner = "e-breuninger"; owner = "e-breuninger";
repo = "terraform-provider-netbox"; repo = "terraform-provider-netbox";
@ -44,4 +21,4 @@ in
homepage = "https://registry.terraform.io/providers/e-breuninger/netbox"; homepage = "https://registry.terraform.io/providers/e-breuninger/netbox";
provider-source-address = "registry.opentofu.org/e-breuninger/netbox"; provider-source-address = "registry.opentofu.org/e-breuninger/netbox";
}) })
]) ])

27
deployment/run/tf-netbox-store-ips/tf.nix
View file

@ -1,9 +1,6 @@
# FIXME: use overlays so this gets imported just once?
{ {
pkgs, pkgs,
}: }:
# FIXME centralize overlays
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
let let
sources = import ../../../npins; sources = import ../../../npins;
mkProvider = mkProvider =
@ -12,27 +9,7 @@ let
{ mkProviderFetcher = { repo, ... }: sources.${repo}; } // args { mkProviderFetcher = { repo, ... }: sources.${repo}; } // args
); );
in in
( (pkgs.callPackage ../../tf.nix { }).withPlugins (_: [
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})
).withPlugins
(_: [
(mkProvider { (mkProvider {
owner = "e-breuninger"; owner = "e-breuninger";
repo = "terraform-provider-netbox"; repo = "terraform-provider-netbox";
@ -44,4 +21,4 @@ in
homepage = "https://registry.terraform.io/providers/e-breuninger/netbox"; homepage = "https://registry.terraform.io/providers/e-breuninger/netbox";
provider-source-address = "registry.opentofu.org/e-breuninger/netbox"; provider-source-address = "registry.opentofu.org/e-breuninger/netbox";
}) })
]) ])

27
deployment/run/tf-proxmox-template/tf.nix
View file

@ -1,9 +1,6 @@
# FIXME: use overlays so this gets imported just once?
{ {
pkgs, pkgs,
}: }:
# FIXME centralize overlays
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
let let
sources = import ../../../npins; sources = import ../../../npins;
mkProvider = mkProvider =
@ -12,27 +9,7 @@ let
{ mkProviderFetcher = { repo, ... }: sources.${repo}; } // args { mkProviderFetcher = { repo, ... }: sources.${repo}; } // args
); );
in in
( (pkgs.callPackage ../../tf.nix { }).withPlugins (p: [
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})
).withPlugins
(p: [
p.external p.external
(mkProvider { (mkProvider {
owner = "bpg"; owner = "bpg";
@ -45,4 +22,4 @@ in
homepage = "https://registry.terraform.io/providers/bpg/proxmox"; homepage = "https://registry.terraform.io/providers/bpg/proxmox";
provider-source-address = "registry.opentofu.org/bpg/proxmox"; provider-source-address = "registry.opentofu.org/bpg/proxmox";
}) })
]) ])

27
deployment/run/tf-proxmox-vm/tf.nix
View file

@ -1,9 +1,6 @@
# FIXME: use overlays so this gets imported just once?
{ {
pkgs, pkgs,
}: }:
# FIXME centralize overlays
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
let let
sources = import ../../../npins; sources = import ../../../npins;
mkProvider = mkProvider =
@ -12,27 +9,7 @@ let
{ mkProviderFetcher = { repo, ... }: sources.${repo}; } // args { mkProviderFetcher = { repo, ... }: sources.${repo}; } // args
); );
in in
( (pkgs.callPackage ../../tf.nix { }).withPlugins (p: [
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})
).withPlugins
(p: [
p.external p.external
p.null p.null
(mkProvider { (mkProvider {
@ -46,4 +23,4 @@ in
homepage = "https://registry.terraform.io/providers/bpg/proxmox"; homepage = "https://registry.terraform.io/providers/bpg/proxmox";
provider-source-address = "registry.opentofu.org/bpg/proxmox"; provider-source-address = "registry.opentofu.org/bpg/proxmox";
}) })
]) ])

26
deployment/run/tf-single-host/tf.nix
View file

@ -1,29 +1,5 @@
# FIXME: use overlays so this gets imported just once?
{ {
pkgs, pkgs,
sources ? import ../../../npins,
... ...
}: }:
# FIXME centralize overlays (pkgs.callPackage ../../tf.nix { }).withPlugins (p: [ p.external ])
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
(
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
../../check/data-model-tf/02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})
).withPlugins
(p: [ p.external ])

24
deployment/tf.nix Normal file
View file

@ -0,0 +1,24 @@
{
pkgs,
sources ? import ../npins,
...
}:
# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849
(pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { })
.overrideAttrs
(old: rec {
patches = (old.patches or [ ]) ++ [
# TF with back-end poses a problem for nix: initialization involves both
# mutation (nix: only inside build) and a network call (nix: not inside build)
./02-opentofu-sandboxed-init.patch
];
# versions > 1.9.0 need go 1.24+
version = "1.9.0";
src = pkgs.fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
tag = "v${version}";
hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4=";
};
vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do=";
})