kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity

in TF distinguish base from regular config

Browse source
This commit is contained in:
Kiara Grouwstra 2025-05-11 13:54:57 +02:00
parent 1cb5296ecb
commit eeb3970fda
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
3 changed files with 20 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
infra/operator/main.tf
View file

@ -77,6 +77,10 @@ module "nixos" {
${path.root}/../../machines/operator/${inst.hostname} ${path.root}/../../machines/operator/${inst.hostname}
${path.module}/${name}.nix ${path.module}/${name}.nix
]; ];
}
EOF
config_nix_base = <<-EOF
{
## FIXME: switch root authentication to users with password-less sudo, see #24 ## FIXME: switch root authentication to users with password-less sudo, see #24
users.users.root.openssh.authorizedKeys.keys = let users.users.root.openssh.authorizedKeys.keys = let
keys = import ../../keys; keys = import ../../keys;

17
infra/sync-nix/main.tf
View file

@ -153,6 +153,7 @@ resource "terraform_data" "nixos" {
# - `data` always runs, which is slow for deploy and especially build. # - `data` always runs, which is slow for deploy and especially build.
triggers_replace = [ triggers_replace = [
data.external.hash.result, data.external.hash.result,
var.config_nix_base,
var.config_nix, var.config_nix,
var.config_tf, var.config_tf,
] ]
@ -180,14 +181,14 @@ resource "terraform_data" "nixos" {
'let 'let
os = import <nixpkgs/nixos> { os = import <nixpkgs/nixos> {
system = "${local.system}"; system = "${local.system}";
configuration = configuration = {
${var.config_nix} // # nix path for debugging
# template parameters passed in from TF thru json nix.nixPath = [ "${local.nix_path}" ];
builtins.fromJSON "${replace(jsonencode(var.config_tf), "\"", "\\\"")}" // }
{ // ${var.config_nix_base}
# nix path for debugging // ${var.config_nix}
nix.nixPath = [ "${local.nix_path}" ]; # template parameters passed in from TF thru json
}; // builtins.fromJSON "${replace(jsonencode(local.config_tf), "\"", "\\\"")}";
}; };
in in
# info we want to get back out # info we want to get back out

7
infra/sync-nix/variables.tf
View file

@ -32,8 +32,15 @@ variable "disk_size" {
default = 32 default = 32
} }
variable "config_nix_base" {
type = string
description = "Nix configuration to be used in the deployed VM as well as the base install."
default = "{}"
}
variable "config_nix" { variable "config_nix" {
type = string type = string
description = "Nix configuration to be used in the deployed VM."
default = "{}" default = "{}"
} }