diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index 26097f39..751a1127 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -26,3 +26,9 @@ jobs: steps: - uses: actions/checkout@v4 - run: cd panel && nix-build -A tests + + check-deployment-basic: + runs-on: native + steps: + - uses: actions/checkout@v4 + - run: nix build .#checks.x86_64-linux.deployment-basic -L diff --git a/deployment/check/basic/README.md b/deployment/check/basic/README.md new file mode 100644 index 00000000..7b17dec5 --- /dev/null +++ b/deployment/check/basic/README.md @@ -0,0 +1,9 @@ +# Basic deployment test + +Basic deployment test with one deployer machine, one target machine, and a +simple target application, namely cowsay. The goal is to check that basic +functionalities are here. + +It is heavily inspired by a similar test in nixops4-nixos: + +https://github.com/nixops4/nixops4-nixos/blob/main/test/default/nixosTest.nix diff --git a/deployment/check/basic/deployer.pub b/deployment/check/basic/deployer.pub new file mode 100644 index 00000000..6da96ddb --- /dev/null +++ b/deployment/check/basic/deployer.pub @@ -0,0 +1 @@ +## This file is just a placeholder. It is overwritten by the test. diff --git a/deployment/check/basic/deployment.nix b/deployment/check/basic/deployment.nix new file mode 100644 index 00000000..df40a765 --- /dev/null +++ b/deployment/check/basic/deployment.nix @@ -0,0 +1,32 @@ +{ + inputs, + lib, + providers, + ... +}: + +{ + providers.local = inputs.nixops4.modules.nixops4Provider.local; + + resources.target = { + type = providers.local.exec; + imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; + + ssh = { + host = "target"; + hostPublicKey = builtins.readFile ./target_host_key.pub; + }; + + nixpkgs = inputs.nixpkgs; + nixos.module = + { pkgs, ... }: + { + imports = [ + ./minimalTarget.nix + (lib.modules.importJSON ./target-network.json) + ]; + nixpkgs.hostPlatform = "x86_64-linux"; + environment.systemPackages = [ pkgs.cowsay ]; + }; + }; +} diff --git a/deployment/check/basic/flake-part.nix b/deployment/check/basic/flake-part.nix new file mode 100644 index 00000000..aabf4705 --- /dev/null +++ b/deployment/check/basic/flake-part.nix @@ -0,0 +1,21 @@ +{ inputs, ... }: + +{ + nixops4Deployments.check-deployment-basic = + { ... }: + { + imports = [ + ./deployment.nix + ]; + _module.args.inputs = inputs; + }; + + perSystem = + { inputs', pkgs, ... }: + { + checks.deployment-basic = pkgs.callPackage ./nixosTest.nix { + nixops4-flake-in-a-bottle = inputs'.nixops4.packages.flake-in-a-bottle; + inherit inputs; + }; + }; +} diff --git a/deployment/check/basic/minimalTarget.nix b/deployment/check/basic/minimalTarget.nix new file mode 100644 index 00000000..8cf22423 --- /dev/null +++ b/deployment/check/basic/minimalTarget.nix @@ -0,0 +1,35 @@ +{ + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + (modulesPath + "/../lib/testing/nixos-test-base.nix") + ]; + + ## Test framework disables switching by default. That might be OK by itself, + ## but we also use this config for getting the dependencies in + ## `deployer.system.extraDependencies`. + system.switch.enable = true; + + nix = { + ## Not used; save a large copy operation + channel.enable = false; + registry = lib.mkForce { }; + }; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "yes"; + }; + + networking.firewall.allowedTCPPorts = [ 22 ]; + + users.users.root.openssh.authorizedKeys.keyFiles = [ ./deployer.pub ]; + + ## Test VMs don't have a bootloader by default. + boot.loader.grub.enable = false; +} diff --git a/deployment/check/basic/nixosTest.nix b/deployment/check/basic/nixosTest.nix new file mode 100644 index 00000000..11e1de55 --- /dev/null +++ b/deployment/check/basic/nixosTest.nix @@ -0,0 +1,161 @@ +{ + testers, + inputs, + runCommandNoCC, + nixops4-flake-in-a-bottle, + ... +}: + +testers.runNixOSTest ( + { + lib, + config, + hostPkgs, + ... + }: + let + vmSystem = config.node.pkgs.hostPlatform.system; + + pathToRoot = ../../..; + pathFromRoot = "deployment/check/basic"; + deploymentName = "check-deployment-basic"; + + ## TODO: sanity check the existence of (pathToRoot + "/flake.nix") + ## TODO: sanity check that (pathToRoot + "/${pathFromRoot}" == ./.) + + ## The whole repository, with the flake at its root. + src = lib.fileset.toSource { + fileset = pathToRoot; + root = pathToRoot; + }; + + ## We will need to override some inputs by the empty flake, so we make one. + emptyFlake = runCommandNoCC "empty-flake" { } '' + mkdir $out + echo "{ outputs = { self }: {}; }" > $out/flake.nix + ''; + + targetNetworkJSON = hostPkgs.writeText "target-network.json" ( + builtins.toJSON config.nodes.target.system.build.networkConfig + ); + + in + { + name = "deployment-basic"; + imports = [ + inputs.nixops4-nixos.modules.nixosTest.static + ]; + + nodes = { + deployer = + { pkgs, nodes, ... }: + { + environment.systemPackages = [ + inputs.nixops4.packages.${vmSystem}.default + ]; + + virtualisation = { + ## Memory use is expected to be dominated by the NixOS evaluation, + ## which happens on the deployer. + memorySize = 4096; + diskSize = 10 * 1024; + cores = 2; + }; + + nix.settings = { + substituters = lib.mkForce [ ]; + hashed-mirrors = null; + connect-timeout = 1; + }; + + system.extraDependencies = + [ + "${inputs.flake-parts}" + "${inputs.flake-parts.inputs.nixpkgs-lib}" + "${inputs.nixops4}" + "${inputs.nixops4-nixos}" + "${inputs.nixpkgs}" + + pkgs.stdenv + pkgs.stdenvNoCC + + pkgs.cowsay + pkgs.cowsay.inputDerivation # NOTE: Crucial!!! + + ## Some derivations will be different compared to target's initial + ## state, so we'll need to be able to build something similar. + ## Generally the derivation inputs aren't that different, so we + ## use the initial state of the target as a base. + nodes.target.system.build.toplevel.inputDerivation + nodes.target.system.build.etc.inputDerivation + nodes.target.system.path.inputDerivation + nodes.target.system.build.bootStage1.inputDerivation + nodes.target.system.build.bootStage2.inputDerivation + ] + ++ lib.concatLists ( + lib.mapAttrsToList ( + _k: v: if v ? source.inputDerivation then [ v.source.inputDerivation ] else [ ] + ) nodes.target.environment.etc + ); + }; + + target.imports = [ ./minimalTarget.nix ]; + }; + + testScript = '' + start_all() + + target.wait_for_unit("multi-user.target") + deployer.wait_for_unit("multi-user.target") + + with subtest("Unpacking"): + deployer.succeed("cp -r --no-preserve=mode ${src} work") + + with subtest("Configure the network"): + deployer.copy_from_host("${targetNetworkJSON}", "/root/target-network.json") + deployer.succeed("mv /root/target-network.json work/${pathFromRoot}/target-network.json") + + with subtest("Configure the deployer key"): + deployer.succeed("""mkdir -p ~/.ssh && ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa""") + deployer_key = deployer.succeed("cat ~/.ssh/id_rsa.pub").strip() + deployer.succeed(f"echo '{deployer_key}' > work/${pathFromRoot}/deployer.pub") + target.succeed(f"mkdir -p /root/.ssh && echo '{deployer_key}' >> /root/.ssh/authorized_keys") + + with subtest("Configure the target host key"): + target_host_key = target.succeed("ssh-keyscan target | grep -v '^#' | cut -f 2- -d ' ' | head -n 1") + deployer.succeed(f"echo '{target_host_key}' > work/${pathFromRoot}/target_host_key.pub") + + ## NOTE: This is super slow. It could probably be optimised in Nix, for + ## instance by allowing to grab things directly from the host's store. + with subtest("Override the lock"): + deployer.succeed(""" + cd work + nix flake lock --extra-experimental-features 'flakes nix-command' \ + --offline -v \ + --override-input flake-parts ${inputs.flake-parts} \ + --override-input nixops4 ${nixops4-flake-in-a-bottle} \ + \ + --override-input nixops4-nixos ${inputs.nixops4-nixos} \ + --override-input nixops4-nixos/flake-parts ${inputs.nixops4-nixos.inputs.flake-parts} \ + --override-input nixops4-nixos/flake-parts/nixpkgs-lib ${inputs.nixops4-nixos.inputs.flake-parts.inputs.nixpkgs-lib} \ + --override-input nixops4-nixos/nixops4-nixos ${emptyFlake} \ + --override-input nixops4-nixos/nixpkgs ${inputs.nixops4-nixos.inputs.nixpkgs} \ + --override-input nixops4-nixos/nixops4 ${nixops4-flake-in-a-bottle} \ + --override-input nixops4-nixos/git-hooks-nix ${emptyFlake} \ + \ + --override-input nixpkgs ${inputs.nixpkgs} \ + --override-input git-hooks ${inputs.git-hooks} \ + ; + """) + + with subtest("Check the status before deployment"): + target.fail("cowsay hi 1>&2") + + with subtest("Run the deployment"): + deployer.succeed("cd work && nixops4 apply ${deploymentName} --show-trace --no-interactive") + + with subtest("Check the deployment"): + target.succeed("cowsay hi 1>&2") + ''; + } +) diff --git a/deployment/check/basic/target-network.json b/deployment/check/basic/target-network.json new file mode 100644 index 00000000..45cdf494 --- /dev/null +++ b/deployment/check/basic/target-network.json @@ -0,0 +1 @@ +{"comment": "This file is just a placeholder. It is overwritten by the test."} diff --git a/deployment/check/basic/target_host_key.pub b/deployment/check/basic/target_host_key.pub new file mode 100644 index 00000000..6da96ddb --- /dev/null +++ b/deployment/check/basic/target_host_key.pub @@ -0,0 +1 @@ +## This file is just a placeholder. It is overwritten by the test. diff --git a/deployment/flake-part.nix b/deployment/flake-part.nix new file mode 100644 index 00000000..50030505 --- /dev/null +++ b/deployment/flake-part.nix @@ -0,0 +1,3 @@ +{ + imports = [ ./check/basic/flake-part.nix ]; +} diff --git a/flake.lock b/flake.lock index ad891639..8ecb7bd0 100644 --- a/flake.lock +++ b/flake.lock @@ -38,23 +38,6 @@ "type": "github" } }, - "crane_2": { - "flake": false, - "locked": { - "lastModified": 1727316705, - "narHash": "sha256-/mumx8AQ5xFuCJqxCIOFCHTVlxHkMT21idpbgbm/TIE=", - "owner": "ipetkov", - "repo": "crane", - "rev": "5b03654ce046b5167e7b0bccbd8244cb56c16f0e", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "ref": "v0.19.0", - "repo": "crane", - "type": "github" - } - }, "darwin": { "inputs": { "nixpkgs": [ @@ -98,6 +81,7 @@ "dream2nix": { "inputs": { "nixpkgs": [ + "nixops4-nixos", "nixops4", "nix-cargo-integration", "nixpkgs" @@ -119,31 +103,6 @@ "type": "github" } }, - "dream2nix_2": { - "inputs": { - "nixpkgs": [ - "nixops4-nixos", - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ], - "purescript-overlay": "purescript-overlay_2", - "pyproject-nix": "pyproject-nix_2" - }, - "locked": { - "lastModified": 1735160684, - "narHash": "sha256-n5CwhmqKxifuD4Sq4WuRP/h5LO6f23cGnSAuJemnd/4=", - "owner": "nix-community", - "repo": "dream2nix", - "rev": "8ce6284ff58208ed8961681276f82c2f8f978ef4", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "dream2nix", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -163,11 +122,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -177,38 +136,6 @@ } }, "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_5": { "flake": false, "locked": { "lastModified": 1733328505, @@ -224,7 +151,7 @@ "type": "github" } }, - "flake-compat_6": { + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1696426674, @@ -277,28 +204,6 @@ } }, "flake-parts_3": { - "inputs": { - "nixpkgs-lib": [ - "nixops4", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_4": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_3" }, @@ -316,25 +221,7 @@ "type": "github" } }, - "flake-parts_5": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_4" - }, - "locked": { - "lastModified": 1738453229, - "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_6": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nixops4-nixos", @@ -375,24 +262,6 @@ "type": "github" } }, - "flake-utils_2": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "git-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -415,44 +284,9 @@ }, "git-hooks-nix": { "inputs": { - "flake-compat": [ - "nixops4", - "nix" - ], - "gitignore": [ - "nixops4", - "nix" - ], - "nixpkgs": [ - "nixops4", - "nix", - "nixpkgs" - ], - "nixpkgs-stable": [ - "nixops4", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1734279981, - "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "git-hooks-nix_2": { - "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_2", "gitignore": "gitignore_2", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1737465171, @@ -468,7 +302,7 @@ "type": "github" } }, - "git-hooks-nix_3": { + "git-hooks-nix_2": { "inputs": { "flake-compat": [ "nixops4-nixos", @@ -587,29 +421,14 @@ "type": "github" } }, - "mk-naked-shell_2": { - "flake": false, - "locked": { - "lastModified": 1681286841, - "narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=", - "owner": "yusdacra", - "repo": "mk-naked-shell", - "rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "mk-naked-shell", - "type": "github" - } - }, "nix": { "inputs": { - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts_3", - "git-hooks-nix": "git-hooks-nix", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts_4", + "git-hooks-nix": "git-hooks-nix_2", "nixfmt": "nixfmt", "nixpkgs": [ + "nixops4-nixos", "nixops4", "nixpkgs" ], @@ -637,6 +456,7 @@ "dream2nix": "dream2nix", "mk-naked-shell": "mk-naked-shell", "nixpkgs": [ + "nixops4-nixos", "nixops4", "nixpkgs" ], @@ -658,63 +478,6 @@ "type": "github" } }, - "nix-cargo-integration_2": { - "inputs": { - "crane": "crane_2", - "dream2nix": "dream2nix_2", - "mk-naked-shell": "mk-naked-shell_2", - "nixpkgs": [ - "nixops4-nixos", - "nixops4", - "nixpkgs" - ], - "parts": "parts_2", - "rust-overlay": "rust-overlay_2", - "treefmt": "treefmt_2" - }, - "locked": { - "lastModified": 1738390452, - "narHash": "sha256-o8kg4q1V2xV9ZlszAnizXJK2c+fbhAeLbGoTUa2u1Bw=", - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "rev": "718d577808e3e31f445b6564d58b755294e72f42", - "type": "github" - }, - "original": { - "owner": "yusdacra", - "repo": "nix-cargo-integration", - "type": "github" - } - }, - "nix_2": { - "inputs": { - "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_6", - "git-hooks-nix": "git-hooks-nix_3", - "nixfmt": "nixfmt_2", - "nixpkgs": [ - "nixops4-nixos", - "nixops4", - "nixpkgs" - ], - "nixpkgs-23-11": "nixpkgs-23-11_2", - "nixpkgs-regression": "nixpkgs-regression_2" - }, - "locked": { - "lastModified": 1738382221, - "narHash": "sha256-3+qJBts5RTAtjCExo6bkqrttL+skpYZzPOVEzPSwVtc=", - "owner": "NixOS", - "repo": "nix", - "rev": "d949c8de7c7e84bb7537dc772609686c37033a3b", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nix", - "type": "github" - } - }, "nixfmt": { "inputs": { "flake-utils": "flake-utils" @@ -733,30 +496,12 @@ "type": "github" } }, - "nixfmt_2": { - "inputs": { - "flake-utils": "flake-utils_2" - }, - "locked": { - "lastModified": 1736283758, - "narHash": "sha256-hrKhUp2V2fk/dvzTTHFqvtOg000G1e+jyIam+D4XqhA=", - "owner": "NixOS", - "repo": "nixfmt", - "rev": "8d4bd690c247004d90d8554f0b746b1231fe2436", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixfmt", - "type": "github" - } - }, "nixops4": { "inputs": { - "flake-parts": "flake-parts_2", + "flake-parts": "flake-parts_3", "nix": "nix", "nix-cargo-integration": "nix-cargo-integration", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-old": "nixpkgs-old" }, "locked": { @@ -775,9 +520,9 @@ }, "nixops4-nixos": { "inputs": { - "flake-parts": "flake-parts_4", - "git-hooks-nix": "git-hooks-nix_2", - "nixops4": "nixops4_2", + "flake-parts": "flake-parts_2", + "git-hooks-nix": "git-hooks-nix", + "nixops4": "nixops4", "nixops4-nixos": [ "nixops4-nixos" ], @@ -801,28 +546,6 @@ "type": "github" } }, - "nixops4_2": { - "inputs": { - "flake-parts": "flake-parts_5", - "nix": "nix_2", - "nix-cargo-integration": "nix-cargo-integration_2", - "nixpkgs": "nixpkgs_6", - "nixpkgs-old": "nixpkgs-old_2" - }, - "locked": { - "lastModified": 1739444468, - "narHash": "sha256-brg21neEI7pUnSRksOx9IE8/Kcr8OmEg4NIxL0sSy+U=", - "owner": "nixops4", - "repo": "nixops4", - "rev": "fb601ee79d8c9e3e7aca98dd2334ea91da3ea7e0", - "type": "github" - }, - "original": { - "owner": "nixops4", - "repo": "nixops4", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1703013332, @@ -855,22 +578,6 @@ "type": "github" } }, - "nixpkgs-23-11_2": { - "locked": { - "lastModified": 1717159533, - "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446", - "type": "github" - } - }, "nixpkgs-lib": { "locked": { "lastModified": 1738452942, @@ -907,18 +614,6 @@ "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" } }, - "nixpkgs-lib_4": { - "locked": { - "lastModified": 1738452942, - "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" - } - }, "nixpkgs-old": { "locked": { "lastModified": 1735563628, @@ -935,22 +630,6 @@ "type": "github" } }, - "nixpkgs-old_2": { - "locked": { - "lastModified": 1735563628, - "narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-regression": { "locked": { "lastModified": 1643052045, @@ -967,22 +646,6 @@ "type": "github" } }, - "nixpkgs-regression_2": { - "locked": { - "lastModified": 1643052045, - "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1738136902, @@ -1016,22 +679,6 @@ } }, "nixpkgs_4": { - "locked": { - "lastModified": 1738410390, - "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3a228057f5b619feb3186e986dbe76278d707b6e", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1730768919, "narHash": "sha256-8AKquNnnSaJRXZxc5YmF/WfmxiHX6MMZZasRP6RRQkE=", @@ -1047,7 +694,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1738410390, "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", @@ -1063,7 +710,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1740463929, "narHash": "sha256-4Xhu/3aUdCKeLfdteEHMegx5ooKQvwPHNkOgNCXQrvc=", @@ -1080,28 +727,6 @@ } }, "parts": { - "inputs": { - "nixpkgs-lib": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "parts_2": { "inputs": { "nixpkgs-lib": [ "nixops4-nixos", @@ -1126,32 +751,7 @@ }, "purescript-overlay": { "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "dream2nix", - "nixpkgs" - ], - "slimlock": "slimlock" - }, - "locked": { - "lastModified": 1728546539, - "narHash": "sha256-Sws7w0tlnjD+Bjck1nv29NjC5DbL6nH5auL9Ex9Iz2A=", - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "rev": "4ad4c15d07bd899d7346b331f377606631eb0ee4", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "purescript-overlay", - "type": "github" - } - }, - "purescript-overlay_2": { - "inputs": { - "flake-compat": "flake-compat_6", + "flake-compat": "flake-compat_4", "nixpkgs": [ "nixops4-nixos", "nixops4", @@ -1159,7 +759,7 @@ "dream2nix", "nixpkgs" ], - "slimlock": "slimlock_2" + "slimlock": "slimlock" }, "locked": { "lastModified": 1728546539, @@ -1192,57 +792,21 @@ "type": "github" } }, - "pyproject-nix_2": { - "flake": false, - "locked": { - "lastModified": 1702448246, - "narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=", - "owner": "davhau", - "repo": "pyproject.nix", - "rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb", - "type": "github" - }, - "original": { - "owner": "davhau", - "ref": "dream2nix", - "repo": "pyproject.nix", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", "disko": "disko", "flake-parts": "flake-parts", "git-hooks": "git-hooks", - "nixops4": "nixops4", + "nixops4": [ + "nixops4-nixos", + "nixops4" + ], "nixops4-nixos": "nixops4-nixos", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" } }, "rust-overlay": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1738376888, - "narHash": "sha256-S6ErHxkSm0iA7ZMsjjDaASWxbELYcdfv8BhOkkj1rHw=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "83284068670d5ae4a43641c4afb150f3446be70d", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_2": { "inputs": { "nixpkgs": [ "nixops4-nixos", @@ -1266,30 +830,6 @@ } }, "slimlock": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "dream2nix", - "purescript-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1688756706, - "narHash": "sha256-xzkkMv3neJJJ89zo3o2ojp7nFeaZc2G0fYwNXNJRFlo=", - "owner": "thomashoneyman", - "repo": "slimlock", - "rev": "cf72723f59e2340d24881fd7bf61cb113b4c407c", - "type": "github" - }, - "original": { - "owner": "thomashoneyman", - "repo": "slimlock", - "type": "github" - } - }, - "slimlock_2": { "inputs": { "nixpkgs": [ "nixops4-nixos", @@ -1344,44 +884,7 @@ "type": "github" } }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "treefmt": { - "inputs": { - "nixpkgs": [ - "nixops4", - "nix-cargo-integration", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1738070913, - "narHash": "sha256-j6jC12vCFsTGDmY2u1H12lMr62fnclNjuCtAdF1a4Nk=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "bebf27d00f7d10ba75332a0541ac43676985dea3", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, - "treefmt_2": { "inputs": { "nixpkgs": [ "nixops4-nixos", diff --git a/flake.nix b/flake.nix index 9e0a719b..217b6108 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ disko.url = "github:nix-community/disko"; - nixops4.url = "github:nixops4/nixops4"; + nixops4.follows = "nixops4-nixos/nixops4"; nixops4-nixos.url = "github:nixops4/nixops4-nixos"; }; @@ -25,6 +25,7 @@ inputs.git-hooks.flakeModule inputs.nixops4.modules.flake.default + ./deployment/flake-part.nix ./infra/flake-part.nix ./services/flake-part.nix ];