closes#93.
note that this includes classes:
- `nixos`
- `nixosTest`
- `nixops4Resource`
- `nixops4Deployment`
.. and my (made-up, as per the [docs](https://ryantm.github.io/nixpkgs/module-system/module-system/#module-system-lib-evalModules-param-class)):
- `nix-unit`
- `package`
.. while i did not manage to cover:
- service tests, given `pkgs.nixosTest` seemed to not actually like `_class = "nixosTest"` (?!)
... nor #93's mentioned destructured arguments for that matter, as per Fediversity/Fediversity#93 (comment) - let me know if that is still desired as well.
Reviewed-on: Fediversity/Fediversity#398
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
Closes#277
Same as #329 but where we run the FediPanel and interact with it via a browser
instead of running NixOps4 directly.
Reviewed-on: Fediversity/Fediversity#361
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Last part of #361.
Builds on top of #375.
Reviewed-on: Fediversity/Fediversity#376
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
- simplify the configuration module
the `package` attribute makes little sense to be user-configurable,
since it will always need to be the derivation defined in this very
repository. for debugging one may as well change the original code itself.
- unbreak deployment
setting `CREDENTIALS_DIRECTORY` disabled the systemd mechanism set up
in the configuration module.
- remove unneeded configuration for deployment
- unbreak integration tests
before that missed waiting for the service to create some
state before running the application-level tests.
This setup is greatly inspired by the one used for [0], although with
notable modifications, such as:
- a SASS preprocessor and CSS compressor
- more streamlined NixOS integration tests
- cleaned up service configuration
- a few notes on how to do things better in the future
[0]: https://github.com/Nix-Security-WG/nix-security-tracker/
Apart from cloning the Nix setup, there were additional steps:
- Create an empty `src` directory, since the package requires it
- In the development shell, run `django-admin startproject panel src`
Note that while you can already do
```bash
manage migrate
manage runserver
```
the NixOS integration tests will fail, since `settings.py` needs
careful massaging to expose knobs that can be turned from our systemd
wrapper. The required changes are introduced in the next commit to make
them observable.
Noteworthy related work:
- https://github.com/sephii/django.nix
Rather mature setup with a clean interface, uses Caddy as reverse proxy.
- https://git.dgnum.eu/mdebray/djangonix
A work-in-progress attempt to capture more moving parts through the
module system, in particular secrets.
- https://github.com/DavHau/django-nixos
Out of date and somewhat simplistic, but serves as a reasonable
example for what can be done
I chose the variant I'm intimately familiar with in order to be able to
pass on knowledge or help with maintenance. But for the future
I strongly recommend picking the good bits from the other
implementations that control complexity in static configuration parts
through Nix expressions.
