kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity
857 commits 107 branches 0 tags 49 MiB
Commit graph

36 commits

Author SHA1 Message Date
Valentin Gagarin
e62f14d9be expose panel tests in flake 2025-07-15 08:54:48 +02:00
Kiara Grouwstra
82f83eea0d fix mastodon test (#457) 
closes #34.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Reviewed-on: Fediversity/Fediversity#457
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-15 08:54:20 +02:00
Nicolas “Niols” Jeannerod
1d40dcfc0e Grab git-hooks from npins (#448) 
This PR builds on top of #447 and will be subject to the same discussion. Let's discuss there whether it makes sense to get rid of the `flake-parts` and `git-hooks` flake inputs.

Reviewed-on: Fediversity/Fediversity#448
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 13:21:48 +02:00
Nicolas “Niols” Jeannerod
48c6a1f22b Extract mkFlake to own file - get flake-parts from npins (#447) 
The goal is to contain the “`mkFlake` hack” to a file that we can heavily document but otherwise ignore. This also will allow me to reuse it in the “flake under test” of the deployment tests.

Reviewed-on: Fediversity/Fediversity#447
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 10:12:47 +02:00
Kiara Grouwstra
a791ad41ec Inject sources, secrets and keys via module system - avoid import ../ (#421) 
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#421
Reviewed-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-01 21:08:15 +02:00
Kiara Grouwstra
fd1d55df5f
move shell from flake 2025-07-01 10:22:58 +02:00
Kiara Grouwstra
ae444d5352 simplify imports (#415) 
Reviewed-on: Fediversity/Fediversity#415
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-06-27 14:01:41 +02:00
Valentin Gagarin
1b832c1f5b bypass native flake input for Nixpkgs (#374) 
@Niols the sheer amount of hassle and noise indicates that it may be better to first split out a `flake.nix` just for the tests. And all this clutter doesn't even explain yet *why* we thought it needs to be there.

closes #279.

Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#374
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-committed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
 2025-06-12 13:05:11 +02:00
Kiara Grouwstra
f4ebf55a15
unify versioning (minus around nixops, for now) 2025-05-01 13:24:45 +02:00
Nicolas “Niols” Jeannerod
f5db62e053 Add a basic integration test (#323) 
This PR adds a basic deployment test to the repository. This test will, in a NixOS test, run a deployer VM and a target VM, and check that we manage to run `nixops4 apply` on the deployer VM to change things on the target VM. The ideas are all @roberth's and this test has been extremely heavily inspired by https://github.com/nixops4/nixops4-nixos/blob/main/test/default/nixosTest.nix.

Reviewed-on: Fediversity/Fediversity#323
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-04-30 15:03:36 +02:00
Kiara Grouwstra
53658e9880
trigger nixops from panel 
adds a deploy button to the panel form - covers the local part of #76.

As a workaround to pass info (from our user form) into nixops4 uses
environment variable `DEPLOYMENT` thru nix's
`--extra-experimental-features configurable-impure-env`.
 2025-03-19 09:51:23 +01:00
Nicolas “Niols” Jeannerod
34476bf93b
Add jq to the environment 2025-02-27 16:45:11 +01:00
Nicolas “Niols” Jeannerod
ed98d21513
Add ShellCheck to pre-commits (and therefore CI) 2025-02-25 17:10:25 +01:00
Nicolas “Niols” Jeannerod
44a69fb376
Clean up pre-commit opt-out mechanism 2025-02-25 17:10:25 +01:00
Nicolas “Niols” Jeannerod
3f9c174d97
Get rid of the deployment/ directory 2025-02-25 11:57:20 +01:00
Kiara Grouwstra
e166d9b522 dev shell: add deployment dependency httpie (#164) 
Reviewed-on: Fediversity/Fediversity#164
Reviewed-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-02-20 12:45:00 +01:00
Nicolas “Niols” Jeannerod
57d53a1d22 Make trim-trailing-whitespace hook apply everywhere 2025-02-19 23:08:19 +01:00
Nicolas “Niols” Jeannerod
142af8d0ee Make pre-commits opt-out instead of opt-in 2025-02-19 23:08:19 +01:00
Nicolas “Niols” Jeannerod
3ec09b491d matrix: opt-in to pre-commits 2025-02-19 23:08:19 +01:00
Nicolas “Niols” Jeannerod
01de49d096 website: opt-in to pre-commits 2025-02-19 23:08:19 +01:00
Valentin Gagarin
7c33e8aaf3 scaffold Django web service 
This setup is greatly inspired by the one used for [0], although with
notable modifications, such as:
- a SASS preprocessor and CSS compressor
- more streamlined NixOS integration tests
- cleaned up service configuration
- a few notes on how to do things better in the future

[0]: https://github.com/Nix-Security-WG/nix-security-tracker/

Apart from cloning the Nix setup, there were additional steps:
- Create an empty `src` directory, since the package requires it
- In the development shell, run `django-admin startproject panel src`

Note that while you can already do

```bash
manage migrate
manage runserver
```

the NixOS integration tests will fail, since `settings.py` needs
careful massaging to expose knobs that can be turned from our systemd
wrapper. The required changes are introduced in the next commit to make
them observable.

Noteworthy related work:

- https://github.com/sephii/django.nix

  Rather mature setup with a clean interface, uses Caddy as reverse proxy.

- https://git.dgnum.eu/mdebray/djangonix

  A work-in-progress attempt to capture more moving parts through the
  module system, in particular secrets.

- https://github.com/DavHau/django-nixos

  Out of date and somewhat simplistic, but serves as a reasonable
  example for what can be done

I chose the variant I'm intimately familiar with in order to be able to
pass on knowledge or help with maintenance. But for the future
I strongly recommend picking the good bits from the other
implementations that control complexity in static configuration parts
through Nix expressions.
 2025-02-13 00:26:28 +01:00
Nicolas “Niols” Jeannerod
ba97ed26d0
Get rid of useless self and providers arguments 2025-01-31 16:34:21 +01:00
Nicolas “Niols” Jeannerod
564938e52d
Clean up handling of secrets in infra 2025-01-31 16:29:31 +01:00
Nicolas “Niols” Jeannerod
1d05993127
Bump NixOps4 
in particular, follow the split of `nixops4-nixos` to its own
repository.
 2025-01-31 14:11:46 +01:00
Nicolas “Niols” Jeannerod
109284b98b
Expose keys and secrets in the global flake 2024-12-13 00:26:43 +01:00
Nicolas “Niols” Jeannerod
7908affaab
Keys in separate files in own directory 2024-12-13 00:26:43 +01:00
Nicolas “Niols” Jeannerod
5771c14249
Set up a first secret 2024-12-12 12:38:20 +01:00
Nicolas “Niols” Jeannerod
ed26839078
Add Agenix to the environment 2024-12-12 12:38:19 +01:00
Nicolas “Niols” Jeannerod
243ff8f070
Bump nixpkgs to 24.11 2024-11-26 13:00:00 +01:00
Nicolas “Niols” Jeannerod
8ad1457763
Enable trimming of trailing whitespace as a pre-commit hook 2024-11-20 13:07:03 +01:00
Nicolas “Niols” Jeannerod
18b03924ad Format and clean dead code in infra/ (#12) 
Reviewed-on: Fediversity/Fediversity#12
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2024-11-18 12:09:30 +01:00
Nicolas “Niols” Jeannerod
40ec7e9c8c
Make a NixOps4 deployment for action runners 2024-11-18 10:56:38 +01:00
Nicolas “Niols” Jeannerod
435d9c861a
Integrate deployment as a flake part 2024-11-14 18:07:12 +01:00
Nicolas “Niols” Jeannerod
fc2acc13d8
Integrate services as a flake part 2024-11-14 18:07:11 +01:00
Nicolas “Niols” Jeannerod
a888540580
Opt-in to formatting for the services/ subdirectory 2024-11-14 17:50:17 +01:00
Nicolas “Niols” Jeannerod
e51fca5f0e
Basic flake with pre-commit hooks 2024-11-14 17:50:17 +01:00