Commit graph

816 commits

Author SHA1 Message Date
8cf73404fb
add classes
note: resource policy has remained as to use `deferredModuleWith`
(rather than `submoduleWith`) to ensure evaluation will go thru.
2025-07-31 16:50:36 +02:00
0599a33916 fix deployment evaluation 2025-07-28 17:19:34 +02:00
312ca7a48b fix resource mapping for the shell application 2025-07-28 13:36:08 +02:00
8c571c2dbe WIP: get past dumb type error 2025-07-25 12:03:58 +02:00
a102ad93b7 test that login-shell resource is mapped by hello application 2025-07-25 11:53:24 +02:00
89b22df3a4 WIP(broken, infinite recursion): apply application config 2025-07-24 20:08:29 +02:00
b49e426ed4 test application config 2025-07-24 19:26:05 +02:00
421d7b6f93 generalize function type to take types 2025-07-24 18:59:19 +02:00
bf488f89e1 readability 2025-07-22 12:43:32 +02:00
7066b2cb69 use mapAttrs right, again 2025-07-22 12:42:08 +02:00
243ef4425b WIP: more type-safe policy application 2025-07-22 12:38:50 +02:00
0f7da57392 use submodule to turn module into type for functionTo 2025-07-22 10:57:32 +02:00
bb93d2d0de use mapAttrs right
`mapAttrs'` takes two args rather than a set, whereas if only the val
changes `mapAttrs (_: v: ...)` should do
2025-07-22 10:54:43 +02:00
b25ddac298 fix typos, lint, format 2025-07-22 10:54:27 +02:00
ba047997f2 WIP: illustrate an entire NixOS configuration as a resource 2025-07-03 13:08:14 +02:00
0c592d81f3 WIP: (broken) implement test 2025-07-02 03:39:36 +02:00
f8d1be9f6e WIP: implement mappings 2025-07-02 01:20:35 +02:00
7a667c7517 WIP: start writing an evaluation test
turns out we also need a collection of configurations, obviously
next: figure out where to wire everything up to obtain a deployment
2025-07-01 23:59:16 +02:00
5c97e35970 WIP: add missing types 2025-07-01 22:07:42 +02:00
3ec853a32a WIP: implement data model as in diagram
this doesn't update the tests yet because we don't have all the data
types in place anyway yet, and I still need to come up with testable examples.
2025-07-01 17:55:46 +02:00
c764c0f7b6
better reflect naming from diagram configuration data flow 2025-06-30 14:20:21 +02:00
34529a7de4
data model: migration 2025-06-23 19:22:47 +02:00
6c2022d064
data model: deployment 2025-06-23 16:35:11 +02:00
f51462afc9
data model: runtime environment
allows declaring options so instantiations may configure required
settings
2025-06-23 16:35:04 +02:00
fefcd93bc1
grant run-time environments their own modules with their own description 2025-06-23 11:25:18 +02:00
c1f3aa6aed
have run-time environments use their corresponding run-time configurations 2025-06-23 09:34:59 +02:00
8b2ee21dbe
data model: add run-time configuration 2025-06-23 09:06:52 +02:00
486b316885 run updater natively (#394)
see Fediversity/Fediversity#65 (comment).

closes #65.

Reviewed-on: Fediversity/Fediversity#394
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-20 09:41:38 +02:00
611c961dcf separate test declarations from invocations (#396)
see Fediversity/Fediversity#395 (comment)

Reviewed-on: Fediversity/Fediversity#396
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-19 18:11:08 +02:00
d67f533948 fix running nixops4 apply test (#391)
Closes #390

Reviewed-on: Fediversity/Fediversity#391
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-committed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2025-06-19 08:26:20 +02:00
bd1cfd7a7c Introduce test for deploying all services via FediPanel (#361)
Closes #277

Same as #329 but where we run the FediPanel and interact with it via a browser
instead of running NixOps4 directly.

Reviewed-on: Fediversity/Fediversity#361
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-06-18 12:37:47 +02:00
939f9d961d add data model entity: application (#387)
part of #103.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Reviewed-on: Fediversity/Fediversity#387
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-17 17:11:52 +02:00
4801433ae0 Get rid of the need for deployer.pub (#385)
The tests still work because we manually write the deployer's public key in `/root/.ssh/authorized_keys` on the target machines. In itself, however, the configuration that we push does not allow the deployer to push anything on the target machines.

Context: Fediversity/Fediversity#361 (comment)
Reviewed-on: Fediversity/Fediversity#385
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-06-17 16:34:29 +02:00
3a3a083793 FediPanel: allow configuring flake and deployment (#376)
Last part of #361.

Builds on top of #375.

Reviewed-on: Fediversity/Fediversity#376
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-06-15 16:55:19 +02:00
ace56e754e FediPanel: do not call nix develop (#375)
Yet another piece of #361.

Reviewed-on: Fediversity/Fediversity#375
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-06-15 15:06:23 +02:00
dbb4ce67fc move machines to reflect a semantic structure (#367)
later we may want to distinguish dev vs host as well, tho eventually we expect not to have hard-coded machines anyway.

split off from #319.

Reviewed-on: Fediversity/Fediversity#367
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-15 15:01:56 +02:00
5a514b96e9 use deployed environment for launching nixops4 from the panel 2025-06-13 16:39:34 +02:00
1b832c1f5b bypass native flake input for Nixpkgs (#374)
@Niols the sheer amount of hassle and noise indicates that it may be better to first split out a `flake.nix` just for the tests. And all this clutter doesn't even explain yet *why* we thought it needs to be there.

closes #279.

Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#374
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-committed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2025-06-12 13:05:11 +02:00
69b2e535fe Document nullable fields sanitation (#365)
Reviewed-on: Fediversity/Fediversity#365
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-06-10 11:57:01 +02:00
09119803e8 Deployment: handle nullable config fields
This is quite frustrating. In the meantime, it does get the deployment
working again.
2025-06-06 11:50:48 +02:00
4dd1491e71 FediPanel: fix deployment status
also remove unused `dummy_user`
2025-06-06 11:02:40 +02:00
2f55e1512a FediPanel: bump nginx timeout to an hour 2025-06-06 10:57:19 +02:00
b59f8a4183 simplify login tests (#352)
don't go through template generation but use underlying the tag
implementation directly

Co-authored-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#352
2025-06-06 10:56:34 +02:00
56b953526b Deployment tests: Check status of services before deploying 2025-06-06 10:54:06 +02:00
1f8677e83d FediPanel: better logging of NixOps4 2025-06-06 10:53:22 +02:00
2fae356d0a Deployment tests: also make acmeNodeIP available in NixOS test 2025-06-06 10:52:49 +02:00
046f7c5998 Deployment tests: comment on Pebble's certificate 2025-06-06 10:52:18 +02:00
69579fea1c expose JSON schema for inspection (#351)
intending to document more about how our schemas work, i found our code currently buries this somewhere in `/nix/store`.
this change exposes that generated file in the project structure as well, facilitating inspection of our data schema in this more generic format.

Reviewed-on: Fediversity/Fediversity#351
Reviewed-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-04 19:15:26 +02:00
afc7ad2b88 add to the glossary as per ZHF session (#340)
points of attention (compared to ZHF pad):

- nouns vs verbs (feel free to improve!)
- some phrasing differences
  - changed services to applications
  - unified host to runtime environment as per diagram
- distinguish actors using rounded corners

Reviewed-on: Fediversity/Fediversity#340
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2025-06-02 11:43:31 +02:00
ac66b9d3c6 automate dependency updates using update-npins (#343)
use [update-npins](https://github.com/getchoo/update-npins) to automate dependency updates.

alternative renovatebot seemed to mostly support flakes so far, while it mostly seemed better at showing what packages got updated to which version. i figured that seemed not worth fixing for now, so settled for update-npins.

not sure how to test before merge, but i added the deploy token (with write rights) and exposed it as the referenced secret.

closes #65.

Reviewed-on: Fediversity/Fediversity#343
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-06-01 16:00:10 +02:00