forked from fediversity/fediversity
Compare commits
12 commits
cc85ec2fc5
...
5adaeb1420
| Author | SHA1 | Date | |
|---|---|---|---|
5adaeb1420
|
|||
|
f88a2af47b
|
|||
|
91149a080f
|
|||
|
623783588d
|
|||
| 5520fa721b | |||
| eabfc228c5 | |||
| 3f923532a2 | |||
| 37d4fc5a42 | |||
| c7b05bb473 | |||
| 5345860006 | |||
| fbb0806072 | |||
| b0848727fd |
6 changed files with 162 additions and 60 deletions
|
|
@ -15,8 +15,9 @@ jobs:
|
||||||
- name: Update pins
|
- name: Update pins
|
||||||
run: nix-shell --run "npins update"
|
run: nix-shell --run "npins update"
|
||||||
- name: Create PR
|
- name: Create PR
|
||||||
uses: peter-evans/create-pull-request@v7
|
uses: https://github.com/KiaraGrouwstra/gitea-create-pull-request@f9f80aa5134bc5c03c38f5aaa95053492885b397
|
||||||
with:
|
with:
|
||||||
|
remote-instance-api-version: v1
|
||||||
token: "${{ secrets.DEPLOY_KEY }}"
|
token: "${{ secrets.DEPLOY_KEY }}"
|
||||||
branch: npins-update
|
branch: npins-update
|
||||||
commit-message: "npins: update sources"
|
commit-message: "npins: update sources"
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,13 @@
|
||||||
let
|
let
|
||||||
inherit (import ../default.nix { }) pkgs;
|
inherit (import ../default.nix { }) pkgs inputs;
|
||||||
inherit (pkgs) lib;
|
inherit (pkgs) lib;
|
||||||
|
inherit (lib) mkOption;
|
||||||
eval =
|
eval =
|
||||||
module:
|
module:
|
||||||
(lib.evalModules {
|
(lib.evalModules {
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
modules = [
|
modules = [
|
||||||
module
|
module
|
||||||
./data-model.nix
|
./data-model.nix
|
||||||
|
|
@ -16,32 +20,51 @@ in
|
||||||
test-eval = {
|
test-eval = {
|
||||||
expr =
|
expr =
|
||||||
let
|
let
|
||||||
example = eval {
|
fediversity = eval (
|
||||||
runtime-environments.bar.nixos = {
|
{ config, ... }:
|
||||||
module =
|
{
|
||||||
{ ... }:
|
config = {
|
||||||
{
|
applications.hello =
|
||||||
system.stateVersion = "25.05";
|
{ ... }:
|
||||||
|
{
|
||||||
|
description = ''Command-line tool that will print "Hello, world!" on the terminal'';
|
||||||
|
module =
|
||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
enable = lib.mkEnableOption "Hello in the shell";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
implementation =
|
||||||
|
cfg:
|
||||||
|
lib.optionalAttrs cfg.enable {
|
||||||
|
dummy.login-shell.packages.hello = pkgs.hello;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
options = {
|
||||||
|
example-configuration = mkOption {
|
||||||
|
type = config.configuration;
|
||||||
|
readOnly = true;
|
||||||
|
default = {
|
||||||
|
enable = true;
|
||||||
|
applications.hello.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
applications.foo = {
|
}
|
||||||
module =
|
);
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
|
||||||
environment.systemPackages = [
|
|
||||||
pkgs.hello
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
has-runtime = lib.isAttrs example.runtime-environments.bar.nixos.module;
|
inherit (fediversity)
|
||||||
has-application = lib.isAttrs example.applications.foo.module;
|
example-configuration
|
||||||
|
;
|
||||||
};
|
};
|
||||||
expected = {
|
expected = {
|
||||||
has-runtime = true;
|
example-configuration = {
|
||||||
has-application = true;
|
enable = true;
|
||||||
|
applications.hello.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,45 +1,89 @@
|
||||||
{
|
{
|
||||||
lib,
|
lib,
|
||||||
|
config,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
inherit (lib) types mkOption;
|
inherit (lib) mkOption types;
|
||||||
|
inherit (lib.types)
|
||||||
|
attrsOf
|
||||||
|
attrTag
|
||||||
|
deferredModuleWith
|
||||||
|
submodule
|
||||||
|
optionType
|
||||||
|
functionTo
|
||||||
|
;
|
||||||
|
|
||||||
|
functionType = import ./function.nix;
|
||||||
|
application-resources = {
|
||||||
|
options.resources = mkOption {
|
||||||
|
# TODO: maybe transpose, and group the resources by type instead
|
||||||
|
type = attrsOf (
|
||||||
|
attrTag (lib.mapAttrs (_name: resource: mkOption { type = resource.request; }) config.resources)
|
||||||
|
);
|
||||||
|
};
|
||||||
|
};
|
||||||
in
|
in
|
||||||
with types;
|
|
||||||
{
|
{
|
||||||
_class = "nixops4Deployment";
|
_class = "nixops4Deployment";
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
runtime-environments = mkOption {
|
applications = mkOption {
|
||||||
description = "Collection of runtime environments into which applications can be deployed";
|
description = "Collection of Fediversity applications";
|
||||||
type = attrsOf (attrTag {
|
type = attrsOf (
|
||||||
nixos = mkOption {
|
submodule (application: {
|
||||||
description = "A single NixOS machine";
|
_class = "fediversity-application";
|
||||||
type = submodule {
|
options = {
|
||||||
options = {
|
description = mkOption {
|
||||||
module = mkOption {
|
description = "Description to be shown in the application overview";
|
||||||
description = "The NixOS module describing the base configuration for that machine";
|
type = types.str;
|
||||||
type = deferredModule;
|
};
|
||||||
|
module = mkOption {
|
||||||
|
description = "Operator-facing configuration options for the application";
|
||||||
|
type = deferredModuleWith { staticModules = [ { _class = "fediversity-application-config"; } ]; };
|
||||||
|
};
|
||||||
|
implementation = mkOption {
|
||||||
|
description = "Mapping of application configuration to deployment resources, a description of what an application needs to run";
|
||||||
|
type = application.config.config-mapping.function-type;
|
||||||
|
};
|
||||||
|
resources = mkOption {
|
||||||
|
description = "Compute resources required by an application";
|
||||||
|
type = functionTo application.config.config-mapping.output-type;
|
||||||
|
readOnly = true;
|
||||||
|
default = input: (application.config.implementation input).output;
|
||||||
|
};
|
||||||
|
config-mapping = mkOption {
|
||||||
|
description = "Function type for the mapping from application configuration to required resources";
|
||||||
|
type = submodule functionType;
|
||||||
|
readOnly = true;
|
||||||
|
default = {
|
||||||
|
input-type = application.config.module;
|
||||||
|
output-type = application-resources;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
})
|
||||||
});
|
);
|
||||||
};
|
};
|
||||||
applications = mkOption {
|
configuration = mkOption {
|
||||||
description = "Collection of Fediversity applications";
|
description = "Configuration type declaring options to be set by operators";
|
||||||
type = attrsOf (submoduleWith {
|
type = optionType;
|
||||||
modules = [
|
readOnly = true;
|
||||||
{
|
default = submodule {
|
||||||
options = {
|
options = {
|
||||||
module = mkOption {
|
enable = lib.mkEnableOption {
|
||||||
description = "The NixOS module for that application, for configuring that application";
|
description = "your Fediversity configuration";
|
||||||
type = deferredModule;
|
};
|
||||||
};
|
applications = lib.mapAttrs (
|
||||||
};
|
_name: application:
|
||||||
}
|
mkOption {
|
||||||
];
|
description = application.description;
|
||||||
});
|
type = submodule application.module;
|
||||||
|
default = { };
|
||||||
|
}
|
||||||
|
) config.applications;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
37
deployment/function.nix
Normal file
37
deployment/function.nix
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
/**
|
||||||
|
Modular function type
|
||||||
|
*/
|
||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
inherit (lib) mkOption types;
|
||||||
|
inherit (types)
|
||||||
|
deferredModule
|
||||||
|
submodule
|
||||||
|
functionTo
|
||||||
|
optionType
|
||||||
|
;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
input-type = mkOption {
|
||||||
|
type = deferredModule;
|
||||||
|
};
|
||||||
|
output-type = mkOption {
|
||||||
|
type = deferredModule;
|
||||||
|
};
|
||||||
|
function-type = mkOption {
|
||||||
|
type = optionType;
|
||||||
|
readOnly = true;
|
||||||
|
default = functionTo (submodule {
|
||||||
|
options = {
|
||||||
|
input = mkOption {
|
||||||
|
type = submodule config.input-type;
|
||||||
|
};
|
||||||
|
output = mkOption {
|
||||||
|
type = submodule config.output-type;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -202,11 +202,8 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.${name} = {
|
# needed to place a config file with home-manager
|
||||||
# TODO[Niols]: change to system user or document why we specifically
|
users.users.${name}.isNormalUser = true;
|
||||||
# need a normal user.
|
|
||||||
isNormalUser = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
users.groups.${name} = { };
|
users.groups.${name} = { };
|
||||||
systemd.services.${name} = {
|
systemd.services.${name} = {
|
||||||
|
|
|
||||||
|
|
@ -69,11 +69,11 @@ in
|
||||||
config = {
|
config = {
|
||||||
## FIXME: This should clearly go somewhere else; and we should have a
|
## FIXME: This should clearly go somewhere else; and we should have a
|
||||||
## `staging` vs. `production` setting somewhere.
|
## `staging` vs. `production` setting somewhere.
|
||||||
# use a priority higher than mkDefault for panel deployment to work,
|
security.acme = {
|
||||||
# yet lower than default so this will not clash with the setting in tests.
|
|
||||||
security.acme = lib.modules.mkOverride 900 {
|
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
defaults.email = "something@fediversity.net";
|
# use a priority more urgent than mkDefault for panel deployment to work,
|
||||||
|
# yet looser than default so this will not clash with the setting in tests.
|
||||||
|
defaults.email = lib.modules.mkOverride 200 "something@fediversity.net";
|
||||||
# defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
# defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue