ensure bare-metal fileSystems override default, resolves definition conflict on nixops4 apply forgejo-ci

resolve regressions from recent qemu files
- move import to match module classes - manually import sources to resolve infinite recursion
2025-07-05 21:29:23 +02:00 · 2025-07-05 21:29:23 +02:00 · 2025-07-05 21:29:12 +02:00 · 2025-07-04 19:30:18 +02:00 · 2025-07-04 15:45:17 +02:00
4 changed files with 25 additions and 6 deletions
--- a/infra/common/proxmox-qemu-vm.nix
+++ b/infra/common/proxmox-qemu-vm.nix
@ -1,9 +1,13 @@
-{ modulesPath, ... }:
+let
-
+  # pulling this in manually over from module args resolves an infinite recursion
  sources = import ../../npins;
 in
 {
  _class = "nixos";
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  imports = [
    "${sources.nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
  ];
  boot = {
    initrd = {
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -33,6 +33,10 @@ let
          ;
      };
      nixos.module.imports = [
        ./common/proxmox-qemu-vm.nix
      ];
      imports =
        [
          ./common/resource.nix
@ -40,7 +44,6 @@ let
        ++ (
          if isTestVm then
            [
              ./common/proxmox-qemu-vm.nix
              ../machines/operator/${vmName}
              {
                nixos.module.users.users.root.openssh.authorizedKeys.keys = [
--- a/machines/dev/forgejo-ci/default.nix
+++ b/machines/dev/forgejo-ci/default.nix
@ -48,7 +48,7 @@ in
      };
      ## NOTE: This is a physical machine, so is not covered by disko
-      fileSystems."/" = {
+      fileSystems."/" = lib.mkForce {
        device = "rpool/root";
        fsType = "zfs";
      };
@ -58,7 +58,7 @@ in
        fsType = "zfs";
      };
-      fileSystems."/boot" = {
+      fileSystems."/boot" = lib.mkForce {
        device = "/dev/disk/by-uuid/50B2-DD3F";
        fsType = "vfat";
        options = [
--- a/services/fediversity/default.nix
+++ b/services/fediversity/default.nix
@ -65,4 +65,16 @@ in
      };
    };
  };
  config = {
    ## FIXME: This should clearly go somewhere else; and we should have a
    ## `staging` vs. `production` setting somewhere.
    # use a priority higher than mkDefault for panel deployment to work,
    # yet lower than default so this will not clash with the setting in tests.
    security.acme = lib.modules.defaultOverridePriority {
      acceptTerms = true;
      defaults.email = "something@fediversity.net";
      # defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
    };
  };
 }
Author	SHA1	Message	Date
Kiara Grouwstra	9b5de67b8e	ensure bare-metal `fileSystems` override default, resolves definition conflict on `nixops4 apply forgejo-ci`	2025-07-05 21:29:23 +02:00
Kiara Grouwstra	d9f2d942b2	resolve regressions from recent qemu files - move import to match module classes - manually import sources to resolve infinite recursion	2025-07-05 21:29:23 +02:00
Kiara Grouwstra	baaa990513	use defaultOverridePriority over mkDefault to fix acme error without cashing with settings from tests	2025-07-05 21:29:12 +02:00
Kiara Grouwstra	433d0dc278	use mkDefault to prevent acme clash in tests	2025-07-04 19:30:18 +02:00
Kiara Grouwstra	fb376b4684	reinstate acme settings needed by applications	2025-07-04 15:45:17 +02:00