{ system, host-mapping, ancilliary, sources ? import ../../npins, conf ? { }, ... }@args: let inherit (sources) nixpkgs; pkgs = import nixpkgs { inherit system; }; inherit (pkgs) lib; inherit (lib) types; inherit (pkgs.callPackage ../utils.nix { }) getSomeAttrs evalModel; caller = "deployment/fediversity/ssh-hosts.nix"; root-path = builtins.path { path = ../..; name = "root"; }; sshOpts = [ ]; username = "root"; key-file = null; apps = lib.attrNames host-mapping; nodes = lib.attrNames ancilliary ++ apps; hosts = ancilliary // host-mapping; resources = { "external".garage.enable = true; "fediversity".nixos-module = { }; "age".secrets = { }; } // lib.mapAttrs (_: host: { network = (import ../../machines/operator/${host}).fediversityVm; }) hosts; in evalModel ( { config, modulesPath, ... }: { imports = [ ./resources ./applications ./configurations.nix ../../infra/common/options.nix ]; options = { # get a typed reference to the app deployments to expose their `run` tags = lib.mkOption { type = types.attrsOf config.env-output; default = lib.genAttrs (nodes ++ [ "all" ]) ( app: config.environments.${app}.deployment { # these are the values used in recursion, i.e. those for ssh-host.nix configuration = config."default-configuration"; deployment-name = [ "tags" app ]; } ); }; operator = lib.mkOption { type = types.path; default = lib.getExe config.tags.all.deployments.ssh-hosts.run; }; } // lib.genAttrs nodes ( app: lib.mkOption { type = types.path; default = lib.getExe config.tags.${app}.deployments.ssh-host.run; } ); config = lib.mkMerge [ { environments = { "all" = { ... }: { implementation = { ... }: { deployments.ssh-hosts = { inherit system root-path caller args ; nodes = lib.lists.map (app: { # the separate invocations' `nixos-configuration` doubles to expose that both here and to their and this recursion inherit (config.tags.${app}.deployments.ssh-host) nixos-configuration ssh; deployment-name = [ "tags" app ]; }) nodes; }; }; }; } // lib.mapAttrs (app: host: environment: { inherit resources; implementation = { required-resources, deployment-name, ... }: let relevant-resources = getSomeAttrs [ app ] required-resources; garage = environment.config.resources."external".garage.process relevant-resources; in { ancilliaryRequests.garage = garage.garageSide; # try and use `ssh-host` since as of writing there is no plural variant deployments.ssh-host = { inherit system root-path deployment-name caller args ; ssh = { inherit sshOpts username key-file; host = "${host}.abundos.eu"; }; nixos-configuration = { imports = [ ../../infra/common/nixos "${sources.disko}/module.nix" "${modulesPath}/profiles/qemu-guest.nix" (environment.config.resources.${app}.network.process relevant-resources) (environment.config.resources."age".secrets.process relevant-resources) ] ++ (environment.config.resources."fediversity".nixos-module.process relevant-resources) ++ garage.applicationSide ++ (lib.optionals (app == "garage") ( [ garage.mainConfig ] ++ lib.concatMap (app': config.tags.${app'}.ancilliaryRequests.garage) apps )); }; }; }; }) hosts; } conf # splice global config into apps using it { default-configuration.applications.pixelfed = { inherit (conf.default-configuration) initialUser; }; } ]; } )