{ self, inputs, lib, ... }: let inherit (lib) attrNames mkOption evalModules mapAttrs ; inherit (lib.attrsets) genAttrs; ## Given a machine's name, make a resource module, except for its missing ## provider. (Depending on the use of that resource, we will provide a ## different one.) makeResourceModule = vmName: { _module.args = { inherit inputs; }; imports = [ ./common/resource.nix (./. + "/${vmName}") ]; fediversityVm.name = vmName; }; ## Given a list of machine names, make a deployment with those machines' ## configurations as resources. makeDeployment = vmNames: { providers, ... }: { providers.local = inputs.nixops4.modules.nixops4Provider.local; resources = genAttrs vmNames (vmName: { type = providers.local.exec; imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos (makeResourceModule vmName) ]; }); }; makeDeployment' = vmName: makeDeployment [ vmName ]; ## Given an attrset of test configurations (key = test machine name, value = ## NixOS configuration module), make a deployment with those machines' ## configurations as resources. makeTestDeployment = vmConfigs: { providers, ... }: { providers.local = inputs.nixops4.modules.nixops4Provider.local; resources = mapAttrs (vmName: vmConfig: { type = providers.local.exec; imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos (makeResourceModule vmName) { nixos.module = vmConfig; } { nixos.module = self.nixosModules.fediversity; } ]; }) vmConfigs; }; nixops4ResourceNixosMockOptions = { ## NOTE: We allow the use of a few options from ## `inputs.nixops4-nixos.modules.nixops4Resource.nixos` such that we can ## reuse modules that make use of them. ## ## REVIEW: We can probably do much better and cleaner. On the other hand, ## this is only needed to expose NixOS configurations for provisioning ## purposes, and eventually all of this should be handled by NixOps4. options = { nixos.module = mkOption { }; # NOTE: not just `nixos` otherwise merging will go wrong nixpkgs = mkOption { }; ssh = mkOption { }; }; }; makeResourceConfig = vmName: (evalModules { modules = [ nixops4ResourceNixosMockOptions (makeResourceModule vmName) ]; }).config; ## Given a VM name, make a NixOS configuration for this machine. makeConfiguration = vmName: inputs.nixpkgs.lib.nixosSystem { modules = [ (makeResourceConfig vmName).nixos.module ]; }; makeVmOptions = vmName: { inherit ((makeResourceConfig vmName).fediversityVm) proxmox vmId sockets cores memory hostPublicKey unsafeHostPrivateKey ; }; machines = [ "vm02116" "vm02179" "vm02186" "vm02187" "fedi200" "fedi201" ]; testMachineConfigurations = let ## NOTE: All of these secrets are publicly available in this source file ## and will end up in the Nix store. We don't care as they are only ever ## used for testing anyway. mastodonS3KeyConfig = { pkgs, ... }: { s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK3515373e4c851ebaad366558"; s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34"; }; peertubeS3KeyConfig = { pkgs, ... }: { s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK1f9feea9960f6f95ff404c9b"; s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395"; }; pixelfedS3KeyConfig = { pkgs, ... }: { s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKb5615457d44214411e673b7b"; s3SecretKeyFile = pkgs.writeText "s3SecretKey" "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987"; }; in { test01 = { pkgs, ... }: { fediversity = { domain = "abundos.eu"; garage.enable = true; pixelfed = pixelfedS3KeyConfig { inherit pkgs; }; mastodon = mastodonS3KeyConfig { inherit pkgs; }; peertube = peertubeS3KeyConfig { inherit pkgs; }; }; }; test02 = { pkgs, ... }: { fediversity = { domain = "abundos.eu"; mastodon = mastodonS3KeyConfig { inherit pkgs; } // { enable = true; }; temp.cores = 1; # FIXME: should come from NixOps4 eventually }; }; test03 = { pkgs, ... }: { fediversity = { domain = "abundos.eu"; peertube = peertubeS3KeyConfig { inherit pkgs; } // { enable = true; ## NOTE: Only ever used for testing anyway. secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24"; }; }; }; test04 = { pkgs, ... }: { fediversity = { domain = "abundos.eu"; pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // { enable = true; }; }; }; }; in { flake.lib.makeInstallerIso = import ./makeInstallerIso.nix; ## - Each normal or test machine gets a NixOS configuration. ## - Each normal or test machine gets a VM options entry. ## - Each normal machine gets a deployment. ## - We add a “default” deployment with all normal machines. ## - We add a “test” deployment with all test machines. nixops4Deployments = genAttrs machines makeDeployment' // { default = makeDeployment machines; test = makeTestDeployment testMachineConfigurations; }; flake.nixosConfigurations = genAttrs ( machines ++ attrNames testMachineConfigurations ) makeConfiguration; flake.vmOptions = genAttrs (machines ++ attrNames testMachineConfigurations) makeVmOptions; }