forked from fediversity/fediversity
156 lines
4.9 KiB
Nix
156 lines
4.9 KiB
Nix
{
|
|
system,
|
|
host-mapping,
|
|
ancilliary,
|
|
sources ? import ../../npins,
|
|
conf ? { },
|
|
key-file ? null,
|
|
...
|
|
}@args:
|
|
let
|
|
inherit (sources) nixpkgs;
|
|
pkgs = import nixpkgs { inherit system; };
|
|
inherit (pkgs) lib;
|
|
inherit (lib) types;
|
|
inherit (pkgs.callPackage ../utils.nix { }) getSomeAttrs evalModel;
|
|
caller = "deployment/fediversity/ssh-hosts.nix";
|
|
root-path = builtins.path {
|
|
path = ../..;
|
|
name = "root";
|
|
};
|
|
sshOpts = [ ];
|
|
username = "root";
|
|
apps = lib.attrNames host-mapping;
|
|
nodes = lib.attrNames ancilliary ++ apps;
|
|
hosts = ancilliary // host-mapping;
|
|
resources =
|
|
{
|
|
"external".garage.enable = true;
|
|
"fediversity".nixos-module = { };
|
|
"age".secrets = { };
|
|
}
|
|
// lib.mapAttrs (_: host: {
|
|
network = (import ../../machines/operator/${host}).fediversityVm;
|
|
}) hosts;
|
|
in
|
|
evalModel (
|
|
{ config, modulesPath, ... }:
|
|
{
|
|
imports = [
|
|
./resources
|
|
./applications
|
|
./configurations.nix
|
|
../../infra/common/options.nix
|
|
];
|
|
options =
|
|
{
|
|
# get a typed reference to the app deployments to expose their `run`
|
|
tags = lib.mkOption {
|
|
type = types.attrsOf config.env-output;
|
|
default = lib.genAttrs (nodes ++ [ "all" ]) (
|
|
app:
|
|
config.environments.${app}.deployment {
|
|
# these are the values used in recursion, i.e. those for ssh-host.nix
|
|
configuration = config."default-configuration";
|
|
deployment-name = [
|
|
"tags"
|
|
app
|
|
];
|
|
}
|
|
);
|
|
};
|
|
operator = lib.mkOption {
|
|
type = types.path;
|
|
default = lib.getExe config.tags.all.deployments.ssh-hosts.run;
|
|
};
|
|
}
|
|
// lib.genAttrs nodes (
|
|
app:
|
|
lib.mkOption {
|
|
type = types.path;
|
|
default = lib.getExe config.tags.${app}.deployments.ssh-host.run;
|
|
}
|
|
);
|
|
config = lib.mkMerge [
|
|
{
|
|
environments =
|
|
{
|
|
"all" =
|
|
{ ... }:
|
|
{
|
|
implementation =
|
|
{ ... }:
|
|
{
|
|
deployments.ssh-hosts = {
|
|
inherit
|
|
system
|
|
root-path
|
|
caller
|
|
args
|
|
;
|
|
nodes = lib.lists.map (app: {
|
|
# the separate invocations' `nixos-configuration` doubles to expose that both here and to their and this recursion
|
|
inherit (config.tags.${app}.deployments.ssh-host) nixos-configuration ssh;
|
|
deployment-name = [
|
|
"tags"
|
|
app
|
|
];
|
|
}) nodes;
|
|
};
|
|
};
|
|
};
|
|
}
|
|
// lib.mapAttrs (app: host: environment: {
|
|
inherit resources;
|
|
implementation =
|
|
{
|
|
required-resources,
|
|
deployment-name,
|
|
...
|
|
}:
|
|
let
|
|
relevant-resources = getSomeAttrs [ app ] required-resources;
|
|
garage = environment.config.resources."external".garage.process relevant-resources;
|
|
in
|
|
{
|
|
ancilliaryRequests.garage = garage.garageSide;
|
|
# try and use `ssh-host` since as of writing there is no plural variant
|
|
deployments.ssh-host = {
|
|
inherit
|
|
system
|
|
root-path
|
|
deployment-name
|
|
caller
|
|
args
|
|
;
|
|
ssh = {
|
|
inherit sshOpts username key-file;
|
|
host = "${host}.abundos.eu";
|
|
};
|
|
nixos-configuration = {
|
|
imports =
|
|
[
|
|
../../infra/common/nixos
|
|
"${sources.disko}/module.nix"
|
|
"${modulesPath}/profiles/qemu-guest.nix"
|
|
(environment.config.resources.${app}.network.process relevant-resources)
|
|
(environment.config.resources."age".secrets.process relevant-resources)
|
|
]
|
|
++ (environment.config.resources."fediversity".nixos-module.process relevant-resources)
|
|
++ garage.applicationSide
|
|
++ (lib.optionals (app == "garage") (
|
|
[ garage.mainConfig ] ++ lib.concatMap (app': config.tags.${app'}.ancilliaryRequests.garage) apps
|
|
));
|
|
};
|
|
};
|
|
};
|
|
}) hosts;
|
|
}
|
|
conf
|
|
# splice global config into apps using it
|
|
{
|
|
default-configuration.applications.pixelfed = { inherit (conf.default-configuration) initialUser; };
|
|
}
|
|
];
|
|
}
|
|
)
|