Generalise test deployment; get config from JSON

deployment/default.nix

@@ -0,0 +1,155 @@
+## `makeMakeDeployment` -- Function to help hosting providers make a
+## `makeDeployment` function.
+##
+## https://factoryfactoryfactory.net/
+
+## Generic utilities used in this function, eg. nixpkgs, NixOps4 providers, etc.
+## REVIEW: We should maybe be more specific than just `inputs`.
+{
+  lib,
+  nixops4,
+  nixops4-nixos,
+  fediversity,
+}:
+
+## Information on the hosting provider's infrastructure. This is where we inform
+## this function of where it can find eg. Proxmox.
+{
+  ## Four NixOS configuration resource modules for four services. Those are VMs
+  ## that are already deployed and on which we will push our configurations.
+  ##
+  ## - Ultimately, we just want a pool of VMs, or even just a Proxmox.
+  ## - Each machine is flagged for a certain use case until we control DNS.
+  garageResourceModule,
+  mastodonResourceModule,
+  peertubeResourceModule,
+  pixelfedResourceModule,
+}:
+
+## From the hosting provider's perspective, the function is meant to be
+## partially applied only until here.
+
+## Information on the specific deployment that we request. This is the
+## information that will come from the FediPanel.
+{
+  domain,
+  enableMastodon,
+  enablePeertube,
+  enablePixelfed,
+}:
+
+let
+  inherit (lib) mkMerge mkIf;
+
+in
+
+## Regular arguments of a NixOps4 deployment module.
+{ providers, ... }:
+
+{
+  providers = { inherit (nixops4.modules.nixops4Provider) local; };
+
+  resources =
+    let
+      ## NOTE: All of these secrets are publicly available in this source file
+      ## and will end up in the Nix store. We don't care as they are only ever
+      ## used for testing anyway.
+      ##
+      ## FIXME: Generate and store in NixOps4's state.
+      mastodonS3KeyConfig =
+        { pkgs, ... }:
+        {
+          s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK3515373e4c851ebaad366558";
+          s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34";
+        };
+      peertubeS3KeyConfig =
+        { pkgs, ... }:
+        {
+          s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK1f9feea9960f6f95ff404c9b";
+          s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395";
+        };
+      pixelfedS3KeyConfig =
+        { pkgs, ... }:
+        {
+          s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKb5615457d44214411e673b7b";
+          s3SecretKeyFile = pkgs.writeText "s3SecretKey" "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987";
+        };
+
+      makeConfigurationResource = resourceModule: config: {
+        type = providers.local.exec;
+        imports = [
+          nixops4-nixos.modules.nixops4Resource.nixos
+          resourceModule
+          { nixos.module = config; }
+          { nixos.module = fediversity; }
+        ];
+      };
+
+    in
+
+    mkMerge [
+
+      (mkIf (enableMastodon || enablePeertube || enablePixelfed) {
+        garage-config = makeConfigurationResource garageResourceModule (
+          { pkgs, ... }:
+          {
+            fediversity = {
+              inherit domain;
+              garage.enable = true;
+              pixelfed = pixelfedS3KeyConfig { inherit pkgs; };
+              mastodon = mastodonS3KeyConfig { inherit pkgs; };
+              peertube = peertubeS3KeyConfig { inherit pkgs; };
+            };
+          }
+        );
+      })
+
+      (mkIf enableMastodon {
+        mastodon-config = makeConfigurationResource mastodonResourceModule (
+          { pkgs, ... }:
+          {
+            fediversity = {
+              inherit domain;
+              mastodon = mastodonS3KeyConfig { inherit pkgs; } // {
+                enable = true;
+              };
+
+              temp.cores = 1; # FIXME: should come from NixOps4 eventually
+            };
+          }
+        );
+      })
+
+      (mkIf enablePeertube {
+        peertube-config = makeConfigurationResource peertubeResourceModule (
+          { pkgs, ... }:
+          {
+            fediversity = {
+              inherit domain;
+              peertube = peertubeS3KeyConfig { inherit pkgs; } // {
+                enable = true;
+                ## NOTE: Only ever used for testing anyway.
+                ##
+                ## FIXME: Generate and store in NixOps4's state.
+                secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24";
+              };
+            };
+          }
+        );
+      })
+
+      (mkIf enablePixelfed {
+        pixelfed-config = makeConfigurationResource pixelfedResourceModule (
+          { pkgs, ... }:
+          {
+            fediversity = {
+              inherit domain;
+              pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // {
+                enable = true;
+              };
+            };
+          }
+        );
+      })
+    ];
+}

infra/flake-part.nix

@@ -6,12 +6,12 @@
 }:
 
 let
-  inherit (builtins) readDir;
+  inherit (builtins) readDir readFile fromJSON;
   inherit (lib)
     attrNames
     mkOption
     evalModules
-    mapAttrs
+    filterAttrs
     ;
   inherit (lib.attrsets) genAttrs;
 
@@ -53,23 +53,30 @@ let
   ## NixOS configuration module), make a deployment with those machines'
   ## configurations as resources.
   makeTestDeployment =
-    vmConfigs:
-    { providers, ... }:
-    {
-      providers.local = inputs.nixops4.modules.nixops4Provider.local;
-      resources = mapAttrs (vmName: vmConfig: {
-        type = providers.local.exec;
-        imports = [
-          inputs.nixops4-nixos.modules.nixops4Resource.nixos
-          (makeResourceModule {
-            inherit vmName;
-            isTestVm = false;
-          })
-          { nixos.module = vmConfig; }
-          { nixos.module = self.nixosModules.fediversity; }
-        ];
-      }) vmConfigs;
-    };
+    (import ../deployment)
+      {
+        inherit lib;
+        inherit (inputs) nixops4 nixops4-nixos;
+        inherit (self.nixosModules) fediversity;
+      }
+      {
+        garageResourceModule = makeResourceModule {
+          vmName = "test01";
+          isTestVm = true;
+        };
+        mastodonResourceModule = makeResourceModule {
+          vmName = "test02";
+          isTestVm = true;
+        };
+        peertubeResourceModule = makeResourceModule {
+          vmName = "test03";
+          isTestVm = true;
+        };
+        pixelfedResourceModule = makeResourceModule {
+          vmName = "test04";
+          isTestVm = true;
+        };
+      };
 
   nixops4ResourceNixosMockOptions = {
     ## NOTE: We allow the use of a few options from
@@ -116,8 +123,10 @@ let
       ;
   };
 
-  machines = attrNames (readDir ./machines);
-  testMachineConfigurations = import ./test-machines/configuration.nix;
+  listSubdirectories = path: attrNames (filterAttrs (_: type: type == "directory") (readDir path));
+
+  machines = listSubdirectories ./machines;
+  testMachines = listSubdirectories ./test-machines;
 
 in
 {
@@ -130,12 +139,12 @@ in
   ## - We add a “test” deployment with all test machines.
   nixops4Deployments = genAttrs machines makeDeployment' // {
     default = makeDeployment machines;
-    test = makeTestDeployment testMachineConfigurations;
+    test = makeTestDeployment (fromJSON (readFile ./test-machines/configuration.json));
   };
   flake.nixosConfigurations =
     genAttrs machines (makeConfiguration false)
-    // genAttrs (attrNames testMachineConfigurations) (makeConfiguration true);
+    // genAttrs testMachines (makeConfiguration true);
   flake.vmOptions =
     genAttrs machines (makeVmOptions false)
-    // genAttrs (attrNames testMachineConfigurations) (makeVmOptions true);
+    // genAttrs testMachines (makeVmOptions true);
 }

infra/test-machines/configuration.json

@@ -0,0 +1,6 @@
+{
+  "domain": "abundos.eu",
+  "enableMastodon": false,
+  "enablePeertube": false,
+  "enablePixelfed": false
+}

infra/test-machines/configuration.nix

@@ -1,74 +0,0 @@
-let
-  ## NOTE: All of these secrets are publicly available in this source file
-  ## and will end up in the Nix store. We don't care as they are only ever
-  ## used for testing anyway.
-  mastodonS3KeyConfig =
-    { pkgs, ... }:
-    {
-      s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK3515373e4c851ebaad366558";
-      s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34";
-    };
-  peertubeS3KeyConfig =
-    { pkgs, ... }:
-    {
-      s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK1f9feea9960f6f95ff404c9b";
-      s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395";
-    };
-  pixelfedS3KeyConfig =
-    { pkgs, ... }:
-    {
-      s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKb5615457d44214411e673b7b";
-      s3SecretKeyFile = pkgs.writeText "s3SecretKey" "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987";
-    };
-
-in
-{
-  test01 =
-    { pkgs, ... }:
-    {
-      fediversity = {
-        domain = "abundos.eu";
-        garage.enable = true;
-        pixelfed = pixelfedS3KeyConfig { inherit pkgs; };
-        mastodon = mastodonS3KeyConfig { inherit pkgs; };
-        peertube = peertubeS3KeyConfig { inherit pkgs; };
-      };
-    };
-
-  test02 =
-    { pkgs, ... }:
-    {
-      fediversity = {
-        domain = "abundos.eu";
-        mastodon = mastodonS3KeyConfig { inherit pkgs; } // {
-          enable = true;
-        };
-
-        temp.cores = 1; # FIXME: should come from NixOps4 eventually
-      };
-    };
-
-  test03 =
-    { pkgs, ... }:
-    {
-      fediversity = {
-        domain = "abundos.eu";
-        peertube = peertubeS3KeyConfig { inherit pkgs; } // {
-          enable = true;
-          ## NOTE: Only ever used for testing anyway.
-          secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24";
-        };
-      };
-    };
-
-  test04 =
-    { pkgs, ... }:
-    {
-      fediversity = {
-        domain = "abundos.eu";
-        pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // {
-          enable = true;
-        };
-      };
-    };
-}