1
1
mirror of https://github.com/divnix/digga.git synced 2024-12-23 16:11:51 +03:00

ref: add proper downstream testing

This commit is contained in:
David Arnold 2021-06-24 14:24:10 -05:00 committed by Parthiv Seetharaman
parent 7608f9585c
commit 67df251929
26 changed files with 52 additions and 632 deletions

View File

@ -12,6 +12,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
with:
submodules: true
- uses: cachix/install-nix-action@v13
with:
install_url: https://github.com/numtide/nix-flakes-installer/releases/download/nix-2.4pre20210415_76980a1/install
@ -25,5 +27,5 @@ jobs:
- run: nix develop --command evalnix
# Check /examples/*
- run: nix develop --command check-classicalDevos
- run: nix develop --command check-downstream
- run: nix develop --command check-groupByConfig

3
.gitmodules vendored Normal file
View File

@ -0,0 +1,3 @@
[submodule "examples/downstream"]
path = examples/downstream
url = git@github.com:divnix/devos.git

View File

@ -1,5 +0,0 @@
[devshell]
packages = [
"mdbook",
]

View File

@ -1,117 +0,0 @@
{
description = "A DevOS example. And also a digga test bed.";
inputs =
{
nixos.url = "nixpkgs/release-21.05";
latest.url = "nixpkgs";
digga = {
url = "path:../../";
inputs.nixpkgs.follows = "nixos";
};
darwin.url = "github:LnL7/nix-darwin";
darwin.inputs.nixpkgs.follows = "latest";
home.url = "github:nix-community/home-manager";
home.inputs.nixpkgs.follows = "nixos";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "latest";
nixos-hardware.url = "github:nixos/nixos-hardware";
pkgs.url = "path:./pkgs";
pkgs.inputs.nixpkgs.follows = "nixos";
};
outputs =
{ self
, pkgs
, digga
, nixos
, home
, nixos-hardware
, agenix
, ...
} @ inputs:
digga.lib.mkFlake {
inherit self inputs;
channelsConfig = { allowUnfree = true; };
channels = {
nixos = {
imports = [ (digga.lib.importers.overlays ./overlays) ];
overlays = [
# mimicking an external overlay
(final: prev: { i-do-exists-before-local-overlays-accessor-me = prev.hello; })
./pkgs/default.nix
pkgs.overlay # for `srcs`
agenix.overlay
];
};
latest = { };
};
lib = import ./lib { lib = digga.lib // nixos.lib; };
sharedOverlays = [
(final: prev: {
__dontExport = true;
lib = prev.lib.extend (lfinal: lprev: {
our = self.lib;
});
})
];
nixos = {
hostDefaults = {
system = "x86_64-linux";
channelName = "nixos";
imports = [ (digga.lib.importers.modules ./modules) ];
externalModules = [
{ lib.our = self.lib; }
home.nixosModules.home-manager
agenix.nixosModules.age
];
};
imports = [ (digga.lib.importers.hosts ./hosts) ];
hosts = {
/* set host specific properties here */
NixOS = { };
};
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles // {
users = digga.lib.importers.rakeLeaves ./users;
};
suites = with profiles; rec {
base = [ core users.nixos users.root ];
};
};
};
home = {
imports = [ (digga.lib.importers.modules ./users/modules) ];
externalModules = [ ];
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./users/profiles;
suites = with profiles; rec {
base = [ direnv git ];
};
};
};
devshell.externalModules = { pkgs, ... }: {
packages = [ pkgs.agenix ];
};
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { };
defaultTemplate = self.templates.flk;
templates.flk.path = ./.;
templates.flk.description = "flk template";
}
;
}

View File

@ -1,12 +0,0 @@
{ suites, ... }:
{
### root password is empty by default ###
imports = suites.base;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; };
}

View File

@ -1,12 +0,0 @@
{ suites, ... }:
{
### root password is empty by default ###
imports = suites.base;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; };
}

View File

@ -1,2 +0,0 @@
{ lib }:
lib.makeExtensible (self: { })

View File

@ -1 +0,0 @@
{ ... }: { }

View File

@ -1,26 +0,0 @@
{ lib, pkgs, self, config, modules, channel, ... }:
{
system.build = {
iso = (config.lib.digga.mkBuild
(config.lib.digga.modules.isoConfig {
inherit self;
fullHostConfig = config;
})
).config.system.build.isoImage;
homes = (config.lib.digga.mkBuild
({ config, ... }: {
home-manager.useUserPackages = lib.mkForce false;
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
})
).config.home-manager.users;
};
}

View File

@ -1,3 +0,0 @@
final: prev: {
i-was-accessed-without-error = prev.i-do-exists-before-local-overlays-accessor-me;
}

View File

@ -1,28 +0,0 @@
channels: final: prev: {
__dontExport = true; # overrides clutter up actual creations
inherit (channels.latest)
cachix
dhall
discord
element-desktop
manix
nixpkgs-fmt
qutebrowser
signal-desktop
starship;
haskellPackages = prev.haskellPackages.override {
overrides = hfinal: hprev:
let version = prev.lib.replaceChars [ "." ] [ "" ] prev.ghc.version;
in
{
# same for haskell packages, matching ghc versions
inherit (channels.latest.haskell.packages."ghc${version}")
haskell-language-server;
};
};
}

View File

@ -1 +0,0 @@
final: prev: { }

View File

@ -1,25 +0,0 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1615926763,
"narHash": "sha256-yeq8A3EPNuQVlsxlEQrIRsklfJwJK0Us6jtcG/u8wNs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b702a56d417647de4090ac56c0f18bdc7e646610",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

View File

@ -1,52 +0,0 @@
{
description = "Package Sources";
inputs = { };
outputs = { self, nixpkgs, ... }: {
overlay = final: prev: {
inherit (self) srcs;
};
srcs =
let
inherit (nixpkgs) lib;
mkVersion = name: input:
let
inputs = (builtins.fromJSON
(builtins.readFile ./flake.lock)).nodes;
ref =
if lib.hasAttrByPath [ name "original" "ref" ] inputs
then inputs.${name}.original.ref
else "";
version =
let version' = builtins.match
"[[:alpha:]]*[-._]?([0-9]+(\.[0-9]+)*)+"
ref;
in
if lib.isList version'
then lib.head version'
else if input ? lastModifiedDate && input ? shortRev
then "${lib.substring 0 8 input.lastModifiedDate}_${input.shortRev}"
else null;
in
version;
in
lib.mapAttrs
(pname: input:
let
version = mkVersion pname input;
in
input // { inherit pname; }
// lib.optionalAttrs (! isNull version)
{
inherit version;
}
)
(lib.filterAttrs (n: _: n != "nixpkgs")
self.inputs);
};
}

View File

@ -1,11 +0,0 @@
{ pkgs, lib, ... }:
let
folder = ./.;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key && key != "default.nix";
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in
{
inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ];
}

View File

@ -1,10 +0,0 @@
{
nix = {
binaryCaches = [
"https://nix-community.cachix.org"
];
binaryCachePublicKeys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
}

View File

@ -1,10 +0,0 @@
{
nix = {
binaryCaches = [
"https://nrdxp.cachix.org"
];
binaryCachePublicKeys = [
"nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="
];
};
}

View File

@ -1,148 +0,0 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
imports = [ ../cachix ];
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
environment = {
systemPackages = with pkgs; [
binutils
coreutils
curl
direnv
dnsutils
dosfstools
fd
git
gotop
gptfdisk
iputils
jq
manix
moreutils
nix-index
nmap
ripgrep
skim
tealdeer
usbutils
utillinux
whois
];
shellInit = ''
export STARSHIP_CONFIG=${
pkgs.writeText "starship.toml"
(fileContents ./starship.toml)
}
'';
shellAliases =
let ifSudo = lib.mkIf config.security.sudo.enable;
in
{
# quick cd
".." = "cd ..";
"..." = "cd ../..";
"...." = "cd ../../..";
"....." = "cd ../../../..";
# git
g = "git";
# grep
grep = "rg";
gi = "grep -i";
# internet ip
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
# nix
n = "nix";
np = "n profile";
ni = "np install";
nr = "np remove";
ns = "n search --no-update-lock-file";
nf = "n flake";
nepl = "n repl '<nixpkgs>'";
srch = "ns nixos";
orch = "ns override";
nrb = ifSudo "sudo nixos-rebuild";
mn = ''
manix "" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | sk --preview="manix '{}'" | xargs manix
'';
# fix nixos-option
nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat";
# sudo
s = ifSudo "sudo -E ";
si = ifSudo "sudo -i";
se = ifSudo "sudoedit";
# top
top = "gotop";
# systemd
ctl = "systemctl";
stl = ifSudo "s systemctl";
utl = "systemctl --user";
ut = "systemctl --user start";
un = "systemctl --user stop";
up = ifSudo "s systemctl start";
dn = ifSudo "s systemctl stop";
jtl = "journalctl";
};
};
fonts = {
fonts = with pkgs; [ powerline-fonts dejavu_fonts ];
fontconfig.defaultFonts = {
monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = [ "DejaVu Sans" ];
};
};
nix = {
autoOptimiseStore = true;
gc.automatic = true;
optimise.automatic = true;
useSandbox = true;
allowedUsers = [ "@wheel" ];
trustedUsers = [ "root" "@wheel" ];
extraOptions = ''
min-free = 536870912
keep-outputs = true
keep-derivations = true
fallback = true
'';
};
programs.bash = {
promptInit = ''
eval "$(${pkgs.starship}/bin/starship init bash)"
'';
interactiveShellInit = ''
eval "$(${pkgs.direnv}/bin/direnv hook bash)"
'';
};
services.earlyoom.enable = true;
}

View File

@ -1,95 +0,0 @@
[aws]
symbol = " "
[character]
success_symbol = "[](bold purple)"
vicmd_symbol = "[](bold purple)"
[battery]
full_symbol = ""
charging_symbol = ""
discharging_symbol = ""
[conda]
symbol = " "
[directory]
style = "cyan"
read_only = " 🔒"
[docker]
symbol = " "
[elixir]
symbol = " "
[elm]
symbol = " "
[git_branch]
format = "[$symbol$branch]($style) "
symbol = " "
style = "bold dimmed white"
[git_status]
format = '([「$all_status$ahead_behind」]($style) )'
conflicted = "⚠️"
ahead = "⟫${count} "
behind = "⟪${count}"
diverged = "🔀 "
untracked = "📁 "
stashed = "↪ "
modified = "𝚫 "
staged = "✔ "
renamed = "⇆ "
deleted = "✘ "
style = "bold bright-white"
[golang]
symbol = " "
[haskell]
symbol = " "
[hg_branch]
symbol = " "
[java]
symbol = " "
[julia]
symbol = " "
[memory_usage]
symbol = " "
disabled = false
[nim]
symbol = " "
[nix_shell]
format = '[$symbol$state]($style) '
symbol = " "
pure_msg = "λ"
impure_msg = "⎔"
[nodejs]
symbol = " "
[package]
symbol = " "
[php]
symbol = " "
[python]
symbol = " "
[ruby]
symbol = " "
[rust]
symbol = " "
[status]
disabled = false

View File

@ -1 +0,0 @@
{ ... }: { }

View File

@ -1,10 +0,0 @@
{ ... }:
{
users.users.nixos = {
uid = 1000;
password = "nixos";
description = "default";
isNormalUser = true;
extraGroups = [ "wheel" ];
};
}

View File

@ -1,6 +0,0 @@
{
programs.direnv = {
enable = true;
enableNixDirenvIntegration = true;
};
}

View File

@ -1,45 +0,0 @@
{
programs.git = {
enable = true;
extraConfig = {
pull.rebase = false;
};
aliases = {
a = "add -p";
co = "checkout";
cob = "checkout -b";
f = "fetch -p";
c = "commit";
p = "push";
ba = "branch -a";
bd = "branch -d";
bD = "branch -D";
d = "diff";
dc = "diff --cached";
ds = "diff --staged";
r = "restore";
rs = "restore --staged";
st = "status -sb";
# reset
soft = "reset --soft";
hard = "reset --hard";
s1ft = "soft HEAD~1";
h1rd = "hard HEAD~1";
# logging
lg =
"log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
plog =
"log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'";
tlog =
"log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative";
rank = "shortlog -sn --no-merges";
# delete merged branches
bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d";
};
};
}

View File

@ -1,5 +0,0 @@
{ ... }:
# recommend using `hashedPassword`
{
users.users.root.password = "";
}

1
examples/downstream Submodule

@ -0,0 +1 @@
Subproject commit 2a808af8b5efa56a84fb0cde490315eeb43f4693

View File

@ -12,11 +12,50 @@ let
help = "Checks ${name} example";
command = ''
set -e
cd $DEVSHELL_ROOT/examples/${name}
${patchedNixUnstable}/bin/nix flake lock --update-input digga || git rm -f flake.lock
${patchedNixUnstable}/bin/nix flake show || git rm -f flake.lock
${patchedNixUnstable}/bin/nix flake check || git rm -f flake.lock
diggaurl=
lockfile_updated=1
lockfile_present=1
cleanup() {
if is $lockfile_present; then
git checkout -- flake.lock
elif is $lockfile_updated; then
git rm -f flake.lock
fi
# ensure: restore input
[ -z $diggaurl ] || sed -i "s|\"path:../../\"|$diggaurl|g" flake.nix
}
digga_fixture() {
# ensure: replace input
diggaurl=$({ grep -o '"github:divnix/digga.*"' flake.nix || true; })
sed -i 's|"github:divnix/digga/.*"|"path:../../"|g' flake.nix
}
trap_err() {
local ret=$?
cleanup
echo -e \
"\033[1m\033[31m""exit $ret: \033[0m\033[1m""command [$BASH_COMMAND] failed""\033[0m"
}
is () { [ "$1" -eq "0" ]; }
trap 'trap_err' ERR
# --------------------------------------------------------------------------------
cd $DEVSHELL_ROOT/examples/${name}
digga_fixture
test -f flake.lock && lockfile_present=$? || true
${patchedNixUnstable}/bin/nix flake lock --update-input digga; lockfile_updated=$?;
${patchedNixUnstable}/bin/nix flake show
${patchedNixUnstable}/bin/nix flake check
cleanup
'';
};
@ -56,9 +95,9 @@ devshell.mkShell {
command = "fd --extension nix --exec nix-instantiate --parse --quiet {} >/dev/null";
}
(test "classicalDevos")
(test "downstream")
(test "groupByConfig")
(test "all" // { command = "check-classicalDevos && groupByConfig"; })
(test "all" // { command = "check-downstream && groupByConfig"; })
];
}