Merge #80

80: No parts r=Mic92 a=zimbatm Co-authored-by: zimbatm <zimbatm@zimbatm.com>
2024-09-11 14:17:02 +03:00 · 2023-02-27 11:38:40 +00:00 · 2023-02-27 11:38:40 +00:00 · ec9f508752
commit ec9f508752
parent f2e0c6fc4e ca3fdd34f8
11 changed files with 186 additions and 280 deletions
--- a/all-parts.nix
+++ b/all-parts.nix
@ -1,22 +0,0 @@
-# Find all the flake-part.nix files in this repo and import them
-{ config, lib, ... }:
-let
-  root = ./.;
-
-  getParts = path:
-    let dir = builtins.readDir path; in
-    lib.concatMap
-      (k:
-        let v = dir.${k}; in
-        if k == "flake-part.nix" && v == "regular" then
-        # Collect this
-          [ (path + "/${k}") ]
-        else if v == "directory" then
-          getParts (path + "/${k}")
-        else [ ]
-      )
-      (lib.attrNames dir);
-in
-{
-  imports = getParts ./.;
-}
--- a/default.nix
+++ b/default.nix
@ -1,14 +1,11 @@
 # This file provides backward compatibility to nix < 2.4 clients
+{ system ? builtins.currentSystem }:
 let
-  flake =
-    import
-    (
-      let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
-      fetchTarball {
-        url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
-        sha256 = lock.nodes.flake-compat.locked.narHash;
-      }
-    )
-    { src = ./.; };
+  flake-compat = builtins.fetchTarball {
+    url = "https://github.com/edolstra/flake-compat/archive/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9.tar.gz";
+    sha256 = "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=";
+  };
+
+  flake = import flake-compat { src = ./.; inherit system; };
 in
-  flake.defaultNix
+flake.defaultNix
--- a/docs/flake-part.nix
+++ b/docs/flake-part.nix
@ -1,5 +0,0 @@
-{ self, lib, ... }: {
-  perSystem = { config, self', inputs', pkgs, ... }: {
-    packages.docs = pkgs.callPackage ./. { };
-  };
-}
--- a/flake-part.nix
+++ b/flake-part.nix
@ -1,9 +0,0 @@
-{ lib, ... }:
-{
-  # We define a new prefix that includes *all* the types of modules.
-  #
-  # Eg: instead of nixosModules, use modules.nixos
-  options.flake.modules = lib.mkOption {
-    type = lib.types.anything;
-  };
-}
--- a/flake.lock
+++ b/flake.lock
@ -1,41 +1,5 @@
 {
  "nodes": {
-    "flake-compat": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1673956053,
-        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "flake-parts": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1675933616,
-        "narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "47478a4a003e745402acf63be7f9a092d51b83d7",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1677402710,
@ -54,8 +18,6 @@
    },
    "root": {
      "inputs": {
-        "flake-compat": "flake-compat",
-        "flake-parts": "flake-parts",
        "nixpkgs": "nixpkgs"
      }
    }
--- a/flake.nix
+++ b/flake.nix
@ -1,28 +1,32 @@
 {
-  description = "Server-optimized nixos configuration";
+  description = "Server-optimized NixOS configuration";

-  inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
-    flake-parts = {
-      url = "github:hercules-ci/flake-parts";
-      inputs.nixpkgs-lib.follows = "nixpkgs";
-    };
-    flake-compat = {
-      url = "github:edolstra/flake-compat";
-      flake = false;
-    };
-  };
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";

-  outputs = inputs@{ flake-parts, ... }:
-    flake-parts.lib.mkFlake { inherit inputs; } {
+  outputs = inputs@{ self, nixpkgs }:
+    let
+      eachSystem = f:
+        nixpkgs.lib.genAttrs
+          [
+            "aarch64-darwin"
+            "aarch64-linux"
+            "x86_64-darwin"
+            "x86_64-linux"
+          ]
+          (system: f { inherit system; pkgs = nixpkgs.legacyPackages.${system}; });
+    in
+    {
+      packages = eachSystem ({ system, pkgs }: {
+        docs = pkgs.callPackage ./docs { };
+      });

-      systems = [
-        "aarch64-darwin"
-        "aarch64-linux"
-        "x86_64-darwin"
-        "x86_64-linux"
-      ];
+      # generates future flake outputs: `modules.<kind>.<module-name>`
+      modules.nixos = import ./nixos;

-      imports = [ ./all-parts.nix ];
+      # compat to current schema: `nixosModules` / `darwinModules`
+      nixosModules = self.modules.nixos;
+
+      # we use this to test our modules
+      nixosConfigurations = import ./nixos/test-configurations.nix inputs;
    };
 }
--- a/nixos/common/serial.nix
+++ b/nixos/common/serial.nix
@ -1,6 +1,6 @@
 { config, lib, pkgs, ... }:
 let
-    # Based on https://unix.stackexchange.com/questions/16578/resizable-serial-console-window
+  # Based on https://unix.stackexchange.com/questions/16578/resizable-serial-console-window
  resize = pkgs.writeScriptBin "resize" ''
    export PATH=${pkgs.coreutils}/bin
    if [ ! -t 0 ]; then
--- a/nixos/flake-part.nix
+++ b/nixos/flake-part.nix
@ -1,170 +0,0 @@
-{ lib, self, config, inputs, ... }:
-{
-  # generates future flake outputs: `modules.<kind>.<module-name>`
-  config.flake.modules.nixos = import ./.;
-
-  # compat to current schema: `nixosModules` / `darwinModules`
-  config.flake.nixosModules = config.flake.modules.nixos or { };
-
-  # the test NixOS configurations
-  config.flake.nixosConfigurations =
-    let
-      nixosSystem = args:
-        # TODO: flake-parts does not expose lib.nixosSystems.
-        #   Fix this upstream at flake-parts or nixpkgs.
-        #   (Why are there even two different libs ?)
-        import (inputs.nixpkgs + /nixos/lib/eval-config.nix) (
-          args // {
-            modules = args.modules ++ [{
-              system.nixos.versionSuffix =
-                ".${lib.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}.${self.shortRev or "dirty"}";
-              system.nixos.revision = lib.mkIf (self ? rev) self.rev;
-            }];
-          } // lib.optionalAttrs (! args?system) {
-            # Allow system to be set modularly in nixpkgs.system.
-            # We set it to null, to remove the "legacy" entrypoint's
-            # non-hermetic default.
-            system = null;
-          }
-        );
-      # some example configuration to make it eval
-      dummy = { config, ... }: {
-        networking.hostName = "example-common";
-        system.stateVersion = config.system.nixos.version;
-        users.users.root.initialPassword = "fnord23";
-        boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
-        fileSystems."/".device = lib.mkDefault  "/dev/sda";
-      };
-    in
-    {
-      # General
-      example-common = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.common
-        ];
-      };
-      example-server = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.server
-        ];
-      };
-      example-desktop = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.desktop
-        ];
-      };
-
-      # Hardware
-      example-hardware-amazon = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.hardware-amazon
-        ];
-      };
-      example-hardware-hetzner-cloud = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.hardware-hetzner-cloud
-          {
-            systemd.network.networks."10-uplink".networkConfig.Address = "::cafe:babe:feed:face:dead:beef";
-          }
-        ];
-      };
-
-      # Mixins
-      example-mixins-cloud-init = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-cloud-init
-        ];
-      };
-      example-mixins-systemd-boot = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-systemd-boot
-        ];
-      };
-      example-mixins-telegraf = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-telegraf
-        ];
-      };
-      example-mixins-terminfo = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-terminfo
-        ];
-      };
-      example-mixins-trusted-nix-caches = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-trusted-nix-caches
-        ];
-      };
-      example-mixins-nginx = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          dummy
-          self.nixosModules.mixins-nginx
-        ];
-      };
-
-      # Roles
-      example-roles-github-actions-runner = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          self.nixosModules.roles-github-actions-runner
-          dummy
-          {
-            roles.github-actions-runner.cachix.cacheName = "cache-name";
-            roles.github-actions-runner.cachix.tokenFile = "/run/cachix-token-file";
-            roles.github-actions-runner.tokenFile = "/run/gha-token-file";
-            roles.github-actions-runner.url = "https://fixup";
-          }
-        ];
-      };
-      example-roles-github-actions-runner-github-app = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          self.nixosModules.roles-github-actions-runner
-          dummy
-          {
-            roles.github-actions-runner.cachix.cacheName = "cache-name";
-            roles.github-actions-runner.cachix.tokenFile = "/run/cachix-token-file";
-            roles.github-actions-runner.githubApp = {
-              id = "1234";
-              login = "foo";
-              privateKeyFile = "/run/gha-token-file";
-            };
-            roles.github-actions-runner.url = "https://fixup";
-          }
-        ];
-      };
-      example-roles-nix-remote-builder = nixosSystem {
-        system = "x86_64-linux";
-        modules = [
-          self.nixosModules.roles-nix-remote-builder
-          dummy
-          {
-            roles.nix-remote-builder.schedulerPublicKeys = [
-              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOuiDoBOxgyer8vGcfAIbE6TC4n4jo8lhG9l01iJ0bZz zimbatm@no1"
-            ];
-          }
-        ];
-      };
-    };
-}
--- a/nixos/roles/nix-remote-builder.nix
+++ b/nixos/roles/nix-remote-builder.nix
@ -34,6 +34,6 @@ in
      cfg.schedulerPublicKeys;
    users.users.nix-remote-builder.isNormalUser = true;
    users.users.nix-remote-builder.group = "nogroup";
-    nix.settings.trusted-users = ["nix-remote-builder"];
+    nix.settings.trusted-users = [ "nix-remote-builder" ];
  };
 }
--- a/nixos/test-configurations.nix
+++ b/nixos/test-configurations.nix
@ -0,0 +1,148 @@
+# We use the nixosConfigurations to test all the modules below.
+#
+# This is not optimal, but it gets the job done
+{ self, nixpkgs }:
+let
+  inherit (nixpkgs) lib;
+  inherit (lib) nixosSystem;
+
+  # some example configuration to make it eval
+  dummy = { config, ... }: {
+    networking.hostName = "example-common";
+    system.stateVersion = config.system.nixos.version;
+    users.users.root.initialPassword = "fnord23";
+    boot.loader.grub.devices = lib.mkForce [ "/dev/sda" ];
+    fileSystems."/".device = lib.mkDefault "/dev/sda";
+  };
+in
+{
+  # General
+  example-common = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.common
+    ];
+  };
+  example-server = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.server
+    ];
+  };
+  example-desktop = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.desktop
+    ];
+  };
+
+  # Hardware
+  example-hardware-amazon = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.hardware-amazon
+    ];
+  };
+  example-hardware-hetzner-cloud = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.hardware-hetzner-cloud
+      {
+        systemd.network.networks."10-uplink".networkConfig.Address = "::cafe:babe:feed:face:dead:beef";
+      }
+    ];
+  };
+
+  # Mixins
+  example-mixins-cloud-init = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-cloud-init
+    ];
+  };
+  example-mixins-systemd-boot = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-systemd-boot
+    ];
+  };
+  example-mixins-telegraf = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-telegraf
+    ];
+  };
+  example-mixins-terminfo = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-terminfo
+    ];
+  };
+  example-mixins-trusted-nix-caches = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-trusted-nix-caches
+    ];
+  };
+  example-mixins-nginx = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      dummy
+      self.nixosModules.mixins-nginx
+    ];
+  };
+
+  # Roles
+  example-roles-github-actions-runner = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      self.nixosModules.roles-github-actions-runner
+      dummy
+      {
+        roles.github-actions-runner.cachix.cacheName = "cache-name";
+        roles.github-actions-runner.cachix.tokenFile = "/run/cachix-token-file";
+        roles.github-actions-runner.tokenFile = "/run/gha-token-file";
+        roles.github-actions-runner.url = "https://fixup";
+      }
+    ];
+  };
+  example-roles-github-actions-runner-github-app = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      self.nixosModules.roles-github-actions-runner
+      dummy
+      {
+        roles.github-actions-runner.cachix.cacheName = "cache-name";
+        roles.github-actions-runner.cachix.tokenFile = "/run/cachix-token-file";
+        roles.github-actions-runner.githubApp = {
+          id = "1234";
+          login = "foo";
+          privateKeyFile = "/run/gha-token-file";
+        };
+        roles.github-actions-runner.url = "https://fixup";
+      }
+    ];
+  };
+  example-roles-nix-remote-builder = nixosSystem {
+    system = "x86_64-linux";
+    modules = [
+      self.nixosModules.roles-nix-remote-builder
+      dummy
+      {
+        roles.nix-remote-builder.schedulerPublicKeys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOuiDoBOxgyer8vGcfAIbE6TC4n4jo8lhG9l01iJ0bZz zimbatm@no1"
+        ];
+      }
+    ];
+  };
+}
--- a/shell.nix
+++ b/shell.nix
@ -1,2 +1,3 @@
-(import ./default.nix {}).devShells.${builtins.currentSystem}.default
-or throw "dev-shell not defined. Cannot find flake attribute devShell.${builtins.currentSystem}.default"
+{ system ? builtins.currentSystem }:
+(import ./default.nix { inherit system; }).devShells.${system}.default
+  or throw "dev-shell not defined. Cannot find flake attribute devShells.${system}.default"