diff --git a/flake.nix b/flake.nix index d6b4a49a..c5973b5c 100644 --- a/flake.nix +++ b/flake.nix @@ -30,20 +30,20 @@ outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, heliwatch, sops-nix, naersk, fenix, ... }: let - forAllSystems = nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ]; + inherit (nixpkgs) lib; + forAllSystems = lib.genAttrs [ "aarch64-linux" "x86_64-linux" ]; - inherit (nixpkgs.lib) recursiveUpdate; extractZwHosts = { hosts4, hosts6, ... }: - recursiveUpdate ( + lib.recursiveUpdate ( builtins.foldl' (result: name: - recursiveUpdate result { + lib.recursiveUpdate result { "${name}".ip4 = hosts4."${name}"; } ) {} (builtins.attrNames hosts4) ) ( builtins.foldl' (result: ctx: builtins.foldl' (result: name: - recursiveUpdate result { + lib.recursiveUpdate result { "${name}".ip6 = hosts6."${ctx}"."${name}"; } ) result (builtins.attrNames hosts6."${ctx}") @@ -52,11 +52,11 @@ zwHostRegistry = { hosts = builtins.foldl' (result: net: - recursiveUpdate result (extractZwHosts zentralwerk.lib.config.site.net."${net}") + lib.recursiveUpdate result (extractZwHosts zentralwerk.lib.config.site.net."${net}") ) {} [ "core" "c3d2" "serv" ]; }; extraHostRegistry = import ./host-registry.nix; - hostRegistry = nixpkgs.lib.recursiveUpdate zwHostRegistry extraHostRegistry; + hostRegistry = lib.recursiveUpdate zwHostRegistry extraHostRegistry; flakifiedHosts = nixpkgs.lib.filterAttrs (name: _: self.nixosConfigurations ? "${name}") hostRegistry.hosts; @@ -70,18 +70,17 @@ then hostConf.ip6 else throw "Host ${name} has no ip4 or ip6 address"; in { - overlay = import ./overlay { - inherit naersk fenix; - }; + overlay = import ./overlay; - legacyPackages = forAllSystems (system: nixpkgs.legacyPackages."${system}".extend self.overlay); + legacyPackages = lib.attrsets.mapAttrs + (system: pkgs: pkgs.appendOverlays + [ fenix.overlay naersk.overlay self.overlay ]) + nixpkgs.legacyPackages; - packages = forAllSystems (system: - let - pkgs = self.legacyPackages."${system}"; - overlayPkgs = self.overlay overlayPkgs pkgs; - in { - inherit (pkgs) bmxd; + packages = lib.attrsets.mapAttrs (system: pkgs: + let overlayPkgs = builtins.intersectAttrs (self.overlay {} {}) pkgs; + in overlayPkgs // + { list-upgradable = pkgs.writeScriptBin "list-upgradable" '' #! ${pkgs.runtimeShell} @@ -142,8 +141,6 @@ } // - overlayPkgs // - builtins.foldl' (result: host: result // { # TODO: check if the ethernet address is reachable and if not, # execute wol on a machine in HQ. @@ -189,12 +186,12 @@ }) {} (builtins.attrNames (nixpkgs.lib.filterAttrs (host: nixosConfiguration: nixosConfiguration.config.system.build ? sdImage ) self.nixosConfigurations)) - ); + ) self.legacyPackages; nixosConfigurations = let nixosSystem' = # Our custom NixOS builder - { nixpkgs ? inputs.nixpkgs, modules, extraArgs ? {}, system }: + { nixpkgs ? inputs.nixpkgs, modules, extraArgs ? {}, system ? "x86_64-linux" }: nixpkgs.lib.nixosSystem { inherit system; @@ -215,13 +212,12 @@ freifunk = nixosSystem' { modules = [ ./hosts/containers/freifunk - (_: { + { nixpkgs.overlays = with secrets.overlays; [ freifunk ospf ]; - }) + } ]; - system = "x86_64-linux"; }; gitea = nixosSystem' { @@ -230,7 +226,6 @@ ./lib/lxc-container.nix ./hosts/containers/gitea ]; - system = "x86_64-linux"; }; glotzbert = nixosSystem' { @@ -243,14 +238,12 @@ sops.defaultSopsFile = "${secrets}/hosts/glotzbert/secrets.yaml"; } ]; - system = "x86_64-linux"; }; nix-build = nixosSystem' { modules = [ ./hosts/containers/nix-build ]; - system = "x86_64-linux"; }; pulsebert = nixosSystem' { @@ -263,11 +256,12 @@ radiobert = nixosSystem' { modules = [ - "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" + ({ modulesPath, ... }: { + imports = [ "${modulesPath}/installer/sd-card/sd-image-aarch64.nix" ]; nixpkgs.overlays = [ heliwatch.overlay ]; sops.defaultSopsFile = "${secrets}/hosts/radiobert/secrets.yaml"; - } + }) ./hosts/radiobert ]; system = "aarch64-linux"; @@ -324,7 +318,6 @@ nixpkgs.overlays = [ secrets.overlays.ospf ]; }) ]; - system = "x86_64-linux"; }; matemat = nixosSystem' { @@ -337,19 +330,15 @@ nixpkgs.overlays = [ secrets.overlays.matemat ]; }) ]; - system = "x86_64-linux"; }; scrape = nixosSystem' { modules = [ ./lib/lxc-container.nix ./hosts/containers/scrape - (_: { - nixpkgs.overlays = [ secrets.overlays.scrape ]; - }) + { nixpkgs.overlays = [ secrets.overlays.scrape ]; } ]; extraArgs = { inherit scrapers; }; - system = "x86_64-linux"; }; dn42 = nixosSystem' { @@ -361,7 +350,6 @@ sops.defaultSopsFile = "${secrets}/hosts/dn42/secrets.yaml"; } ]; - system = "x86_64-linux"; }; grafana = nixosSystem' { @@ -369,7 +357,6 @@ ./lib/lxc-container.nix ./hosts/containers/grafana ]; - system = "x86_64-linux"; }; hydra = nixosSystem' { @@ -380,7 +367,6 @@ sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml"; } ]; - system = "x86_64-linux"; }; mucbot = nixosSystem' { @@ -391,7 +377,6 @@ ./hosts/containers/mucbot ]; extraArgs = { inherit tigger; }; - system = "x86_64-linux"; }; kibana = nixosSystem' { @@ -399,7 +384,6 @@ ./lib/lxc-container.nix ./hosts/containers/kibana ]; - system = "x86_64-linux"; }; public-access-proxy = nixosSystem' { @@ -410,7 +394,6 @@ extraArgs = { inherit (self) nixosConfigurations; }; - system = "x86_64-linux"; }; ticker = nixosSystem' { @@ -419,7 +402,6 @@ "${ticker}/nixos-module.nix" ./hosts/containers/ticker ]; - system = "x86_64-linux"; }; spaceapi = nixosSystem' { @@ -428,7 +410,6 @@ "${spacemsg}/spaceapi/module.nix" ./hosts/containers/spaceapi ]; - system = "x86_64-linux"; }; stream = nixosSystem' { @@ -436,7 +417,6 @@ ./lib/lxc-container.nix ./hosts/containers/stream ]; - system = "x86_64-linux"; }; mobilizon = nixosSystem' { @@ -446,7 +426,6 @@ ./lib/lxc-container.nix ./hosts/containers/mobilizon ]; - system = "x86_64-linux"; }; mail = nixosSystem' { @@ -454,7 +433,6 @@ ./lib/lxc-container.nix ./hosts/containers/mail ]; - system = "x86_64-linux"; }; logging = nixosSystem' { @@ -462,34 +440,25 @@ ./lib/lxc-container.nix ./hosts/containers/logging ]; - system = "x86_64-linux"; }; keycloak = nixosSystem' { modules = [ ./lib/lxc-container.nix - (_: { - nixpkgs.overlays = with secrets.overlays; [ - keycloak - ]; - }) ./hosts/containers/keycloak + { nixpkgs.overlays = with secrets.overlays; [ keycloak ]; } ]; - system = "x86_64-linux"; }; c3d2-web = nixosSystem' { modules = [ ./lib/lxc-container.nix ./hosts/containers/c3d2-web - (_: { - nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; - }) + { nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; } ]; extraArgs = { inherit nixpkgs; }; - system = "x86_64-linux"; }; sdrweb = nixosSystem' { @@ -499,44 +468,30 @@ heliwatch.nixosModules.heliwatch ./hosts/containers/sdrweb ]; - system = "x86_64-linux"; }; bind = nixosSystem' { modules = [ - (_: { - nixpkgs.overlays = with secrets.overlays; [ - bind - ]; - }) + { nixpkgs.overlays = with secrets.overlays; [ bind ]; } ./lib/lxc-container.nix ./hosts/containers/bind ]; - system = "x86_64-linux"; }; jabber = nixosSystem' { modules = [ - (_: { - nixpkgs.overlays = with secrets.overlays; [ - jabber - ]; - }) + { nixpkgs.overlays = with secrets.overlays; [ jabber ]; } ./lib/lxc-container.nix ./hosts/containers/jabber ]; - system = "x86_64-linux"; }; storage-ng = nixosSystem' { modules = [ ./hosts/storage-ng secrets.nixosModules.admins - { - sops.defaultSopsFile = "${secrets}/hosts/storage-ng/secrets.yaml"; - } + { sops.defaultSopsFile = "${secrets}/hosts/storage-ng/secrets.yaml"; } ]; - system = "x86_64-linux"; }; blogs = nixosSystem' { @@ -544,18 +499,20 @@ self.nixosModules.plume ./lib/lxc-container.nix ./hosts/containers/blogs - { - sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; - } + { sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; } ]; - system = "x86_64-linux"; }; }; - nixosModule = { imports = [ sops-nix.nixosModule ./lib ]; }; - nixosModules.c3d2 = self.nixosModule; - nixosModules.plume = import ./lib/plume.nix { inherit self; }; + nixosModule.imports = [ sops-nix.nixosModule ./lib ]; + nixosModules = { + c3d2 = self.nixosModule; + plume = { + imports = [ ./lib/plume.nix ]; + nixpkgs.overlays = [ fenix.overlay naersk.overlay ]; + }; + }; hydraJobs = forAllSystems (system: builtins.mapAttrs (_: nixpkgs.lib.hydraJob) ( diff --git a/lib/plume.nix b/lib/plume.nix index a258f781..530c5abd 100644 --- a/lib/plume.nix +++ b/lib/plume.nix @@ -1,8 +1,6 @@ -{ self }: - { config, lib, pkgs, ... }: let - plume = self.packages.${pkgs.system}.plume; + inherit (pkgs) plume; cfg = config.services.plume; in { diff --git a/overlay/default.nix b/overlay/default.nix index 2cb80d97..3dc21766 100644 --- a/overlay/default.nix +++ b/overlay/default.nix @@ -1,5 +1,3 @@ -{ naersk, fenix }: - final: prev: { @@ -17,7 +15,5 @@ final: prev: readsb = prev.callPackage ./readsb.nix { }; - plume = prev.callPackage ./plume { - inherit naersk fenix; - }; + plume = prev.callPackage ./plume { }; } diff --git a/overlay/plume/default.nix b/overlay/plume/default.nix index 577684f0..9988ddfc 100644 --- a/overlay/plume/default.nix +++ b/overlay/plume/default.nix @@ -1,25 +1,25 @@ { naersk, fenix -, system, stdenv, fetchFromGitHub, buildEnv +, stdenv, fetchFromGitHub, buildEnv , pkg-config, gettext, wasm-pack, wasm-bindgen-cli , openssl, postgresql }: let - rust = fenix.packages.${system}.complete.withComponents [ + rust = fenix.complete.withComponents [ "cargo" "rustc" ]; - naersk-lib = naersk.lib."${system}".override { + naersk' = naersk.override { cargo = rust; rustc = rust; }; - rust-wasm = with fenix.packages.${system}; + rust-wasm = with fenix; combine [ minimal.rustc minimal.cargo targets.wasm32-unknown-unknown.latest.rust-std ]; - naersk-lib-wasm = naersk.lib."${system}".override { + naersk-wasm = naersk.override { cargo = rust-wasm; rustc = rust-wasm; }; @@ -52,7 +52,7 @@ let installPhase = "cp -ar . $out"; }; - plume = naersk-lib.buildPackage { + plume = naersk'.buildPackage { pname = "plume"; inherit src version; @@ -73,7 +73,7 @@ let }; }; - plm = naersk-lib.buildPackage { + plm = naersk'.buildPackage { pname = "plm"; root = src; @@ -87,7 +87,7 @@ let cargoBuildOptions = x: x ++ [ "--package=plume-cli" ]; }; - plume-front = naersk-lib-wasm.buildPackage { + plume-front = naersk-wasm.buildPackage { pname = "plume-front"; root = src; nativeBuildInputs = [