c3d2/nix-config
c3d2
/
nix-config
23
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

Tidy up flake.nix

This commit is contained in:
Ehmry - 2022-01-13 18:38:36 +01:00
parent ddc5a3f9a5
commit 594c5e357d
4 changed files with 48 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
flake.nix
View File

@ -30,20 +30,20 @@
outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, heliwatch, sops-nix, naersk, fenix, ... }: outputs = inputs@{ self, nixpkgs, secrets, nixos-hardware, zentralwerk, yammat, scrapers, spacemsg, tigger, ticker, heliwatch, sops-nix, naersk, fenix, ... }:
let let
forAllSystems = nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ]; inherit (nixpkgs) lib;
forAllSystems = lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
inherit (nixpkgs.lib) recursiveUpdate;
extractZwHosts = { hosts4, hosts6, ... }: extractZwHosts = { hosts4, hosts6, ... }:
recursiveUpdate ( lib.recursiveUpdate (
builtins.foldl' (result: name: builtins.foldl' (result: name:
recursiveUpdate result { lib.recursiveUpdate result {
"${name}".ip4 = hosts4."${name}"; "${name}".ip4 = hosts4."${name}";
} }
) {} (builtins.attrNames hosts4) ) {} (builtins.attrNames hosts4)
) ( ) (
builtins.foldl' (result: ctx: builtins.foldl' (result: ctx:
builtins.foldl' (result: name: builtins.foldl' (result: name:
recursiveUpdate result { lib.recursiveUpdate result {
"${name}".ip6 = hosts6."${ctx}"."${name}"; "${name}".ip6 = hosts6."${ctx}"."${name}";
} }
) result (builtins.attrNames hosts6."${ctx}") ) result (builtins.attrNames hosts6."${ctx}")
@ -52,11 +52,11 @@
zwHostRegistry = { zwHostRegistry = {
hosts = hosts =
builtins.foldl' (result: net: builtins.foldl' (result: net:
recursiveUpdate result (extractZwHosts zentralwerk.lib.config.site.net."${net}") lib.recursiveUpdate result (extractZwHosts zentralwerk.lib.config.site.net."${net}")
) {} [ "core" "c3d2" "serv" ]; ) {} [ "core" "c3d2" "serv" ];
}; };
extraHostRegistry = import ./host-registry.nix; extraHostRegistry = import ./host-registry.nix;
hostRegistry = nixpkgs.lib.recursiveUpdate zwHostRegistry extraHostRegistry; hostRegistry = lib.recursiveUpdate zwHostRegistry extraHostRegistry;
flakifiedHosts = nixpkgs.lib.filterAttrs (name: _: self.nixosConfigurations ? "${name}") hostRegistry.hosts; flakifiedHosts = nixpkgs.lib.filterAttrs (name: _: self.nixosConfigurations ? "${name}") hostRegistry.hosts;
@ -70,18 +70,17 @@
then hostConf.ip6 then hostConf.ip6
else throw "Host ${name} has no ip4 or ip6 address"; else throw "Host ${name} has no ip4 or ip6 address";
in { in {
overlay = import ./overlay { overlay = import ./overlay;
inherit naersk fenix;
};
legacyPackages = forAllSystems (system: nixpkgs.legacyPackages."${system}".extend self.overlay); legacyPackages = lib.attrsets.mapAttrs
(system: pkgs: pkgs.appendOverlays
[ fenix.overlay naersk.overlay self.overlay ])
nixpkgs.legacyPackages;
packages = forAllSystems (system: packages = lib.attrsets.mapAttrs (system: pkgs:
let let overlayPkgs = builtins.intersectAttrs (self.overlay {} {}) pkgs;
pkgs = self.legacyPackages."${system}"; in overlayPkgs //
overlayPkgs = self.overlay overlayPkgs pkgs; {
in {
inherit (pkgs) bmxd;
list-upgradable = pkgs.writeScriptBin "list-upgradable" '' list-upgradable = pkgs.writeScriptBin "list-upgradable" ''
#! ${pkgs.runtimeShell} #! ${pkgs.runtimeShell}
@ -142,8 +141,6 @@
} // } //
overlayPkgs //
builtins.foldl' (result: host: result // { builtins.foldl' (result: host: result // {
# TODO: check if the ethernet address is reachable and if not, # TODO: check if the ethernet address is reachable and if not,
# execute wol on a machine in HQ. # execute wol on a machine in HQ.
@ -189,12 +186,12 @@
}) {} (builtins.attrNames (nixpkgs.lib.filterAttrs (host: nixosConfiguration: }) {} (builtins.attrNames (nixpkgs.lib.filterAttrs (host: nixosConfiguration:
nixosConfiguration.config.system.build ? sdImage nixosConfiguration.config.system.build ? sdImage
) self.nixosConfigurations)) ) self.nixosConfigurations))
); ) self.legacyPackages;
nixosConfigurations = let nixosConfigurations = let
nixosSystem' = nixosSystem' =
# Our custom NixOS builder # Our custom NixOS builder
{ nixpkgs ? inputs.nixpkgs, modules, extraArgs ? {}, system }: { nixpkgs ? inputs.nixpkgs, modules, extraArgs ? {}, system ? "x86_64-linux" }:
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
inherit system; inherit system;
@ -215,13 +212,12 @@
freifunk = nixosSystem' { freifunk = nixosSystem' {
modules = [ modules = [
./hosts/containers/freifunk ./hosts/containers/freifunk
(_: { {
nixpkgs.overlays = with secrets.overlays; [ nixpkgs.overlays = with secrets.overlays; [
freifunk ospf freifunk ospf
]; ];
}) }
]; ];
system = "x86_64-linux";
}; };
gitea = nixosSystem' { gitea = nixosSystem' {
@ -230,7 +226,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/gitea ./hosts/containers/gitea
]; ];
system = "x86_64-linux";
}; };
glotzbert = nixosSystem' { glotzbert = nixosSystem' {
@ -243,14 +238,12 @@
sops.defaultSopsFile = "${secrets}/hosts/glotzbert/secrets.yaml"; sops.defaultSopsFile = "${secrets}/hosts/glotzbert/secrets.yaml";
} }
]; ];
system = "x86_64-linux";
}; };
nix-build = nixosSystem' { nix-build = nixosSystem' {
modules = [ modules = [
./hosts/containers/nix-build ./hosts/containers/nix-build
]; ];
system = "x86_64-linux";
}; };
pulsebert = nixosSystem' { pulsebert = nixosSystem' {
@ -263,11 +256,12 @@
radiobert = nixosSystem' { radiobert = nixosSystem' {
modules = [ modules = [
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" ({ modulesPath, ... }:
{ {
imports = [ "${modulesPath}/installer/sd-card/sd-image-aarch64.nix" ];
nixpkgs.overlays = [ heliwatch.overlay ]; nixpkgs.overlays = [ heliwatch.overlay ];
sops.defaultSopsFile = "${secrets}/hosts/radiobert/secrets.yaml"; sops.defaultSopsFile = "${secrets}/hosts/radiobert/secrets.yaml";
} })
./hosts/radiobert ./hosts/radiobert
]; ];
system = "aarch64-linux"; system = "aarch64-linux";
@ -324,7 +318,6 @@
nixpkgs.overlays = [ secrets.overlays.ospf ]; nixpkgs.overlays = [ secrets.overlays.ospf ];
}) })
]; ];
system = "x86_64-linux";
}; };
matemat = nixosSystem' { matemat = nixosSystem' {
@ -337,19 +330,15 @@
nixpkgs.overlays = [ secrets.overlays.matemat ]; nixpkgs.overlays = [ secrets.overlays.matemat ];
}) })
]; ];
system = "x86_64-linux";
}; };
scrape = nixosSystem' { scrape = nixosSystem' {
modules = [ modules = [
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/scrape ./hosts/containers/scrape
(_: { { nixpkgs.overlays = [ secrets.overlays.scrape ]; }
nixpkgs.overlays = [ secrets.overlays.scrape ];
})
]; ];
extraArgs = { inherit scrapers; }; extraArgs = { inherit scrapers; };
system = "x86_64-linux";
}; };
dn42 = nixosSystem' { dn42 = nixosSystem' {
@ -361,7 +350,6 @@
sops.defaultSopsFile = "${secrets}/hosts/dn42/secrets.yaml"; sops.defaultSopsFile = "${secrets}/hosts/dn42/secrets.yaml";
} }
]; ];
system = "x86_64-linux";
}; };
grafana = nixosSystem' { grafana = nixosSystem' {
@ -369,7 +357,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/grafana ./hosts/containers/grafana
]; ];
system = "x86_64-linux";
}; };
hydra = nixosSystem' { hydra = nixosSystem' {
@ -380,7 +367,6 @@
sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml"; sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml";
} }
]; ];
system = "x86_64-linux";
}; };
mucbot = nixosSystem' { mucbot = nixosSystem' {
@ -391,7 +377,6 @@
./hosts/containers/mucbot ./hosts/containers/mucbot
]; ];
extraArgs = { inherit tigger; }; extraArgs = { inherit tigger; };
system = "x86_64-linux";
}; };
kibana = nixosSystem' { kibana = nixosSystem' {
@ -399,7 +384,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/kibana ./hosts/containers/kibana
]; ];
system = "x86_64-linux";
}; };
public-access-proxy = nixosSystem' { public-access-proxy = nixosSystem' {
@ -410,7 +394,6 @@
extraArgs = { extraArgs = {
inherit (self) nixosConfigurations; inherit (self) nixosConfigurations;
}; };
system = "x86_64-linux";
}; };
ticker = nixosSystem' { ticker = nixosSystem' {
@ -419,7 +402,6 @@
"${ticker}/nixos-module.nix" "${ticker}/nixos-module.nix"
./hosts/containers/ticker ./hosts/containers/ticker
]; ];
system = "x86_64-linux";
}; };
spaceapi = nixosSystem' { spaceapi = nixosSystem' {
@ -428,7 +410,6 @@
"${spacemsg}/spaceapi/module.nix" "${spacemsg}/spaceapi/module.nix"
./hosts/containers/spaceapi ./hosts/containers/spaceapi
]; ];
system = "x86_64-linux";
}; };
stream = nixosSystem' { stream = nixosSystem' {
@ -436,7 +417,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/stream ./hosts/containers/stream
]; ];
system = "x86_64-linux";
}; };
mobilizon = nixosSystem' { mobilizon = nixosSystem' {
@ -446,7 +426,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/mobilizon ./hosts/containers/mobilizon
]; ];
system = "x86_64-linux";
}; };
mail = nixosSystem' { mail = nixosSystem' {
@ -454,7 +433,6 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/mail ./hosts/containers/mail
]; ];
system = "x86_64-linux";
}; };
logging = nixosSystem' { logging = nixosSystem' {
@ -462,34 +440,25 @@
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/logging ./hosts/containers/logging
]; ];
system = "x86_64-linux";
}; };
keycloak = nixosSystem' { keycloak = nixosSystem' {
modules = [ modules = [
./lib/lxc-container.nix ./lib/lxc-container.nix
(_: {
nixpkgs.overlays = with secrets.overlays; [
keycloak
];
})
./hosts/containers/keycloak ./hosts/containers/keycloak
{ nixpkgs.overlays = with secrets.overlays; [ keycloak ]; }
]; ];
system = "x86_64-linux";
}; };
c3d2-web = nixosSystem' { c3d2-web = nixosSystem' {
modules = [ modules = [
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/c3d2-web ./hosts/containers/c3d2-web
(_: { { nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; }
nixpkgs.overlays = [ secrets.overlays.c3d2-web ];
})
]; ];
extraArgs = { extraArgs = {
inherit nixpkgs; inherit nixpkgs;
}; };
system = "x86_64-linux";
}; };
sdrweb = nixosSystem' { sdrweb = nixosSystem' {
@ -499,44 +468,30 @@
heliwatch.nixosModules.heliwatch heliwatch.nixosModules.heliwatch
./hosts/containers/sdrweb ./hosts/containers/sdrweb
]; ];
system = "x86_64-linux";
}; };
bind = nixosSystem' { bind = nixosSystem' {
modules = [ modules = [
(_: { { nixpkgs.overlays = with secrets.overlays; [ bind ]; }
nixpkgs.overlays = with secrets.overlays; [
bind
];
})
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/bind ./hosts/containers/bind
]; ];
system = "x86_64-linux";
}; };
jabber = nixosSystem' { jabber = nixosSystem' {
modules = [ modules = [
(_: { { nixpkgs.overlays = with secrets.overlays; [ jabber ]; }
nixpkgs.overlays = with secrets.overlays; [
jabber
];
})
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/jabber ./hosts/containers/jabber
]; ];
system = "x86_64-linux";
}; };
storage-ng = nixosSystem' { storage-ng = nixosSystem' {
modules = [ modules = [
./hosts/storage-ng ./hosts/storage-ng
secrets.nixosModules.admins secrets.nixosModules.admins
{ { sops.defaultSopsFile = "${secrets}/hosts/storage-ng/secrets.yaml"; }
sops.defaultSopsFile = "${secrets}/hosts/storage-ng/secrets.yaml";
}
]; ];
system = "x86_64-linux";
}; };
blogs = nixosSystem' { blogs = nixosSystem' {
@ -544,18 +499,20 @@
self.nixosModules.plume self.nixosModules.plume
./lib/lxc-container.nix ./lib/lxc-container.nix
./hosts/containers/blogs ./hosts/containers/blogs
{ { sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; }
sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml";
}
]; ];
system = "x86_64-linux";
}; };
}; };
nixosModule = { imports = [ sops-nix.nixosModule ./lib ]; }; nixosModule.imports = [ sops-nix.nixosModule ./lib ];
nixosModules.c3d2 = self.nixosModule; nixosModules = {
nixosModules.plume = import ./lib/plume.nix { inherit self; }; c3d2 = self.nixosModule;
plume = {
imports = [ ./lib/plume.nix ];
nixpkgs.overlays = [ fenix.overlay naersk.overlay ];
};
};
hydraJobs = forAllSystems (system: hydraJobs = forAllSystems (system:
builtins.mapAttrs (_: nixpkgs.lib.hydraJob) ( builtins.mapAttrs (_: nixpkgs.lib.hydraJob) (

4
lib/plume.nix
View File

@ -1,8 +1,6 @@
{ self }:
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
plume = self.packages.${pkgs.system}.plume; inherit (pkgs) plume;
cfg = config.services.plume; cfg = config.services.plume;
in in
{ {

6
overlay/default.nix
View File

@ -1,5 +1,3 @@
{ naersk, fenix }:
final: prev: final: prev:
{ {
@ -17,7 +15,5 @@ final: prev:
readsb = prev.callPackage ./readsb.nix { }; readsb = prev.callPackage ./readsb.nix { };
plume = prev.callPackage ./plume { plume = prev.callPackage ./plume { };
inherit naersk fenix;
};
} }

16
overlay/plume/default.nix
View File

@ -1,25 +1,25 @@
{ naersk, fenix { naersk, fenix
, system, stdenv, fetchFromGitHub, buildEnv , stdenv, fetchFromGitHub, buildEnv
, pkg-config, gettext, wasm-pack, wasm-bindgen-cli , pkg-config, gettext, wasm-pack, wasm-bindgen-cli
, openssl, postgresql , openssl, postgresql
}: }:
let let
rust = fenix.packages.${system}.complete.withComponents [ rust = fenix.complete.withComponents [
"cargo" "cargo"
"rustc" "rustc"
]; ];
naersk-lib = naersk.lib."${system}".override { naersk' = naersk.override {
cargo = rust; cargo = rust;
rustc = rust; rustc = rust;
}; };
rust-wasm = with fenix.packages.${system}; rust-wasm = with fenix;
combine [ combine [
minimal.rustc minimal.rustc
minimal.cargo minimal.cargo
targets.wasm32-unknown-unknown.latest.rust-std targets.wasm32-unknown-unknown.latest.rust-std
]; ];
naersk-lib-wasm = naersk.lib."${system}".override { naersk-wasm = naersk.override {
cargo = rust-wasm; cargo = rust-wasm;
rustc = rust-wasm; rustc = rust-wasm;
}; };
@ -52,7 +52,7 @@ let
installPhase = "cp -ar . $out"; installPhase = "cp -ar . $out";
}; };
plume = naersk-lib.buildPackage { plume = naersk'.buildPackage {
pname = "plume"; pname = "plume";
inherit src version; inherit src version;
@ -73,7 +73,7 @@ let
}; };
}; };
plm = naersk-lib.buildPackage { plm = naersk'.buildPackage {
pname = "plm"; pname = "plm";
root = src; root = src;
@ -87,7 +87,7 @@ let
cargoBuildOptions = x: x ++ [ "--package=plume-cli" ]; cargoBuildOptions = x: x ++ [ "--package=plume-cli" ];
}; };
plume-front = naersk-lib-wasm.buildPackage { plume-front = naersk-wasm.buildPackage {
pname = "plume-front"; pname = "plume-front";
root = src; root = src;
nativeBuildInputs = [ nativeBuildInputs = [