Merge pull request #222 from benaryorg/mddoc
lib.mdDoc has been deprecated since 24.05
This commit is contained in:
commit
0fca61acc2
4 changed files with 70 additions and 43 deletions
14
flake.lock
14
flake.lock
|
@ -33,11 +33,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696019113,
|
"lastModified": 1725103162,
|
||||||
"narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
|
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
|
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -57,16 +57,16 @@
|
||||||
},
|
},
|
||||||
"stable": {
|
"stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696039360,
|
"lastModified": 1724316499,
|
||||||
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
|
"narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
|
"rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-23.05",
|
"ref": "nixos-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
|
33
flake.nix
33
flake.nix
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
stable.url = "github:NixOS/nixpkgs/nixos-23.05";
|
stable.url = "github:NixOS/nixpkgs/nixos-24.05";
|
||||||
|
|
||||||
flake-utils.url = "github:numtide/flake-utils";
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
|
|
||||||
|
@ -83,11 +83,21 @@
|
||||||
in if pkgs.stdenv.isLinux then import ./integration-tests {
|
in if pkgs.stdenv.isLinux then import ./integration-tests {
|
||||||
pkgs = import nixpkgs {
|
pkgs = import nixpkgs {
|
||||||
inherit system;
|
inherit system;
|
||||||
overlays = [ self.overlays.default inputsOverlay ];
|
overlays = [
|
||||||
|
self.overlays.default
|
||||||
|
inputsOverlay
|
||||||
|
|
||||||
|
self._evalJobsOverlay
|
||||||
|
];
|
||||||
};
|
};
|
||||||
pkgsStable = import stable {
|
pkgsStable = import stable {
|
||||||
inherit system;
|
inherit system;
|
||||||
overlays = [ self.overlays.default inputsOverlay ];
|
overlays = [
|
||||||
|
self.overlays.default
|
||||||
|
inputsOverlay
|
||||||
|
|
||||||
|
self._evalJobsOverlay
|
||||||
|
];
|
||||||
};
|
};
|
||||||
} else {};
|
} else {};
|
||||||
}) // {
|
}) // {
|
||||||
|
@ -104,6 +114,23 @@
|
||||||
inherit rawHive colmenaOptions colmenaModules;
|
inherit rawHive colmenaOptions colmenaModules;
|
||||||
hermetic = true;
|
hermetic = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Temporary fork of nix-eval-jobs with changes to be upstreamed
|
||||||
|
# Mostly for the integration test setup and not needed in most use cases
|
||||||
|
_evalJobsOverlay = final: prev: let
|
||||||
|
patched = prev.nix-eval-jobs.overrideAttrs (old: {
|
||||||
|
version = old.version + "-colmena";
|
||||||
|
patches = (old.patches or []) ++ [
|
||||||
|
# Allows NIX_PATH to be honored
|
||||||
|
(final.fetchpatch {
|
||||||
|
url = "https://github.com/zhaofengli/nix-eval-jobs/commit/6ff5972724230ac2b96eb1ec355cd25ca512ef57.patch";
|
||||||
|
hash = "sha256-2NiMYpw27N+X7Ixh2HkP3fcWvopDJWQDVjgRdhOL2QQ";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
});
|
||||||
|
in {
|
||||||
|
nix-eval-jobs = patched;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nixConfig = {
|
nixConfig = {
|
||||||
|
|
|
@ -129,6 +129,9 @@ let
|
||||||
extraDeployerConfig
|
extraDeployerConfig
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# FIXME: Colmena flake support is broken with Nix 2.24
|
||||||
|
nix.package = pkgs.nixVersions.nix_2_18;
|
||||||
|
|
||||||
nix.registry = lib.mkIf (pkgs ? _inputs) {
|
nix.registry = lib.mkIf (pkgs ? _inputs) {
|
||||||
nixpkgs.flake = pkgs._inputs.nixpkgs;
|
nixpkgs.flake = pkgs._inputs.nixpkgs;
|
||||||
};
|
};
|
||||||
|
@ -140,7 +143,7 @@ let
|
||||||
nix.settings.substituters = lib.mkForce [];
|
nix.settings.substituters = lib.mkForce [];
|
||||||
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
memorySize = 4096;
|
memorySize = 6144;
|
||||||
writableStore = true;
|
writableStore = true;
|
||||||
additionalPaths = [
|
additionalPaths = [
|
||||||
"${pkgs.path}"
|
"${pkgs.path}"
|
||||||
|
|
|
@ -1,18 +1,17 @@
|
||||||
with builtins; rec {
|
with builtins; rec {
|
||||||
keyType = { lib, name, config, ... }: let
|
keyType = { lib, name, config, ... }: let
|
||||||
inherit (lib) types;
|
inherit (lib) types;
|
||||||
mdDoc = lib.mdDoc or (md: md);
|
|
||||||
in {
|
in {
|
||||||
options = {
|
options = {
|
||||||
name = lib.mkOption {
|
name = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
File name of the key.
|
File name of the key.
|
||||||
'';
|
'';
|
||||||
default = name;
|
default = name;
|
||||||
type = types.str;
|
type = types.str;
|
||||||
};
|
};
|
||||||
text = lib.mkOption {
|
text = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Content of the key.
|
Content of the key.
|
||||||
One of `text`, `keyCommand` and `keyFile` must be set.
|
One of `text`, `keyCommand` and `keyFile` must be set.
|
||||||
'';
|
'';
|
||||||
|
@ -20,7 +19,7 @@ with builtins; rec {
|
||||||
type = types.nullOr types.str;
|
type = types.nullOr types.str;
|
||||||
};
|
};
|
||||||
keyFile = lib.mkOption {
|
keyFile = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Path of the local file to read the key from.
|
Path of the local file to read the key from.
|
||||||
One of `text`, `keyCommand` and `keyFile` must be set.
|
One of `text`, `keyCommand` and `keyFile` must be set.
|
||||||
'';
|
'';
|
||||||
|
@ -29,7 +28,7 @@ with builtins; rec {
|
||||||
type = types.nullOr types.path;
|
type = types.nullOr types.path;
|
||||||
};
|
};
|
||||||
keyCommand = lib.mkOption {
|
keyCommand = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Command to run to generate the key.
|
Command to run to generate the key.
|
||||||
One of `text`, `keyCommand` and `keyFile` must be set.
|
One of `text`, `keyCommand` and `keyFile` must be set.
|
||||||
'';
|
'';
|
||||||
|
@ -39,14 +38,14 @@ with builtins; rec {
|
||||||
in types.nullOr nonEmptyList;
|
in types.nullOr nonEmptyList;
|
||||||
};
|
};
|
||||||
destDir = lib.mkOption {
|
destDir = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Destination directory on the host.
|
Destination directory on the host.
|
||||||
'';
|
'';
|
||||||
default = "/run/keys";
|
default = "/run/keys";
|
||||||
type = types.path;
|
type = types.path;
|
||||||
};
|
};
|
||||||
path = lib.mkOption {
|
path = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Full path to the destination.
|
Full path to the destination.
|
||||||
'';
|
'';
|
||||||
default = "${config.destDir}/${config.name}";
|
default = "${config.destDir}/${config.name}";
|
||||||
|
@ -54,28 +53,28 @@ with builtins; rec {
|
||||||
internal = true;
|
internal = true;
|
||||||
};
|
};
|
||||||
user = lib.mkOption {
|
user = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The group that will own the file.
|
The group that will own the file.
|
||||||
'';
|
'';
|
||||||
default = "root";
|
default = "root";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
};
|
};
|
||||||
group = lib.mkOption {
|
group = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The group that will own the file.
|
The group that will own the file.
|
||||||
'';
|
'';
|
||||||
default = "root";
|
default = "root";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
};
|
};
|
||||||
permissions = lib.mkOption {
|
permissions = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Permissions to set for the file.
|
Permissions to set for the file.
|
||||||
'';
|
'';
|
||||||
default = "0600";
|
default = "0600";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
};
|
};
|
||||||
uploadAt = lib.mkOption {
|
uploadAt = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
When to upload the keys.
|
When to upload the keys.
|
||||||
|
|
||||||
- pre-activation (default): Upload the keys before activating the new system profile.
|
- pre-activation (default): Upload the keys before activating the new system profile.
|
||||||
|
@ -94,12 +93,11 @@ with builtins; rec {
|
||||||
# Largely compatible with NixOps/Morph.
|
# Largely compatible with NixOps/Morph.
|
||||||
deploymentOptions = { name, lib, ... }: let
|
deploymentOptions = { name, lib, ... }: let
|
||||||
inherit (lib) types;
|
inherit (lib) types;
|
||||||
mdDoc = lib.mdDoc or (md: md);
|
|
||||||
in {
|
in {
|
||||||
options = {
|
options = {
|
||||||
deployment = {
|
deployment = {
|
||||||
targetHost = lib.mkOption {
|
targetHost = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The target SSH node for deployment.
|
The target SSH node for deployment.
|
||||||
|
|
||||||
By default, the node's attribute name will be used.
|
By default, the node's attribute name will be used.
|
||||||
|
@ -109,7 +107,7 @@ with builtins; rec {
|
||||||
default = name;
|
default = name;
|
||||||
};
|
};
|
||||||
targetPort = lib.mkOption {
|
targetPort = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The target SSH port for deployment.
|
The target SSH port for deployment.
|
||||||
|
|
||||||
By default, the port is the standard port (22) or taken
|
By default, the port is the standard port (22) or taken
|
||||||
|
@ -119,7 +117,7 @@ with builtins; rec {
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
targetUser = lib.mkOption {
|
targetUser = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The user to use to log into the remote node. If set to null, the
|
The user to use to log into the remote node. If set to null, the
|
||||||
target user will not be specified in SSH invocations.
|
target user will not be specified in SSH invocations.
|
||||||
'';
|
'';
|
||||||
|
@ -127,7 +125,7 @@ with builtins; rec {
|
||||||
default = "root";
|
default = "root";
|
||||||
};
|
};
|
||||||
allowLocalDeployment = lib.mkOption {
|
allowLocalDeployment = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Allow the configuration to be applied locally on the host running
|
Allow the configuration to be applied locally on the host running
|
||||||
Colmena.
|
Colmena.
|
||||||
|
|
||||||
|
@ -144,7 +142,7 @@ with builtins; rec {
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
buildOnTarget = lib.mkOption {
|
buildOnTarget = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Whether to build the system profiles on the target node itself.
|
Whether to build the system profiles on the target node itself.
|
||||||
|
|
||||||
When enabled, Colmena will copy the derivation to the target
|
When enabled, Colmena will copy the derivation to the target
|
||||||
|
@ -164,7 +162,7 @@ with builtins; rec {
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
tags = lib.mkOption {
|
tags = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
A list of tags for the node.
|
A list of tags for the node.
|
||||||
|
|
||||||
Can be used to select a group of nodes for deployment.
|
Can be used to select a group of nodes for deployment.
|
||||||
|
@ -173,7 +171,7 @@ with builtins; rec {
|
||||||
default = [];
|
default = [];
|
||||||
};
|
};
|
||||||
keys = lib.mkOption {
|
keys = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
A set of secrets to be deployed to the node.
|
A set of secrets to be deployed to the node.
|
||||||
|
|
||||||
Secrets are transferred to the node out-of-band and
|
Secrets are transferred to the node out-of-band and
|
||||||
|
@ -183,7 +181,7 @@ with builtins; rec {
|
||||||
default = {};
|
default = {};
|
||||||
};
|
};
|
||||||
replaceUnknownProfiles = lib.mkOption {
|
replaceUnknownProfiles = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Allow a configuration to be applied to a host running a profile we
|
Allow a configuration to be applied to a host running a profile we
|
||||||
have no knowledge of. By setting this option to false, you reduce
|
have no knowledge of. By setting this option to false, you reduce
|
||||||
the likelyhood of rolling back changes made via another Colmena user.
|
the likelyhood of rolling back changes made via another Colmena user.
|
||||||
|
@ -199,7 +197,7 @@ with builtins; rec {
|
||||||
default = true;
|
default = true;
|
||||||
};
|
};
|
||||||
privilegeEscalationCommand = lib.mkOption {
|
privilegeEscalationCommand = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Command to use to elevate privileges when activating the new profiles on SSH hosts.
|
Command to use to elevate privileges when activating the new profiles on SSH hosts.
|
||||||
|
|
||||||
This is used on SSH hosts when `deployment.targetUser` is not `root`.
|
This is used on SSH hosts when `deployment.targetUser` is not `root`.
|
||||||
|
@ -209,7 +207,7 @@ with builtins; rec {
|
||||||
default = [ "sudo" "-H" "--" ];
|
default = [ "sudo" "-H" "--" ];
|
||||||
};
|
};
|
||||||
sshOptions = lib.mkOption {
|
sshOptions = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Extra SSH options to pass to the SSH command.
|
Extra SSH options to pass to the SSH command.
|
||||||
'';
|
'';
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
|
@ -221,29 +219,28 @@ with builtins; rec {
|
||||||
# Hive-wide options
|
# Hive-wide options
|
||||||
metaOptions = { lib, ... }: let
|
metaOptions = { lib, ... }: let
|
||||||
inherit (lib) types;
|
inherit (lib) types;
|
||||||
mdDoc = lib.mdDoc or (md: md);
|
|
||||||
in {
|
in {
|
||||||
options = {
|
options = {
|
||||||
name = lib.mkOption {
|
name = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The name of the configuration.
|
The name of the configuration.
|
||||||
'';
|
'';
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "hive";
|
default = "hive";
|
||||||
};
|
};
|
||||||
description = lib.mkOption {
|
description = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
A short description for the configuration.
|
A short description for the configuration.
|
||||||
'';
|
'';
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "A Colmena Hive";
|
default = "A Colmena Hive";
|
||||||
};
|
};
|
||||||
nixpkgs = lib.mkOption {
|
nixpkgs = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
The pinned Nixpkgs package set. Accepts one of the following:
|
The pinned Nixpkgs package set. Accepts one of the following:
|
||||||
|
|
||||||
- A path to a Nixpkgs checkout
|
- A path to a Nixpkgs checkout
|
||||||
- The Nixpkgs lambda (e.g., import \<nixpkgs\>)
|
- The Nixpkgs lambda (e.g., import <nixpkgs>)
|
||||||
- An initialized Nixpkgs attribute set
|
- An initialized Nixpkgs attribute set
|
||||||
|
|
||||||
This option must be specified when using Flakes.
|
This option must be specified when using Flakes.
|
||||||
|
@ -252,21 +249,21 @@ with builtins; rec {
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
nodeNixpkgs = lib.mkOption {
|
nodeNixpkgs = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Node-specific Nixpkgs pins.
|
Node-specific Nixpkgs pins.
|
||||||
'';
|
'';
|
||||||
type = types.attrsOf types.unspecified;
|
type = types.attrsOf types.unspecified;
|
||||||
default = {};
|
default = {};
|
||||||
};
|
};
|
||||||
nodeSpecialArgs = lib.mkOption {
|
nodeSpecialArgs = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Node-specific special args.
|
Node-specific special args.
|
||||||
'';
|
'';
|
||||||
type = types.attrsOf types.unspecified;
|
type = types.attrsOf types.unspecified;
|
||||||
default = {};
|
default = {};
|
||||||
};
|
};
|
||||||
machinesFile = lib.mkOption {
|
machinesFile = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Use the machines listed in this file when building this hive configuration.
|
Use the machines listed in this file when building this hive configuration.
|
||||||
|
|
||||||
If your Colmena host has nix configured to allow for remote builds
|
If your Colmena host has nix configured to allow for remote builds
|
||||||
|
@ -290,7 +287,7 @@ with builtins; rec {
|
||||||
type = types.nullOr types.path;
|
type = types.nullOr types.path;
|
||||||
};
|
};
|
||||||
specialArgs = lib.mkOption {
|
specialArgs = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
A set of special arguments to be passed to NixOS modules.
|
A set of special arguments to be passed to NixOS modules.
|
||||||
|
|
||||||
This will be merged into the `specialArgs` used to evaluate
|
This will be merged into the `specialArgs` used to evaluate
|
||||||
|
@ -300,7 +297,7 @@ with builtins; rec {
|
||||||
type = types.attrsOf types.unspecified;
|
type = types.attrsOf types.unspecified;
|
||||||
};
|
};
|
||||||
allowApplyAll = lib.mkOption {
|
allowApplyAll = lib.mkOption {
|
||||||
description = mdDoc ''
|
description = ''
|
||||||
Whether to allow deployments without a node filter set.
|
Whether to allow deployments without a node filter set.
|
||||||
|
|
||||||
If set to false, a node filter must be specified with `--on` when
|
If set to false, a node filter must be specified with `--on` when
|
||||||
|
|
Loading…
Reference in a new issue