feat(infra): Rework nixpkgs version management
All checks were successful
Check meta / check_meta (push) Successful in 20s
Check meta / check_dns (push) Successful in 43s
build configuration / build_storage01 (push) Successful in 58s
build configuration / build_compute01 (push) Successful in 1m4s
build configuration / build_vault01 (push) Successful in 52s
build configuration / build_web02 (push) Successful in 51s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 47s
build configuration / build_web01 (push) Successful in 1m21s
All checks were successful
Check meta / check_meta (push) Successful in 20s
Check meta / check_dns (push) Successful in 43s
build configuration / build_storage01 (push) Successful in 58s
build configuration / build_compute01 (push) Successful in 1m4s
build configuration / build_vault01 (push) Successful in 52s
build configuration / build_web02 (push) Successful in 51s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 47s
build configuration / build_web01 (push) Successful in 1m21s
This commit is contained in:
parent
47d09f6ffa
commit
b36b0d7d67
7 changed files with 38 additions and 21 deletions
32
hive.nix
32
hive.nix
|
@ -16,23 +16,34 @@ let
|
|||
];
|
||||
};
|
||||
|
||||
mkPatchedNixpkgs =
|
||||
version:
|
||||
nixpkgs' = import ./meta/nixpkgs.nix;
|
||||
# All supported nixpkgs versions, instanciated
|
||||
nixpkgs = lib.mapSingleFuse mkNixpkgs nixpkgs'.supported;
|
||||
|
||||
# Get the configured nixos version for the node,
|
||||
# defaulting to the one defined in meta/nixpkgs
|
||||
version = node: nodes'.${node}.nixpkgs or nixpkgs'.default;
|
||||
|
||||
# Builds a patched version of nixpkgs, only as the source
|
||||
mkNixpkgs' =
|
||||
v:
|
||||
let
|
||||
version = "nixos-${v}";
|
||||
in
|
||||
patch.mkNixpkgsSrc {
|
||||
src = sources.${version};
|
||||
inherit version;
|
||||
};
|
||||
|
||||
mkNixpkgs = version: import (mkPatchedNixpkgs version) { };
|
||||
|
||||
mkNixpkgsVersion = node: "nixos-${nodes'.${node}.nixpkgs or (import ./meta/nixpkgs.nix)}";
|
||||
# Instanciates the required nixpkgs version
|
||||
mkNixpkgs = version: import (mkNixpkgs' version) { };
|
||||
|
||||
###
|
||||
# Function to create arguments based on the node
|
||||
#
|
||||
mkArgs = node: rec {
|
||||
lib = import sources.nix-lib {
|
||||
inherit (mkNixpkgs (mkNixpkgsVersion node)) lib;
|
||||
inherit (nixpkgs.${version node}) lib;
|
||||
|
||||
keysRoot = ./keys;
|
||||
};
|
||||
|
@ -40,14 +51,13 @@ let
|
|||
meta = (import ./meta) lib;
|
||||
};
|
||||
in
|
||||
# nodes = builtins.attrNames metadata.nodes;
|
||||
|
||||
{
|
||||
meta = {
|
||||
nodeNixpkgs = lib.mapSingleFuse (n: mkNixpkgs (mkNixpkgsVersion n)) nodes;
|
||||
nodeNixpkgs = lib.mapSingleFuse (n: nixpkgs.${version n}) nodes;
|
||||
|
||||
specialArgs = {
|
||||
inherit sources;
|
||||
inherit mkNixpkgs;
|
||||
inherit nixpkgs sources;
|
||||
};
|
||||
|
||||
nodeSpecialArgs = lib.mapSingleFuse mkArgs nodes;
|
||||
|
@ -66,7 +76,7 @@ in
|
|||
inherit (meta.nodes.${name}) deployment;
|
||||
|
||||
# Set NIX_PATH to the patched version of nixpkgs
|
||||
nix.nixPath = [ "nixpkgs=${mkPatchedNixpkgs (mkNixpkgsVersion name)}" ];
|
||||
nix.nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
|
||||
nix.optimise.automatic = true;
|
||||
|
||||
# Allow unfree packages
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, sources, ... }:
|
||||
{ config, nixpkgs, ... }:
|
||||
|
||||
let
|
||||
domain = "sso.dgnum.eu";
|
||||
|
@ -18,7 +18,7 @@ in
|
|||
services.kanidm = {
|
||||
enableServer = true;
|
||||
|
||||
package = (import sources.nixos-unstable { }).kanidm;
|
||||
package = nixpkgs.unstable.kanidm;
|
||||
|
||||
serverSettings = {
|
||||
inherit domain;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
sources,
|
||||
nixpkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
|
@ -43,7 +43,7 @@ in
|
|||
pkgs.colmena
|
||||
pkgs.npins
|
||||
pkgs.tea
|
||||
(import sources.nixpkgs { }).nixfmt-rfc-style
|
||||
nixpkgs.unstable.nixfmt-rfc-style
|
||||
];
|
||||
|
||||
containerOptions = [ "--cpus=4" ];
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
mkNixpkgs,
|
||||
nixpkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
|
@ -13,7 +13,7 @@ in
|
|||
services = {
|
||||
netbox = {
|
||||
enable = true;
|
||||
package = (mkNixpkgs "nixos-unstable").netbox_3_7;
|
||||
package = nixpkgs.unstable.netbox_3_7;
|
||||
secretKeyFile = "/dev/null";
|
||||
listenAddress = "127.0.0.1";
|
||||
plugins = p: [ p.netbox-qrcode ];
|
||||
|
|
|
@ -1,2 +1,10 @@
|
|||
# Default version of nixpkgs to use
|
||||
"23.11"
|
||||
{
|
||||
# Default version of nixpkgs to use
|
||||
default = "23.11";
|
||||
|
||||
# Supported nixpkgs versions
|
||||
supported = [
|
||||
"unstable"
|
||||
"23.11"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -89,7 +89,7 @@ in
|
|||
|
||||
nixpkgs = mkOption {
|
||||
type = str;
|
||||
default = import ./nixpkgs.nix;
|
||||
inherit (import ./nixpkgs.nix) default;
|
||||
description = ''
|
||||
Version of nixpkgs to use.
|
||||
'';
|
||||
|
|
|
@ -6,7 +6,6 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
inherit (config.deployment) tags;
|
||||
inherit (config.networking) hostName domain;
|
||||
in
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue