feat: init AP management via Colmena and Liminix #110

Open
rlahfa wants to merge 28 commits from colmena-liminix into main
7 changed files with 83 additions and 114 deletions
Showing only changes of commit 5a8fe24dce - Show all commits

View file

@ -37,8 +37,6 @@
let let
sources = import ./npins; sources = import ./npins;
pkgs = import sources.nixpkgs { }; pkgs = import sources.nixpkgs { };
liminixHive = import ./liminix-hive.nix { inherit sources; };
pre-commit-check = (import sources.pre-commit-hooks).run { pre-commit-check = (import sources.pre-commit-hooks).run {
src = ./.; src = ./.;
@ -72,19 +70,13 @@ in
name = "dgnum-infra"; name = "dgnum-infra";
packages = packages =
( (with pkgs; [
with pkgs; npins
[ nixos-generators
npins attic-client
nixos-generators (callPackage (sources.disko + "/package.nix") { })
attic-client (callPackage ./lib/colmena { colmena = import sources.colmena; })
liminixHive.liminix.pkgs.pkgsBuildBuild.min-copy-closure ])
]
++ (builtins.map (p: callPackage p { }) [
(sources.disko + "/package.nix")
./lib/colmena
])
)
++ (import ./scripts { inherit pkgs; }); ++ (import ./scripts { inherit pkgs; });
shellHook = '' shellHook = ''

111
hive.nix
View file

@ -2,6 +2,7 @@ let
sources = import ./npins; sources = import ./npins;
lib = import (sources.nix-lib + "/src/trivial.nix"); lib = import (sources.nix-lib + "/src/trivial.nix");
lib' = (import sources.nixos-unstable { }).lib;
patch = import sources.nix-patches { patchFile = ./patches; }; patch = import sources.nix-patches { patchFile = ./patches; };
@ -14,6 +15,8 @@ let
"_configuration.nix" "_configuration.nix"
"_hardware-configuration.nix" "_hardware-configuration.nix"
]; ];
deployment.systemType = systemType node;
}; };
nixpkgs' = import ./meta/nixpkgs.nix; nixpkgs' = import ./meta/nixpkgs.nix;
@ -27,6 +30,10 @@ let
# defaulting to the one defined in meta/nixpkgs # defaulting to the one defined in meta/nixpkgs
version = node: nodes'.${node}.nixpkgs or nixpkgs'.versions.default; version = node: nodes'.${node}.nixpkgs or nixpkgs'.versions.default;
system = node: nodes'.${node}.system or nixpkgs'.systems.default; system = node: nodes'.${node}.system or nixpkgs'.systems.default;
systemType =
node:
nodes'.${node}.system
or (lib'.warn "Not specifying the `deployment.systemType` is deprecated!" "nixos");
# Builds a patched version of nixpkgs, only as the source # Builds a patched version of nixpkgs, only as the source
mkNixpkgs' = mkNixpkgs' =
@ -85,8 +92,57 @@ in
{ {
registry = { registry = {
liminix = { zyxel-nwa50ax = {
evalConfig = import "${sources.liminix}/lib/eval-config.nix" { nixpkgs = sources.nixos-unstable; }; evalConfig = import "${sources.liminix}/lib/eval-config.nix" { nixpkgs = sources.nixos-unstable; };
defaults = {
nixpkgs.hostPlatform = {
config = "mipsel-unknown-linux-musl";
gcc = {
abi = "32";
arch = "mips32"; # mips32r2?
};
};
# It's impure, but who cares?
# Can Flakes do that?
nixpkgs.buildPlatform = builtins.currentSystem;
};
};
nixos = {
evalConfig = import "${sources.nixos-unstable}/nixos/lib/eval-config.nix";
defaults =
{ nodeMeta, name, ... }:
{
# Import the default modules
imports = [ ./modules ];
# Include default secrets
age-secrets.sources = [ ./machines/${name}/secrets ];
# Deployment config is specified in meta.nodes.${node}.deployment
inherit (nodeMeta) deployment;
nix = {
# Set NIX_PATH to the patched version of nixpkgs
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
optimise.automatic = true;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Use the stateVersion declared in the metadata
system = {
inherit (nodeMeta) stateVersion;
};
};
}; };
}; };
@ -99,58 +155,5 @@ in
nodeSpecialArgs = lib.mapSingleFuse mkArgs nodes; nodeSpecialArgs = lib.mapSingleFuse mkArgs nodes;
}; };
registry.nixos.defaults =
{ nodeMeta, name, ... }:
{
# Import the default modules
imports = [ ./modules ];
# Include default secrets
age-secrets.sources = [ ./machines/${name}/secrets ];
# Deployment config is specified in meta.nodes.${node}.deployment
inherit (nodeMeta) deployment;
nix = {
# Set NIX_PATH to the patched version of nixpkgs
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
optimise.automatic = true;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Use the stateVersion declared in the metadata
system = {
inherit (nodeMeta) stateVersion;
};
};
ap01 =
let
device = import "${sources.liminix}/devices/zyxel-nwa50ax";
in
{
deployment.systemType = "liminix";
nixpkgs.hostPlatform = {
config = "mipsel-unknown-linux-musl";
gcc = {
abi = "32";
arch = "mips32"; # mips32r2?
};
};
nixpkgs.buildPlatform = "x86_64-linux";
imports = [
./machines/ap/configuration.nix
device.module
];
};
} }
// (lib.mapSingleFuse mkNode nodes) // (lib.mapSingleFuse mkNode nodes)

View file

@ -1,38 +0,0 @@
# This is a very rudimentary hive to deploy Liminix images.
{
sources ? import ./npins,
nixpkgs ? sources.nixpkgs,
liminix ? sources.liminix,
}:
let
evalLiminix =
{ config, device }:
{
primary = import liminix {
inherit device nixpkgs;
imageType = "primary";
liminix-config = config;
};
secondary = import liminix {
inherit device nixpkgs;
imageType = "secondary";
liminix-config = config;
};
};
zyxel = {
nwa50ax = import "${liminix}/devices/zyxel-nwa50ax";
};
in
{
liminix.pkgs =
(import liminix {
device = zyxel.nwa50ax;
imageType = "primary";
liminix-config = ./machines/ap/configuration.nix;
}).pkgs;
devices = zyxel;
ap-test = evalLiminix {
config = ./machines/ap/configuration.nix;
device = zyxel.nwa50ax;
};
}

View file

@ -0,0 +1 @@
{ }

View file

@ -42,6 +42,7 @@ let
builtins.fetchGit { builtins.fetchGit {
inherit (repository) url; inherit (repository) url;
rev = revision; rev = revision;
allRefs = true;
# hash = hash; # hash = hash;
}; };

View file

@ -38,6 +38,17 @@
"url": "https://github.com/zhaofengli/attic/archive/4dbdbee45728d8ce5788db6461aaaa89d98081f0.tar.gz", "url": "https://github.com/zhaofengli/attic/archive/4dbdbee45728d8ce5788db6461aaaa89d98081f0.tar.gz",
"hash": "1iri77pbf0gvas93zra29qy1c3l61n97z84xblqxmmhsxvljzvnh" "hash": "1iri77pbf0gvas93zra29qy1c3l61n97z84xblqxmmhsxvljzvnh"
}, },
"colmena": {
"type": "Git",
"repository": {
"type": "Git",
"url": "https://git.dgnum.eu/DGNum/colmena.git"
},
"branch": "custom-activation",
"revision": "937ca4d17aecd3ae7394a2a1772dd3e705cb5779",
"url": null,
"hash": "11n9qdm0zi3s89zdcdmyv4l4wv5aq8b4sigx54cp24plxszxrsa7"
},
"disko": { "disko": {
"type": "GitRelease", "type": "GitRelease",
"repository": { "repository": {
@ -68,14 +79,13 @@
"liminix": { "liminix": {
"type": "Git", "type": "Git",
"repository": { "repository": {
"type": "GitHub", "type": "Git",
"owner": "RaitoBezarius", "url": "https://git.dgnum.eu/DGNum/liminix.git"
"repo": "liminix"
}, },
"branch": "colmena--compat", "branch": "main",
"revision": "411a6bc688763fe62d210ccfe066a6cea72a9dce", "revision": "7ae86c23d96b5e6a59fff4d8ebcb3e2e90e4034f",
"url": "https://github.com/RaitoBezarius/liminix/archive/411a6bc688763fe62d210ccfe066a6cea72a9dce.tar.gz", "url": null,
"hash": "17wg5288z3085rd4day1qqi1pm0cmibmcm6nrqrgrc1w1iwja9f0" "hash": "1kw6jp5xnpwnpl2pal3qpr5ljrsvjish4v4m0brnxchc8s1ygq6i"
}, },
"linkal": { "linkal": {
"type": "Git", "type": "Git",