colmena/flake.nix

{
  description = "A simple, stateless NixOS deployment tool modeled after NixOps.";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    stable.url = "github:NixOS/nixpkgs/nixos-24.05";

    nix-github-actions = {
      url = "github:nix-community/nix-github-actions";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    flake-utils.url = "github:numtide/flake-utils";

    flake-compat = {
      url = "github:edolstra/flake-compat";
      flake = false;
    };
  };

  outputs = {
    self,
    nixpkgs,
    stable,
    flake-utils,
    nix-github-actions,
    ...
  } @ inputs: let
    supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];
    colmenaOptions = import ./src/nix/hive/options.nix;
    colmenaModules = import ./src/nix/hive/modules.nix;

    # Temporary fork of nix-eval-jobs with changes to be upstreamed
    # Mostly for the integration test setup and not needed in most use cases
    _evalJobsOverlay = final: prev: let
      patched = prev.nix-eval-jobs.overrideAttrs (old: {
        version = old.version + "-colmena";
        patches = (old.patches or []) ++ [
          # Allows NIX_PATH to be honored
          (final.fetchpatch {
            url = "https://github.com/zhaofengli/nix-eval-jobs/commit/6ff5972724230ac2b96eb1ec355cd25ca512ef57.patch";
            hash = "sha256-2NiMYpw27N+X7Ixh2HkP3fcWvopDJWQDVjgRdhOL2QQ";
          })
        ];
      });
    in {
      nix-eval-jobs = patched;
    };
  in flake-utils.lib.eachSystem supportedSystems (system: let
    pkgs = import nixpkgs {
      inherit system;
      overlays = [
        _evalJobsOverlay
      ];
    };
  in rec {
    # We still maintain the expression in a Nixpkgs-acceptable form
    defaultPackage = self.packages.${system}.colmena;
    packages = rec {
      colmena = pkgs.callPackage ./package.nix { };

      # Full user manual
      manual = let
        suppressModuleArgsDocs = { lib, ... }: {
          options = {
            _module.args = lib.mkOption {
              internal = true;
            };
          };
        };
        colmena = self.packages.${system}.colmena;
        deploymentOptionsMd = (pkgs.nixosOptionsDoc {
          inherit (pkgs.lib.evalModules {
            modules = [ colmenaOptions.deploymentOptions suppressModuleArgsDocs];
            specialArgs = { name = "nixos"; nodes = {}; };
          }) options;
        }).optionsCommonMark;
        metaOptionsMd = (pkgs.nixosOptionsDoc {
          inherit (pkgs.lib.evalModules {
            modules = [ colmenaOptions.metaOptions  suppressModuleArgsDocs];
          }) options;
        }).optionsCommonMark;
      in pkgs.callPackage ./manual {
        inherit colmena deploymentOptionsMd metaOptionsMd;
      };

      # User manual without the CLI reference
      manualFast = manual.override { colmena = null; };

      # User manual with the version treated as stable
      manualForceStable = manual.override { unstable = false; };
    };

    defaultApp = self.apps.${system}.colmena;
    apps.default = self.apps.${system}.colmena;
    apps.colmena = {
      type = "app";
      program = "${defaultPackage}/bin/colmena";
    };

    devShell = pkgs.mkShell {
      RUST_SRC_PATH = "${pkgs.rustPlatform.rustcSrc}/library";
      NIX_PATH = "nixpkgs=${pkgs.path}";

      inputsFrom = [ defaultPackage packages.manualFast ];
      packages = with pkgs; [
        bashInteractive
        editorconfig-checker
        clippy rust-analyzer cargo-outdated cargo-audit rustfmt
        python3 python3Packages.flake8
      ];
    };
    checks = let
      inputsOverlay = final: prev: {
        _inputs = inputs;
      };
    in if pkgs.stdenv.isLinux then import ./integration-tests {
      pkgs = import nixpkgs {
        inherit system;
        overlays = [
          self.overlays.default
          inputsOverlay

          _evalJobsOverlay
        ];
      };
      pkgsStable = import stable {
        inherit system;
        overlays = [
          self.overlays.default
          inputsOverlay

          _evalJobsOverlay
        ];
      };
    } else {};
  }) // {
    overlay = self.overlays.default;
    overlays.default = final: prev: {
      colmena = final.callPackage ./package.nix { };
    };
    nixosModules = {
      inherit (colmenaOptions) deploymentOptions metaOptions;
      inherit (colmenaModules) keyChownModule keyServiceModule assertionModule;
    };

    lib.makeHive = rawHive: import ./src/nix/hive/eval.nix {
      inherit rawHive colmenaOptions colmenaModules;
      hermetic = true;
    };

    githubActions = nix-github-actions.lib.mkGithubMatrix {
      checks = {
        inherit (self.checks) x86_64-linux;
      };
    };
  };

  nixConfig = {
    extra-substituters = [
      "https://colmena.cachix.org"
    ];
    extra-trusted-public-keys = [
      "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
    ];
  };
}
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00			`{`
			`description = "A simple, stateless NixOS deployment tool modeled after NixOps.";`

			`inputs = {`
integration-tests: Also run apply test against stable nixpkgs 2022-01-28 03:48:25 +01:00			`nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";`
flake: Update stable to NixOS 24.05 2024-09-01 19:06:00 +02:00			`stable.url = "github:NixOS/nixpkgs/nixos-24.05";`
integration-tests: Also run apply test against stable nixpkgs 2022-01-28 03:48:25 +01:00
Run integration tests on GitHub Actions 2024-11-07 23:24:37 +01:00			`nix-github-actions = {`
			`url = "github:nix-community/nix-github-actions";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`

refactor(flake): rename utils to flake-utils This is the expected name for downstream consumers of colmena's flake who want to override the input. Having it be named `utils` causes some surprise/confusion when doing `inputs.flake-utils.follows` as is usual. 2022-10-09 04:31:21 +02:00			`flake-utils.url = "github:numtide/flake-utils";`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00
			`flake-compat = {`
			`url = "github:edolstra/flake-compat";`
			`flake = false;`
			`};`
			`};`

Run integration tests on GitHub Actions 2024-11-07 23:24:37 +01:00			`outputs = {`
			`self,`
			`nixpkgs,`
			`stable,`
			`flake-utils,`
			`nix-github-actions,`
			`...`
			`} @ inputs: let`
Support macOS Currently it requires Linux remote builders to be set up to do anything useful, but soon it will not once we able to initiate builds directly on the target nodes themselves. 2022-01-02 01:41:35 +01:00			`supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];`
imp: soc of eval, modules & options - the reason for this change is to have more transparent separation of concern between effectuations of the module system and pre-module system effectuations - with improved flakes support down the line, pre-module system effectuations will get more complex - this also allows to patch the aspects of the evaluation individually while tracking other components from upstream. eg. path options & eval but not modules 2022-04-04 02:07:14 +02:00			`colmenaOptions = import ./src/nix/hive/options.nix;`
			`colmenaModules = import ./src/nix/hive/modules.nix;`
flake.nix: Apply nix-eval-jobs overlay on output package set 2024-11-07 23:24:37 +01:00
			`# Temporary fork of nix-eval-jobs with changes to be upstreamed`
			`# Mostly for the integration test setup and not needed in most use cases`
			`_evalJobsOverlay = final: prev: let`
			`patched = prev.nix-eval-jobs.overrideAttrs (old: {`
			`version = old.version + "-colmena";`
			`patches = (old.patches or []) ++ [`
			`# Allows NIX_PATH to be honored`
			`(final.fetchpatch {`
			`url = "https://github.com/zhaofengli/nix-eval-jobs/commit/6ff5972724230ac2b96eb1ec355cd25ca512ef57.patch";`
			`hash = "sha256-2NiMYpw27N+X7Ixh2HkP3fcWvopDJWQDVjgRdhOL2QQ";`
			`})`
			`];`
			`});`
			`in {`
			`nix-eval-jobs = patched;`
			`};`
refactor(flake): rename utils to flake-utils This is the expected name for downstream consumers of colmena's flake who want to override the input. Having it be named `utils` causes some surprise/confusion when doing `inputs.flake-utils.follows` as is usual. 2022-10-09 04:31:21 +02:00			`in flake-utils.lib.eachSystem supportedSystems (system: let`
flake.nix: Apply nix-eval-jobs overlay on output package set 2024-11-07 23:24:37 +01:00			`pkgs = import nixpkgs {`
			`inherit system;`
			`overlays = [`
			`_evalJobsOverlay`
			`];`
			`};`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00			`in rec {`
			`# We still maintain the expression in a Nixpkgs-acceptable form`
flake.nix: Clean up and add overlay 2021-09-20 07:03:39 +02:00			`defaultPackage = self.packages.${system}.colmena;`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`packages = rec {`
default.nix: Switch to flake-compat `package.nix` is kept in sync with the expression in upstream Nixpkgs. 2022-01-21 09:45:12 +01:00			`colmena = pkgs.callPackage ./package.nix { };`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00
Move closer to release 2021-11-18 22:15:20 +01:00			`# Full user manual`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`manual = let`
ref: reduce eval.nix contract - documentation contratcts can now bypass the eval.nix iface - enabled by:9bd5e7bb2540664fe1c728c85f80375fe0cbf9fa 2022-07-09 22:41:15 +02:00			`suppressModuleArgsDocs = { lib, ... }: {`
			`options = {`
			`_module.args = lib.mkOption {`
			`internal = true;`
			`};`
			`};`
			`};`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`colmena = self.packages.${system}.colmena;`
			`deploymentOptionsMd = (pkgs.nixosOptionsDoc {`
ref: reduce eval.nix contract - documentation contratcts can now bypass the eval.nix iface - enabled by:9bd5e7bb2540664fe1c728c85f80375fe0cbf9fa 2022-07-09 22:41:15 +02:00			`inherit (pkgs.lib.evalModules {`
			`modules = [ colmenaOptions.deploymentOptions suppressModuleArgsDocs];`
			`specialArgs = { name = "nixos"; nodes = {}; };`
			`}) options;`
Update nixpkgs, fix manual build 2022-01-02 01:41:35 +01:00			`}).optionsCommonMark;`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`metaOptionsMd = (pkgs.nixosOptionsDoc {`
ref: reduce eval.nix contract - documentation contratcts can now bypass the eval.nix iface - enabled by:9bd5e7bb2540664fe1c728c85f80375fe0cbf9fa 2022-07-09 22:41:15 +02:00			`inherit (pkgs.lib.evalModules {`
			`modules = [ colmenaOptions.metaOptions suppressModuleArgsDocs];`
			`}) options;`
Update nixpkgs, fix manual build 2022-01-02 01:41:35 +01:00			`}).optionsCommonMark;`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`in pkgs.callPackage ./manual {`
			`inherit colmena deploymentOptionsMd metaOptionsMd;`
			`};`

Move closer to release 2021-11-18 22:15:20 +01:00			`# User manual without the CLI reference`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`manualFast = manual.override { colmena = null; };`
Move closer to release 2021-11-18 22:15:20 +01:00
			`# User manual with the version treated as stable`
			`manualForceStable = manual.override { unstable = false; };`
Add manual We finally have some real documentation :) 2021-11-18 07:21:00 +01:00			`};`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00
			`defaultApp = self.apps.${system}.colmena;`
flake.nix: Fix `nix run` for Nix 2.8 2022-06-03 01:39:45 +02:00			`apps.default = self.apps.${system}.colmena;`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00			`apps.colmena = {`
			`type = "app";`
			`program = "${defaultPackage}/bin/colmena";`
			`};`

			`devShell = pkgs.mkShell {`
flake.nix: add RUST_SRC_PATH for rust-analyzer Allow for a rust-analyzer language server running in the devshell to access the same rust sources used to build the package. 2022-05-26 02:19:03 +02:00			`RUST_SRC_PATH = "${pkgs.rustPlatform.rustcSrc}/library";`
			`NIX_PATH = "nixpkgs=${pkgs.path}";`

manual: Integrate mdbook-linkcheck 2022-03-08 07:02:04 +01:00			`inputsFrom = [ defaultPackage packages.manualFast ];`
			`packages = with pkgs; [`
flake.nix: Add bashInteractive to dev shell 2022-06-03 01:39:45 +02:00			`bashInteractive`
Apply flake8 to manual preprocessor 2022-06-25 02:34:37 +02:00			`editorconfig-checker`
flake.nix: Add cargo-audit to devShell 2022-08-17 04:15:43 +02:00			`clippy rust-analyzer cargo-outdated cargo-audit rustfmt`
Apply flake8 to manual preprocessor 2022-06-25 02:34:37 +02:00			`python3 python3Packages.flake8`
manual: Integrate mdbook-linkcheck 2022-03-08 07:02:04 +01:00			`];`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00			`};`
flake.nix: Add checks for integration tests 2023-01-28 07:44:41 +01:00			`checks = let`
			`inputsOverlay = final: prev: {`
			`_inputs = inputs;`
			`};`
			`in if pkgs.stdenv.isLinux then import ./integration-tests {`
			`pkgs = import nixpkgs {`
			`inherit system;`
flake.nix: Patch nix-eval-jobs for NIX_PATH 2024-10-06 03:46:56 +02:00			`overlays = [`
			`self.overlays.default`
			`inputsOverlay`

flake.nix: Apply nix-eval-jobs overlay on output package set 2024-11-07 23:24:37 +01:00			`_evalJobsOverlay`
flake.nix: Patch nix-eval-jobs for NIX_PATH 2024-10-06 03:46:56 +02:00			`];`
flake.nix: Add checks for integration tests 2023-01-28 07:44:41 +01:00			`};`
			`pkgsStable = import stable {`
			`inherit system;`
flake.nix: Patch nix-eval-jobs for NIX_PATH 2024-10-06 03:46:56 +02:00			`overlays = [`
			`self.overlays.default`
			`inputsOverlay`

flake.nix: Apply nix-eval-jobs overlay on output package set 2024-11-07 23:24:37 +01:00			`_evalJobsOverlay`
flake.nix: Patch nix-eval-jobs for NIX_PATH 2024-10-06 03:46:56 +02:00			`];`
flake.nix: Add checks for integration tests 2023-01-28 07:44:41 +01:00			`};`
			`} else {};`
flake.nix: Clean up and add overlay 2021-09-20 07:03:39 +02:00			`}) // {`
flake.nix: Add checks for integration tests 2023-01-28 07:44:41 +01:00			`overlay = self.overlays.default;`
			`overlays.default = final: prev: {`
default.nix: Switch to flake-compat `package.nix` is kept in sync with the expression in upstream Nixpkgs. 2022-01-21 09:45:12 +01:00			`colmena = final.callPackage ./package.nix { };`
flake.nix: Clean up and add overlay 2021-09-20 07:03:39 +02:00			`};`
ref: reduce eval.nix contract forther - module export contratcts can now bypass the eval.nix iface - enabled by:9bd5e7bb2540664fe1c728c85f80375fe0cbf9fa 2022-05-27 00:23:39 +02:00			`nixosModules = {`
flake.nix: Reindent 2022-09-19 01:27:46 +02:00			`inherit (colmenaOptions) deploymentOptions metaOptions;`
fix: export assertion module 2022-10-23 04:34:48 +02:00			`inherit (colmenaModules) keyChownModule keyServiceModule assertionModule;`
ref: reduce eval.nix contract forther - module export contratcts can now bypass the eval.nix iface - enabled by:9bd5e7bb2540664fe1c728c85f80375fe0cbf9fa 2022-05-27 00:23:39 +02:00			`};`
flake.nix: Add lib.makeHive Ground work to make the evaluation logic more clearly separated from the deployment logic. The `colmenaHive` output will be the integration point between the two halves. 2022-09-19 01:27:46 +02:00
			`lib.makeHive = rawHive: import ./src/nix/hive/eval.nix {`
			`inherit rawHive colmenaOptions colmenaModules;`
			`hermetic = true;`
			`};`
Run integration tests on GitHub Actions 2024-11-07 23:24:37 +01:00
			`githubActions = nix-github-actions.lib.mkGithubMatrix {`
			`checks = {`
			`inherit (self.checks) x86_64-linux;`
			`};`
			`};`
flake.nix: Clean up and add overlay 2021-09-20 07:03:39 +02:00			`};`
flake.nix: add project binary cache to nix.conf 2022-05-26 01:55:39 +02:00
			`nixConfig = {`
			`extra-substituters = [`
			`"https://colmena.cachix.org"`
			`];`
			`extra-trusted-public-keys = [`
			`"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="`
			`];`
			`};`
Make dev environment flake-compatible Co-authored-by: Alex Zero <joseph@marsden.space> 2021-06-29 10:02:43 +02:00			`}`