refactor(ops): Split //ops/nixos into different locations
Splits //ops/nixos into: * //ops/nixos.nix - utility functions for building systems * //ops/machines - shared machine definitions (read by readTree) * //ops/modules - shared NixOS modules (skipped by readTree) This simplifies working with the configuration fixpoint in whitby, and is overall a bit more in line with how NixOS systems in user folders currently work. Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: glittershark <grfn@gws.fyi>
This commit is contained in:
parent
7deabb8c8d
commit
90281c4eac
38 changed files with 41 additions and 60 deletions
README.md
docs
ops
machines
modules
.skip-subtreeREADME.mdclbot.nixdefault.nixirccat.nixmonorepo-gerrit.nixpanettone.nixparoxysm.nixquassel.nixsmtprelay.nixsourcegraph.nixtvl-buildkite.nix
nixos.nixtvl-slapd
tvl-sso
v4l2loopback.nixwww
nixos
users
glittershark/system/system/machines
tazjin/nixos
|
@ -42,7 +42,7 @@ Twitter][].
|
|||
[`//ops/pipelines`](https://cs.tvl.fyi/depot/-/tree/ops/pipelines).
|
||||
|
||||
All services that we host are deployed on NixOS machines that we manage. Their
|
||||
configuration is tracked in `//ops/nixos`.
|
||||
configuration is tracked in `//ops/{modules,machines}`.
|
||||
|
||||
## Nix
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ And `scope` should refer to some kind of logical grouping inside of the project.
|
|||
|
||||
It does not make sense to include the full path unless it aids in
|
||||
disambiguating. For example, when changing the configuration of the host
|
||||
`camden` at `//ops/nixos/camden` it is enough to write `feat(camden): ...`.
|
||||
`whitby` at `//ops/machines/whitby` it is enough to write `feat(whitby): ...`.
|
||||
|
||||
Please take a look at the existing commit log for examples.
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ depot, ... }:
|
||||
|
||||
(with depot.ops.nixos; [
|
||||
(with depot.ops.machines; [
|
||||
whitby
|
||||
]) ++
|
||||
|
|
@ -1,30 +1,31 @@
|
|||
{ depot, lib, pkgs, ... }:
|
||||
{ depot, lib, pkgs, ... }: # readTree options
|
||||
config: # passed by module system
|
||||
|
||||
let
|
||||
inherit (builtins) listToAttrs;
|
||||
inherit (lib) range;
|
||||
in lib.fix(self: {
|
||||
imports = [
|
||||
"${depot.depotPath}/ops/nixos/clbot.nix"
|
||||
"${depot.depotPath}/ops/nixos/irccat.nix"
|
||||
"${depot.depotPath}/ops/nixos/monorepo-gerrit.nix"
|
||||
"${depot.depotPath}/ops/nixos/panettone.nix"
|
||||
"${depot.depotPath}/ops/nixos/paroxysm.nix"
|
||||
"${depot.depotPath}/ops/nixos/smtprelay.nix"
|
||||
"${depot.depotPath}/ops/nixos/sourcegraph.nix"
|
||||
"${depot.depotPath}/ops/nixos/tvl-buildkite.nix"
|
||||
"${depot.depotPath}/ops/nixos/tvl-slapd/default.nix"
|
||||
"${depot.depotPath}/ops/nixos/tvl-sso/default.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/b.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/cache.tvl.su.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/cl.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/tazj.in.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/nixos/www/wigglydonke.rs.nix"
|
||||
"${depot.depotPath}/ops/modules/clbot.nix"
|
||||
"${depot.depotPath}/ops/modules/irccat.nix"
|
||||
"${depot.depotPath}/ops/modules/monorepo-gerrit.nix"
|
||||
"${depot.depotPath}/ops/modules/panettone.nix"
|
||||
"${depot.depotPath}/ops/modules/paroxysm.nix"
|
||||
"${depot.depotPath}/ops/modules/smtprelay.nix"
|
||||
"${depot.depotPath}/ops/modules/sourcegraph.nix"
|
||||
"${depot.depotPath}/ops/modules/tvl-buildkite.nix"
|
||||
"${depot.depotPath}/ops/modules/tvl-slapd/default.nix"
|
||||
"${depot.depotPath}/ops/modules/tvl-sso/default.nix"
|
||||
"${depot.depotPath}/ops/modules/www/b.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/cache.tvl.su.nix"
|
||||
"${depot.depotPath}/ops/modules/www/cl.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/code.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/cs.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/login.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/tazj.in.nix"
|
||||
"${depot.depotPath}/ops/modules/www/todo.tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/tvl.fyi.nix"
|
||||
"${depot.depotPath}/ops/modules/www/wigglydonke.rs.nix"
|
||||
"${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix"
|
||||
];
|
||||
|
2
ops/modules/default.nix
Normal file
2
ops/modules/default.nix
Normal file
|
@ -0,0 +1,2 @@
|
|||
# Make readTree happy at this level.
|
||||
_: {}
|
|
@ -1,21 +1,8 @@
|
|||
# Most of the Nix expressions in this folder are NixOS modules, which
|
||||
# are not readTree compatible.
|
||||
#
|
||||
# Some things (such as system configurations) are, and we import them
|
||||
# here manually.
|
||||
#
|
||||
# TODO(tazjin): Find a more elegant solution for the whole module
|
||||
# situation.
|
||||
# Helper functions for instantiating depot-compatible NixOS machines.
|
||||
{ depot, lib, pkgs, ... }@args:
|
||||
|
||||
let inherit (lib) findFirst isAttrs;
|
||||
in rec {
|
||||
whitby = import ./whitby/default.nix args;
|
||||
|
||||
# System installation
|
||||
|
||||
allSystems = import ./all-systems.nix args;
|
||||
|
||||
# This provides our standard set of arguments to all NixOS modules.
|
||||
baseModule = { ... }: {
|
||||
_module.args = {
|
||||
|
@ -36,7 +23,7 @@ in rec {
|
|||
(findFirst
|
||||
(system: system.config.networking.hostName == hostname)
|
||||
(throw "${hostname} is not a known NixOS host")
|
||||
(map nixosFor allSystems));
|
||||
(map nixosFor depot.ops.machines.all-systems));
|
||||
|
||||
rebuild-system = pkgs.writeShellScriptBin "rebuild-system" ''
|
||||
set -ue
|
||||
|
@ -53,9 +40,6 @@ in rec {
|
|||
'';
|
||||
|
||||
# Systems that should be built in CI
|
||||
#
|
||||
# TODO(tazjin): Refactor the whole systems setup, it's a bit
|
||||
# inconsistent at the moment.
|
||||
whitbySystem = (nixosFor whitby).system;
|
||||
whitbySystem = (nixosFor depot.ops.machines.whitby).system;
|
||||
meta.targets = [ "whitbySystem" ];
|
||||
}
|
3
ops/nixos/.gitignore
vendored
3
ops/nixos/.gitignore
vendored
|
@ -1,3 +0,0 @@
|
|||
hardware-configuration.nix
|
||||
local-configuration.nix
|
||||
result
|
|
@ -7,7 +7,7 @@
|
|||
../modules/tvl.nix
|
||||
../modules/fcitx.nix
|
||||
../modules/rtlsdr.nix
|
||||
../../../../../ops/nixos/v4l2loopback.nix
|
||||
../../../../../ops/modules/v4l2loopback.nix
|
||||
../modules/desktop.nix
|
||||
../modules/development.nix
|
||||
];
|
||||
|
|
|
@ -1,20 +1,17 @@
|
|||
NixOS configuration
|
||||
===================
|
||||
|
||||
My NixOS configuration! It configures most of the packages I require
|
||||
My NixOS configurations! It configures most of the packages I require
|
||||
on my systems, sets up Emacs the way I need and does a bunch of other
|
||||
interesting things.
|
||||
|
||||
System configuration lives in folders for each machine and a custom
|
||||
fixed point evaluation (similar to standard NixOS module
|
||||
configuration) is used to combine configuration together.
|
||||
System configuration lives in folders, and some of the modules stem
|
||||
from `//ops/modules`.
|
||||
|
||||
Building `ops.nixos.rebuilder` yields a script that will automatically
|
||||
build and activate the newest configuration based on the current
|
||||
hostname.
|
||||
Machines are deployed with the script at `ops.nixos.rebuild-system`.
|
||||
|
||||
## Configured hosts:
|
||||
|
||||
* `frog` - weapon of mass computation at home
|
||||
* `camden` - NUC serving tazj.in, tvl.fyi & co
|
||||
* ~~`urdhva` - T470s~~ (currently with edef)
|
||||
* `tverskoy` - X13 AMD that's travelling around with me
|
||||
* `frog` - weapon of mass computation (in storage in London)
|
||||
* `camden` - NUC formerly serving tazj.in (in storage in London)
|
||||
|
|
|
@ -25,8 +25,8 @@ in lib.fix(self: {
|
|||
sha256 = "157c64220lf825ll4c0cxsdwg7cxqdx4z559fdp7kpz0g6p8fhhr";
|
||||
};
|
||||
in [
|
||||
"${depot.depotPath}/ops/nixos/quassel.nix"
|
||||
"${depot.depotPath}/ops/nixos/smtprelay.nix"
|
||||
"${depot.depotPath}/ops/modules/quassel.nix"
|
||||
"${depot.depotPath}/ops/modules/smtprelay.nix"
|
||||
"${oldChannel}/nixos/modules/security/acme.nix"
|
||||
];
|
||||
|
||||
|
|
|
@ -16,7 +16,7 @@ config: let
|
|||
};
|
||||
in lib.fix(self: {
|
||||
imports = [
|
||||
"${depot.depotPath}/ops/nixos/v4l2loopback.nix"
|
||||
"${depot.depotPath}/ops/modules/v4l2loopback.nix"
|
||||
];
|
||||
|
||||
boot = {
|
||||
|
|
Loading…
Reference in a new issue