refactor(ops): Split //ops/nixos into different locations

Splits //ops/nixos into:

* //ops/nixos.nix - utility functions for building systems
* //ops/machines - shared machine definitions (read by readTree)
* //ops/modules - shared NixOS modules (skipped by readTree)

This simplifies working with the configuration fixpoint in whitby, and
is overall a bit more in line with how NixOS systems in user folders
currently work.

Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: glittershark <grfn@gws.fyi>
This commit is contained in:
Vincent Ambo 2021-04-11 22:50:30 +02:00 committed by tazjin
parent 7deabb8c8d
commit 90281c4eac
38 changed files with 41 additions and 60 deletions

View file

@ -42,7 +42,7 @@ Twitter][].
[`//ops/pipelines`](https://cs.tvl.fyi/depot/-/tree/ops/pipelines).
All services that we host are deployed on NixOS machines that we manage. Their
configuration is tracked in `//ops/nixos`.
configuration is tracked in `//ops/{modules,machines}`.
## Nix

View file

@ -60,7 +60,7 @@ And `scope` should refer to some kind of logical grouping inside of the project.
It does not make sense to include the full path unless it aids in
disambiguating. For example, when changing the configuration of the host
`camden` at `//ops/nixos/camden` it is enough to write `feat(camden): ...`.
`whitby` at `//ops/machines/whitby` it is enough to write `feat(whitby): ...`.
Please take a look at the existing commit log for examples.

View file

@ -1,6 +1,6 @@
{ depot, ... }:
(with depot.ops.nixos; [
(with depot.ops.machines; [
whitby
]) ++

View file

@ -1,30 +1,31 @@
{ depot, lib, pkgs, ... }:
{ depot, lib, pkgs, ... }: # readTree options
config: # passed by module system
let
inherit (builtins) listToAttrs;
inherit (lib) range;
in lib.fix(self: {
imports = [
"${depot.depotPath}/ops/nixos/clbot.nix"
"${depot.depotPath}/ops/nixos/irccat.nix"
"${depot.depotPath}/ops/nixos/monorepo-gerrit.nix"
"${depot.depotPath}/ops/nixos/panettone.nix"
"${depot.depotPath}/ops/nixos/paroxysm.nix"
"${depot.depotPath}/ops/nixos/smtprelay.nix"
"${depot.depotPath}/ops/nixos/sourcegraph.nix"
"${depot.depotPath}/ops/nixos/tvl-buildkite.nix"
"${depot.depotPath}/ops/nixos/tvl-slapd/default.nix"
"${depot.depotPath}/ops/nixos/tvl-sso/default.nix"
"${depot.depotPath}/ops/nixos/www/b.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/cache.tvl.su.nix"
"${depot.depotPath}/ops/nixos/www/cl.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/tazj.in.nix"
"${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/wigglydonke.rs.nix"
"${depot.depotPath}/ops/modules/clbot.nix"
"${depot.depotPath}/ops/modules/irccat.nix"
"${depot.depotPath}/ops/modules/monorepo-gerrit.nix"
"${depot.depotPath}/ops/modules/panettone.nix"
"${depot.depotPath}/ops/modules/paroxysm.nix"
"${depot.depotPath}/ops/modules/smtprelay.nix"
"${depot.depotPath}/ops/modules/sourcegraph.nix"
"${depot.depotPath}/ops/modules/tvl-buildkite.nix"
"${depot.depotPath}/ops/modules/tvl-slapd/default.nix"
"${depot.depotPath}/ops/modules/tvl-sso/default.nix"
"${depot.depotPath}/ops/modules/www/b.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/cache.tvl.su.nix"
"${depot.depotPath}/ops/modules/www/cl.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/code.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/cs.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/login.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/tazj.in.nix"
"${depot.depotPath}/ops/modules/www/todo.tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/tvl.fyi.nix"
"${depot.depotPath}/ops/modules/www/wigglydonke.rs.nix"
"${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix"
];

2
ops/modules/default.nix Normal file
View file

@ -0,0 +1,2 @@
# Make readTree happy at this level.
_: {}

View file

@ -1,21 +1,8 @@
# Most of the Nix expressions in this folder are NixOS modules, which
# are not readTree compatible.
#
# Some things (such as system configurations) are, and we import them
# here manually.
#
# TODO(tazjin): Find a more elegant solution for the whole module
# situation.
# Helper functions for instantiating depot-compatible NixOS machines.
{ depot, lib, pkgs, ... }@args:
let inherit (lib) findFirst isAttrs;
in rec {
whitby = import ./whitby/default.nix args;
# System installation
allSystems = import ./all-systems.nix args;
# This provides our standard set of arguments to all NixOS modules.
baseModule = { ... }: {
_module.args = {
@ -36,7 +23,7 @@ in rec {
(findFirst
(system: system.config.networking.hostName == hostname)
(throw "${hostname} is not a known NixOS host")
(map nixosFor allSystems));
(map nixosFor depot.ops.machines.all-systems));
rebuild-system = pkgs.writeShellScriptBin "rebuild-system" ''
set -ue
@ -53,9 +40,6 @@ in rec {
'';
# Systems that should be built in CI
#
# TODO(tazjin): Refactor the whole systems setup, it's a bit
# inconsistent at the moment.
whitbySystem = (nixosFor whitby).system;
whitbySystem = (nixosFor depot.ops.machines.whitby).system;
meta.targets = [ "whitbySystem" ];
}

View file

@ -1,3 +0,0 @@
hardware-configuration.nix
local-configuration.nix
result

View file

@ -7,7 +7,7 @@
../modules/tvl.nix
../modules/fcitx.nix
../modules/rtlsdr.nix
../../../../../ops/nixos/v4l2loopback.nix
../../../../../ops/modules/v4l2loopback.nix
../modules/desktop.nix
../modules/development.nix
];

View file

@ -1,20 +1,17 @@
NixOS configuration
===================
My NixOS configuration! It configures most of the packages I require
My NixOS configurations! It configures most of the packages I require
on my systems, sets up Emacs the way I need and does a bunch of other
interesting things.
System configuration lives in folders for each machine and a custom
fixed point evaluation (similar to standard NixOS module
configuration) is used to combine configuration together.
System configuration lives in folders, and some of the modules stem
from `//ops/modules`.
Building `ops.nixos.rebuilder` yields a script that will automatically
build and activate the newest configuration based on the current
hostname.
Machines are deployed with the script at `ops.nixos.rebuild-system`.
## Configured hosts:
* `frog` - weapon of mass computation at home
* `camden` - NUC serving tazj.in, tvl.fyi & co
* ~~`urdhva` - T470s~~ (currently with edef)
* `tverskoy` - X13 AMD that's travelling around with me
* `frog` - weapon of mass computation (in storage in London)
* `camden` - NUC formerly serving tazj.in (in storage in London)

View file

@ -25,8 +25,8 @@ in lib.fix(self: {
sha256 = "157c64220lf825ll4c0cxsdwg7cxqdx4z559fdp7kpz0g6p8fhhr";
};
in [
"${depot.depotPath}/ops/nixos/quassel.nix"
"${depot.depotPath}/ops/nixos/smtprelay.nix"
"${depot.depotPath}/ops/modules/quassel.nix"
"${depot.depotPath}/ops/modules/smtprelay.nix"
"${oldChannel}/nixos/modules/security/acme.nix"
];

View file

@ -16,7 +16,7 @@ config: let
};
in lib.fix(self: {
imports = [
"${depot.depotPath}/ops/nixos/v4l2loopback.nix"
"${depot.depotPath}/ops/modules/v4l2loopback.nix"
];
boot = {