refactor(ops): Split //ops/nixos into different locations

Splits //ops/nixos into:

* //ops/nixos.nix - utility functions for building systems
* //ops/machines - shared machine definitions (read by readTree)
* //ops/modules - shared NixOS modules (skipped by readTree)

This simplifies working with the configuration fixpoint in whitby, and
is overall a bit more in line with how NixOS systems in user folders
currently work.

Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: glittershark <grfn@gws.fyi>
This commit is contained in:
Vincent Ambo 2021-04-11 22:50:30 +02:00 committed by tazjin
parent 7deabb8c8d
commit 90281c4eac
38 changed files with 41 additions and 60 deletions

View file

@ -42,7 +42,7 @@ Twitter][].
[`//ops/pipelines`](https://cs.tvl.fyi/depot/-/tree/ops/pipelines). [`//ops/pipelines`](https://cs.tvl.fyi/depot/-/tree/ops/pipelines).
All services that we host are deployed on NixOS machines that we manage. Their All services that we host are deployed on NixOS machines that we manage. Their
configuration is tracked in `//ops/nixos`. configuration is tracked in `//ops/{modules,machines}`.
## Nix ## Nix

View file

@ -60,7 +60,7 @@ And `scope` should refer to some kind of logical grouping inside of the project.
It does not make sense to include the full path unless it aids in It does not make sense to include the full path unless it aids in
disambiguating. For example, when changing the configuration of the host disambiguating. For example, when changing the configuration of the host
`camden` at `//ops/nixos/camden` it is enough to write `feat(camden): ...`. `whitby` at `//ops/machines/whitby` it is enough to write `feat(whitby): ...`.
Please take a look at the existing commit log for examples. Please take a look at the existing commit log for examples.

View file

@ -1,6 +1,6 @@
{ depot, ... }: { depot, ... }:
(with depot.ops.nixos; [ (with depot.ops.machines; [
whitby whitby
]) ++ ]) ++

View file

@ -1,30 +1,31 @@
{ depot, lib, pkgs, ... }: { depot, lib, pkgs, ... }: # readTree options
config: # passed by module system
let let
inherit (builtins) listToAttrs; inherit (builtins) listToAttrs;
inherit (lib) range; inherit (lib) range;
in lib.fix(self: { in lib.fix(self: {
imports = [ imports = [
"${depot.depotPath}/ops/nixos/clbot.nix" "${depot.depotPath}/ops/modules/clbot.nix"
"${depot.depotPath}/ops/nixos/irccat.nix" "${depot.depotPath}/ops/modules/irccat.nix"
"${depot.depotPath}/ops/nixos/monorepo-gerrit.nix" "${depot.depotPath}/ops/modules/monorepo-gerrit.nix"
"${depot.depotPath}/ops/nixos/panettone.nix" "${depot.depotPath}/ops/modules/panettone.nix"
"${depot.depotPath}/ops/nixos/paroxysm.nix" "${depot.depotPath}/ops/modules/paroxysm.nix"
"${depot.depotPath}/ops/nixos/smtprelay.nix" "${depot.depotPath}/ops/modules/smtprelay.nix"
"${depot.depotPath}/ops/nixos/sourcegraph.nix" "${depot.depotPath}/ops/modules/sourcegraph.nix"
"${depot.depotPath}/ops/nixos/tvl-buildkite.nix" "${depot.depotPath}/ops/modules/tvl-buildkite.nix"
"${depot.depotPath}/ops/nixos/tvl-slapd/default.nix" "${depot.depotPath}/ops/modules/tvl-slapd/default.nix"
"${depot.depotPath}/ops/nixos/tvl-sso/default.nix" "${depot.depotPath}/ops/modules/tvl-sso/default.nix"
"${depot.depotPath}/ops/nixos/www/b.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/b.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/cache.tvl.su.nix" "${depot.depotPath}/ops/modules/www/cache.tvl.su.nix"
"${depot.depotPath}/ops/nixos/www/cl.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/cl.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/code.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/cs.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/login.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/tazj.in.nix" "${depot.depotPath}/ops/modules/www/tazj.in.nix"
"${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/todo.tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/tvl.fyi.nix" "${depot.depotPath}/ops/modules/www/tvl.fyi.nix"
"${depot.depotPath}/ops/nixos/www/wigglydonke.rs.nix" "${depot.depotPath}/ops/modules/www/wigglydonke.rs.nix"
"${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix" "${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix"
]; ];

2
ops/modules/default.nix Normal file
View file

@ -0,0 +1,2 @@
# Make readTree happy at this level.
_: {}

View file

@ -1,21 +1,8 @@
# Most of the Nix expressions in this folder are NixOS modules, which # Helper functions for instantiating depot-compatible NixOS machines.
# are not readTree compatible.
#
# Some things (such as system configurations) are, and we import them
# here manually.
#
# TODO(tazjin): Find a more elegant solution for the whole module
# situation.
{ depot, lib, pkgs, ... }@args: { depot, lib, pkgs, ... }@args:
let inherit (lib) findFirst isAttrs; let inherit (lib) findFirst isAttrs;
in rec { in rec {
whitby = import ./whitby/default.nix args;
# System installation
allSystems = import ./all-systems.nix args;
# This provides our standard set of arguments to all NixOS modules. # This provides our standard set of arguments to all NixOS modules.
baseModule = { ... }: { baseModule = { ... }: {
_module.args = { _module.args = {
@ -36,7 +23,7 @@ in rec {
(findFirst (findFirst
(system: system.config.networking.hostName == hostname) (system: system.config.networking.hostName == hostname)
(throw "${hostname} is not a known NixOS host") (throw "${hostname} is not a known NixOS host")
(map nixosFor allSystems)); (map nixosFor depot.ops.machines.all-systems));
rebuild-system = pkgs.writeShellScriptBin "rebuild-system" '' rebuild-system = pkgs.writeShellScriptBin "rebuild-system" ''
set -ue set -ue
@ -53,9 +40,6 @@ in rec {
''; '';
# Systems that should be built in CI # Systems that should be built in CI
# whitbySystem = (nixosFor depot.ops.machines.whitby).system;
# TODO(tazjin): Refactor the whole systems setup, it's a bit
# inconsistent at the moment.
whitbySystem = (nixosFor whitby).system;
meta.targets = [ "whitbySystem" ]; meta.targets = [ "whitbySystem" ];
} }

View file

@ -1,3 +0,0 @@
hardware-configuration.nix
local-configuration.nix
result

View file

@ -7,7 +7,7 @@
../modules/tvl.nix ../modules/tvl.nix
../modules/fcitx.nix ../modules/fcitx.nix
../modules/rtlsdr.nix ../modules/rtlsdr.nix
../../../../../ops/nixos/v4l2loopback.nix ../../../../../ops/modules/v4l2loopback.nix
../modules/desktop.nix ../modules/desktop.nix
../modules/development.nix ../modules/development.nix
]; ];

View file

@ -1,20 +1,17 @@
NixOS configuration NixOS configuration
=================== ===================
My NixOS configuration! It configures most of the packages I require My NixOS configurations! It configures most of the packages I require
on my systems, sets up Emacs the way I need and does a bunch of other on my systems, sets up Emacs the way I need and does a bunch of other
interesting things. interesting things.
System configuration lives in folders for each machine and a custom System configuration lives in folders, and some of the modules stem
fixed point evaluation (similar to standard NixOS module from `//ops/modules`.
configuration) is used to combine configuration together.
Building `ops.nixos.rebuilder` yields a script that will automatically Machines are deployed with the script at `ops.nixos.rebuild-system`.
build and activate the newest configuration based on the current
hostname.
## Configured hosts: ## Configured hosts:
* `frog` - weapon of mass computation at home * `tverskoy` - X13 AMD that's travelling around with me
* `camden` - NUC serving tazj.in, tvl.fyi & co * `frog` - weapon of mass computation (in storage in London)
* ~~`urdhva` - T470s~~ (currently with edef) * `camden` - NUC formerly serving tazj.in (in storage in London)

View file

@ -25,8 +25,8 @@ in lib.fix(self: {
sha256 = "157c64220lf825ll4c0cxsdwg7cxqdx4z559fdp7kpz0g6p8fhhr"; sha256 = "157c64220lf825ll4c0cxsdwg7cxqdx4z559fdp7kpz0g6p8fhhr";
}; };
in [ in [
"${depot.depotPath}/ops/nixos/quassel.nix" "${depot.depotPath}/ops/modules/quassel.nix"
"${depot.depotPath}/ops/nixos/smtprelay.nix" "${depot.depotPath}/ops/modules/smtprelay.nix"
"${oldChannel}/nixos/modules/security/acme.nix" "${oldChannel}/nixos/modules/security/acme.nix"
]; ];

View file

@ -16,7 +16,7 @@ config: let
}; };
in lib.fix(self: { in lib.fix(self: {
imports = [ imports = [
"${depot.depotPath}/ops/nixos/v4l2loopback.nix" "${depot.depotPath}/ops/modules/v4l2loopback.nix"
]; ];
boot = { boot = {