refactor(ops/nixos): migrate to depot module arg
Previously the depot argument was provided as config.depot, but the "new way" of doing things (which is more like the args list provided in the rest of the depot) is to provide this as the "depot" NixOS module argument instead. Change-Id: Ib48b1c7c1bdff9c1eb0618c6cbacc22b651f5f98 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2763 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
This commit is contained in:
parent
999f98436c
commit
b35e358eb5
15 changed files with 30 additions and 35 deletions
|
@ -1,5 +1,5 @@
|
|||
# Module that configures CLBot, our Gerrit->IRC info bridge.
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ depot, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (builtins) attrValues concatStringsSep mapAttrs readFile;
|
||||
|
@ -31,7 +31,7 @@ let
|
|||
description = "${description} to ${channel}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
script = "${config.depot.fun.clbot}/bin/clbot ${mkFlags (cfg.flags // {
|
||||
script = "${depot.fun.clbot}/bin/clbot ${mkFlags (cfg.flags // {
|
||||
irc_channel = channel;
|
||||
})} -alsologtostderr";
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ depot, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.depot.irccat;
|
||||
|
@ -35,7 +35,7 @@ in {
|
|||
systemd.services.irccat = {
|
||||
inherit description;
|
||||
preStart = "${configMerge}";
|
||||
script = "${config.depot.third_party.irccat}/bin/irccat";
|
||||
script = "${depot.third_party.irccat}/bin/irccat";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
# Gerrit configuration for the TVL monorepo
|
||||
{ pkgs, config, lib, ... }:
|
||||
{ depot, pkgs, config, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.gerrit;
|
||||
gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" {} ''
|
||||
mkdir -p $out
|
||||
ln -s ${config.depot.ops.besadii}/bin/besadii $out/ref-updated
|
||||
ln -s ${depot.ops.besadii}/bin/besadii $out/ref-updated
|
||||
'';
|
||||
in {
|
||||
services.gerrit = {
|
||||
|
@ -17,12 +17,12 @@ in {
|
|||
"hooks"
|
||||
];
|
||||
|
||||
plugins = with config.depot.third_party.gerrit_plugins; [
|
||||
plugins = with depot.third_party.gerrit_plugins; [
|
||||
checks
|
||||
owners
|
||||
];
|
||||
|
||||
package = config.depot.third_party.gerrit;
|
||||
package = depot.third_party.gerrit;
|
||||
|
||||
jvmHeapLimit = "4g";
|
||||
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ depot, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.depot.panettone;
|
||||
depot = config.depot;
|
||||
in {
|
||||
options.services.depot.panettone = with lib; {
|
||||
enable = mkEnableOption "Panettone issue tracker";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ depot, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.depot.paroxysm;
|
||||
|
@ -9,7 +9,7 @@ in {
|
|||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.paroxysm = {
|
||||
inherit description;
|
||||
script = "${config.depot.fun.paroxysm}/bin/paroxysm";
|
||||
script = "${depot.fun.paroxysm}/bin/paroxysm";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment = {
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# NixOS module for configuring the simple SMTP relay.
|
||||
{ pkgs, config, lib, ... }:
|
||||
{ depot, pkgs, config, lib, ... }:
|
||||
|
||||
let
|
||||
inherit (builtins) attrValues mapAttrs;
|
||||
|
@ -40,7 +40,7 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
systemd.services.smtprelay = {
|
||||
inherit description;
|
||||
script = "${config.depot.third_party.smtprelay}/bin/smtprelay ${prepareArgs cfg.args}";
|
||||
script = "${depot.third_party.smtprelay}/bin/smtprelay ${prepareArgs cfg.args}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
# Run sourcegraph, including its entire machinery, in a container.
|
||||
# Running it outside of a container is a futile endeavour for now.
|
||||
{ config, pkgs, lib, ... }:
|
||||
{ depot, config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.depot.sourcegraph;
|
||||
depot = config.depot;
|
||||
in {
|
||||
options.services.depot.sourcegraph = with lib; {
|
||||
enable = mkEnableOption "SourceGraph code search engine";
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Configures an OpenLDAP instance for TVL
|
||||
#
|
||||
# TODO(tazjin): Configure ldaps://
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ depot, lib, pkgs, ... }:
|
||||
|
||||
with config.depot.nix.yants;
|
||||
with depot.nix.yants;
|
||||
|
||||
let
|
||||
user = struct {
|
||||
|
@ -24,7 +24,7 @@ let
|
|||
userPassword: ${u.password}
|
||||
'');
|
||||
|
||||
inherit (config.depot.ops) users;
|
||||
inherit (depot.ops) users;
|
||||
|
||||
in {
|
||||
# Use our patched OpenLDAP derivation which enables stronger password hashing.
|
||||
|
@ -34,7 +34,7 @@ in {
|
|||
# *large* number of rebuilds of packages such as GPG and Python.
|
||||
nixpkgs.overlays = [
|
||||
(_: _: {
|
||||
inherit (config.depot.third_party) openldap;
|
||||
inherit (depot.third_party) openldap;
|
||||
})
|
||||
];
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# Configures an Apereo CAS instance for TVL SSO
|
||||
{ config, ... }:
|
||||
{ depot, ... }:
|
||||
|
||||
let
|
||||
inherit (config.depot.third_party) apereo-cas;
|
||||
inherit (depot.third_party) apereo-cas;
|
||||
in {
|
||||
config = {
|
||||
environment.systemPackages = [ apereo-cas ];
|
||||
|
|
|
@ -13,10 +13,8 @@ let
|
|||
ln -s ${depot.ops.besadii}/bin/besadii $out/bin/post-command
|
||||
'';
|
||||
in lib.fix(self: {
|
||||
inherit depot;
|
||||
imports = [
|
||||
"${depot.depotPath}/ops/nixos/clbot.nix"
|
||||
"${depot.depotPath}/ops/nixos/depot.nix"
|
||||
"${depot.depotPath}/ops/nixos/irccat.nix"
|
||||
"${depot.depotPath}/ops/nixos/monorepo-gerrit.nix"
|
||||
"${depot.depotPath}/ops/nixos/panettone.nix"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, ... }:
|
||||
{ depot, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -17,7 +17,7 @@
|
|||
#
|
||||
# TODO(tazjin): Implement a way of serving this dynamically
|
||||
location = /about/tvix/docs/component-flow.svg {
|
||||
alias ${config.depot.tvix.docs.svg}/component-flow.svg;
|
||||
alias ${depot.tvix.docs.svg}/component-flow.svg;
|
||||
}
|
||||
|
||||
# Static assets must always hit the root.
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
# serve tazjin's website & blog
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ depot, config, lib, pkgs, ... }:
|
||||
|
||||
let depot = config.depot;
|
||||
in {
|
||||
{
|
||||
imports = [
|
||||
./base.nix
|
||||
];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, ... }:
|
||||
{ depot, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -9,7 +9,7 @@
|
|||
services.nginx.virtualHosts."todo.tvl.fyi" = {
|
||||
serverName = "todo.tvl.fyi";
|
||||
serverAliases = [ "todo.tvl.su" ];
|
||||
root = config.depot.web.todolist;
|
||||
root = depot.web.todolist;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, ... }:
|
||||
{ depot, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -8,7 +8,7 @@
|
|||
config = {
|
||||
services.nginx.virtualHosts."tvl.fyi" = {
|
||||
serverName = "tvl.fyi";
|
||||
root = config.depot.web.tvl;
|
||||
root = depot.web.tvl;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ depot, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -9,7 +9,7 @@
|
|||
services.nginx.virtualHosts."wigglydonke.rs" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = "${config.depot.depotPath}/users/glittershark/wigglydonke.rs";
|
||||
root = "${depot.depotPath}/users/glittershark/wigglydonke.rs";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue