From fccbc04336665e530f6f4ca0f92bc53848a08ab7 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Fri, 20 Dec 2019 17:52:19 +1300 Subject: [PATCH] nixfmt: shell.nix --- shell.nix | 330 +++++++++++++++++++++++++++--------------------------- 1 file changed, 166 insertions(+), 164 deletions(-) diff --git a/shell.nix b/shell.nix index e3329ed..59b331e 100644 --- a/shell.nix +++ b/shell.nix @@ -1,200 +1,202 @@ let + #ops = import ../plops ; + ops = import ((import { }).fetchgit { + url = "https://github.com/mrVanDalo/plops.git"; + rev = "bad0f386afe20cb6a6b8692a3ec365556f8bdabb"; + sha256 = "1qfc7kkfg83dy1jliw3afaq7q758b4ybz9md74g5fqpqjdxhxrnw"; + }); -#ops = import ../plops ; -ops = import ((import {}).fetchgit { - url = "https://github.com/mrVanDalo/plops.git"; - rev = "bad0f386afe20cb6a6b8692a3ec365556f8bdabb"; - sha256 = "1qfc7kkfg83dy1jliw3afaq7q758b4ybz9md74g5fqpqjdxhxrnw"; -}); + lib = ops.lib; + pkgs = ops.pkgs; -lib = ops.lib; -pkgs = ops.pkgs; + source = { -source = { - - raspberryNixPkgs = { - nixpkgs.git = { - ref = (ops.importJson ./.channelRaspberryStable.json).rev; - url = https://github.com/NixOS/nixpkgs-channels; - }; - nixpkgs-unstable.git = { - ref = (ops.importJson ./.channelRaspberryUnstable.json).rev; - url = https://github.com/NixOS/nixpkgs-channels; - }; - }; - - nixPkgs = { - nixpkgs.git = { - ref = (ops.importJson ./.channelStable.json).rev; - url = https://github.com/NixOS/nixpkgs-channels; - }; - nixpkgs-unstable.git = { - ref = (ops.importJson ./.channelUnstable.json).rev; - url = https://github.com/NixOS/nixpkgs-channels; - }; - }; - - system = name: { - system.file = toString ./system; - configs.file = toString ./configs; - nixos-config.symlink = "configs/${name}/configuration.nix"; - }; - - desktopSecrets = { - desktop_secrets.pass = { - dir = toString ~/.password-store; - name = "krops/desktop_secrets"; - }; - }; - - keys = name: { - keys.pass = { - dir = toString ~/.password-store; - name = "krops/${name}/keys"; - }; - }; - - secrets = name: { - secrets.pass = { - dir = toString ~/.password-store; - name = "krops/${name}/secrets"; - }; - common_secrets.pass = { - dir = toString ~/.password-store; - name = "krops/common_secrets"; - }; - }; - - modules = { - modules.file = toString ./modules; - library.file = toString ./library; - pkgs.file = toString ./pkgs; - assets.file = toString ./assets; - - nix-writers.git = { - url = https://cgit.krebsco.de/nix-writers/; - ref = (ops.importJson ./.nix-writers.json).rev; + raspberryNixPkgs = { + nixpkgs.git = { + ref = (ops.importJson ./.channelRaspberryStable.json).rev; + url = "https://github.com/NixOS/nixpkgs-channels"; + }; + nixpkgs-unstable.git = { + ref = (ops.importJson ./.channelRaspberryUnstable.json).rev; + url = "https://github.com/NixOS/nixpkgs-channels"; + }; }; - #backup-module.file = toString ~/dev/backup; - backup-module.git = { - url = https://git.ingolf-wagner.de/nix-modules/backup.git; - ref = "1.3.3"; + nixPkgs = { + nixpkgs.git = { + ref = (ops.importJson ./.channelStable.json).rev; + url = "https://github.com/NixOS/nixpkgs-channels"; + }; + nixpkgs-unstable.git = { + ref = (ops.importJson ./.channelUnstable.json).rev; + url = "https://github.com/NixOS/nixpkgs-channels"; + }; }; - #kops-lib.file = toString ~/dev/krops-lib; - krops-lib.git = { - url = https://git.ingolf-wagner.de/nix-modules/krops.git; - ref = "1.0.2"; + system = name: { + system.file = toString ./system; + configs.file = toString ./configs; + nixos-config.symlink = "configs/${name}/configuration.nix"; }; - #cluster-module.file = toString ~/dev/cluster-module; - cluster-module.git = { - url = https://git.ingolf-wagner.de/nix-modules/cluster.git; - ref = "1.2.0"; + desktopSecrets = { + desktop_secrets.pass = { + dir = toString ~/.password-store; + name = "krops/desktop_secrets"; + }; }; - #home-manager.file = toString ~/dev/home-manager; - home-manager.git = { - url = https://github.com/rycee/home-manager.git; - ref = "024d1aa227978fe2dae2fb3e56bab9a7237c2401"; + keys = name: { + keys.pass = { + dir = toString ~/.password-store; + name = "krops/${name}/keys"; + }; }; - background-image-generators.git = { - url = https://git.ingolf-wagner.de/nix-modules/background-image-generators.git; - ref = "1.0.0"; + secrets = name: { + secrets.pass = { + dir = toString ~/.password-store; + name = "krops/${name}/secrets"; + }; + common_secrets.pass = { + dir = toString ~/.password-store; + name = "krops/common_secrets"; + }; }; - cleverca22.git = { - url = https://github.com/mrVanDalo/nixos-configs.git; - ref = "76260ad60cd99d40ab25df1400b0663d48e736db"; - }; + modules = { + modules.file = toString ./modules; + library.file = toString ./library; + pkgs.file = toString ./pkgs; + assets.file = toString ./assets; - wetten.file = toString ./wetten; + nix-writers.git = { + url = "https://cgit.krebsco.de/nix-writers/"; + ref = (ops.importJson ./.nix-writers.json).rev; + }; + + #backup-module.file = toString ~/dev/backup; + backup-module.git = { + url = "https://git.ingolf-wagner.de/nix-modules/backup.git"; + ref = "1.3.3"; + }; + + #kops-lib.file = toString ~/dev/krops-lib; + krops-lib.git = { + url = "https://git.ingolf-wagner.de/nix-modules/krops.git"; + ref = "1.0.2"; + }; + + #cluster-module.file = toString ~/dev/cluster-module; + cluster-module.git = { + url = "https://git.ingolf-wagner.de/nix-modules/cluster.git"; + ref = "1.2.0"; + }; + + #home-manager.file = toString ~/dev/home-manager; + home-manager.git = { + url = "https://github.com/rycee/home-manager.git"; + ref = "024d1aa227978fe2dae2fb3e56bab9a7237c2401"; + }; + + background-image-generators.git = { + url = + "https://git.ingolf-wagner.de/nix-modules/background-image-generators.git"; + ref = "1.0.0"; + }; + + cleverca22.git = { + url = "https://github.com/mrVanDalo/nixos-configs.git"; + ref = "76260ad60cd99d40ab25df1400b0663d48e736db"; + }; + + wetten.file = toString ./wetten; + + }; }; -}; + serverDeployment = name: + { host ? "${name}.private", user ? "root" }: + with ops; + jobs "deploy-${name}" "${user}@${host}" [ + (populateTmpfs (source.keys name)) + (populate (source.secrets name)) + (populate (source.system name)) + (populate source.modules) + (populate source.nixPkgs) + switch + ]; -serverDeployment = name: { host ? "${name}.private", user ? "root" }: - with ops; - jobs "deploy-${name}" "${user}@${host}" [ - (populateTmpfs (source.keys name)) - (populate (source.secrets name)) - (populate (source.system name)) - (populate source.modules) - (populate source.nixPkgs) - switch -]; + serverPushSecrets = name: + { host ? "${name}.private", user ? "root" }: + with ops; + jobs "push-${name}" "${user}@${host}" [ + (populateTmpfs (source.keys name)) + (populate (source.secrets name)) + ]; -serverPushSecrets = name: { host ? "${name}.private", user ? "root" }: - with ops; - jobs "push-${name}" "${user}@${host}" [ - (populateTmpfs (source.keys name)) - (populate (source.secrets name)) -]; + desktopDeployment = name: + { host ? "${name}.private", target ? "/var/src/", user ? "root" + , commandPrefix ? "deploy", enableSwitch ? true }: + with ops; + jobs "${commandPrefix}-${name}" "${user}@${host}${target}" ([ + (populate (source.secrets name)) + (populate (source.system name)) + (populate source.modules) + (populate source.desktopSecrets) + (populate source.nixPkgs) + ] ++ (if enableSwitch then [ switch ] else [ ])); -desktopDeployment = name: { - host ? "${name}.private", - target ? "/var/src/", - user ? "root", - commandPrefix ? "deploy", - enableSwitch ? true - }: - with ops; - jobs "${commandPrefix}-${name}" "${user}@${host}${target}" ([ - (populate (source.secrets name)) - (populate (source.system name)) - (populate source.modules) - (populate source.desktopSecrets) - (populate source.nixPkgs) - ] ++ (if enableSwitch then [ switch ] else [])) ; - -cleanupNix = name: - let - target = { - host = "${name}.private"; - user = "root"; - port = "22"; - }; - in - pkgs.writers.writeDashBin "clean-${name}" /* sh */ '' + cleanupNix = name: + let + target = { + host = "${name}.private"; + user = "root"; + port = "22"; + }; + in pkgs.writers.writeDashBin "clean-${name}" # sh + '' set -eu ${pkgs.openssh}/bin/ssh \ ${target.user}@${target.host} -p ${target.port} \ nix-collect-garbage -d ''; + # generate tasks -# generate tasks + servers = with lib; + let + serverList = [ "workhorse" "sputnik" "porani" ]; + deployments = flip map serverList (name: serverDeployment name { }); + secretPushes = flip map serverList (name: serverPushSecrets name { }); + cleanup = flip map serverList (name: cleanupNix name); + in deployments ++ secretPushes ++ cleanup; -servers = with lib; - let - serverList = [ "workhorse" "sputnik" "porani" ]; - deployments = flip map serverList ( name: serverDeployment name {} ); - secretPushes = flip map serverList ( name: serverPushSecrets name {} ); - cleanup = flip map serverList ( name: cleanupNix name ); - in - deployments ++ secretPushes ++ cleanup; + desktops = with lib; + let + desktopList = [ "pepe" "workout" "sterni" ]; + deployments = flip map desktopList (name: desktopDeployment name { }); + cleanup = flip map desktopList (name: cleanupNix name); + install = flip map desktopList (name: + desktopDeployment name { + commandPrefix = "install"; + host = + "wz7tdziakduqtmqbbt65ttmmj2q23jkjdyeyg2vfwe52vbvsp6tjimqd.onion"; + target = "/mnt/var/src"; + enableSwitch = false; + }); + in deployments ++ cleanup ++ install; -desktops = with lib; - let - desktopList = [ "pepe" "workout" "sterni" ]; - deployments = flip map desktopList (name: desktopDeployment name {} ); - cleanup = flip map desktopList ( name: cleanupNix name ); - install = flip map desktopList (name: desktopDeployment name { - commandPrefix = "install"; - host = "wz7tdziakduqtmqbbt65ttmmj2q23jkjdyeyg2vfwe52vbvsp6tjimqd.onion"; - target = "/mnt/var/src"; - enableSwitch = false; - } ); - in - deployments ++ cleanup ++ install; - -in -pkgs.mkShell { +in pkgs.mkShell { buildInputs = with pkgs; - servers ++ desktops; + servers ++ desktops ++ [ + (pkgs.writers.writeBashBin "reformat" '' + find ${ + toString ./. + } -type f | egrep "nix$" | grep -v wetten | while read line ; do ${pkgs.nixfmt}/bin/nixfmt "$line"; done + '') + ]; }