palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixfmt: shell.nix

Browse source
This commit is contained in:
Ingolf Wagner 2019-12-20 17:52:19 +13:00
parent e09acc8946
commit fccbc04336
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
1 changed files with 166 additions and 164 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

330
shell.nix
View file

@ -1,200 +1,202 @@
let let
#ops = import ../plops ;
ops = import ((import <nixpkgs> { }).fetchgit {
url = "https://github.com/mrVanDalo/plops.git";
rev = "bad0f386afe20cb6a6b8692a3ec365556f8bdabb";
sha256 = "1qfc7kkfg83dy1jliw3afaq7q758b4ybz9md74g5fqpqjdxhxrnw";
});
#ops = import ../plops ; lib = ops.lib;
ops = import ((import <nixpkgs> {}).fetchgit { pkgs = ops.pkgs;
url = "https://github.com/mrVanDalo/plops.git";
rev = "bad0f386afe20cb6a6b8692a3ec365556f8bdabb";
sha256 = "1qfc7kkfg83dy1jliw3afaq7q758b4ybz9md74g5fqpqjdxhxrnw";
});
lib = ops.lib; source = {
pkgs = ops.pkgs;
source = { raspberryNixPkgs = {
nixpkgs.git = {
raspberryNixPkgs = { ref = (ops.importJson ./.channelRaspberryStable.json).rev;
nixpkgs.git = { url = "https://github.com/NixOS/nixpkgs-channels";
ref = (ops.importJson ./.channelRaspberryStable.json).rev; };
url = https://github.com/NixOS/nixpkgs-channels; nixpkgs-unstable.git = {
}; ref = (ops.importJson ./.channelRaspberryUnstable.json).rev;
nixpkgs-unstable.git = { url = "https://github.com/NixOS/nixpkgs-channels";
ref = (ops.importJson ./.channelRaspberryUnstable.json).rev; };
url = https://github.com/NixOS/nixpkgs-channels;
};
};
nixPkgs = {
nixpkgs.git = {
ref = (ops.importJson ./.channelStable.json).rev;
url = https://github.com/NixOS/nixpkgs-channels;
};
nixpkgs-unstable.git = {
ref = (ops.importJson ./.channelUnstable.json).rev;
url = https://github.com/NixOS/nixpkgs-channels;
};
};
system = name: {
system.file = toString ./system;
configs.file = toString ./configs;
nixos-config.symlink = "configs/${name}/configuration.nix";
};
desktopSecrets = {
desktop_secrets.pass = {
dir = toString ~/.password-store;
name = "krops/desktop_secrets";
};
};
keys = name: {
keys.pass = {
dir = toString ~/.password-store;
name = "krops/${name}/keys";
};
};
secrets = name: {
secrets.pass = {
dir = toString ~/.password-store;
name = "krops/${name}/secrets";
};
common_secrets.pass = {
dir = toString ~/.password-store;
name = "krops/common_secrets";
};
};
modules = {
modules.file = toString ./modules;
library.file = toString ./library;
pkgs.file = toString ./pkgs;
assets.file = toString ./assets;
nix-writers.git = {
url = https://cgit.krebsco.de/nix-writers/;
ref = (ops.importJson ./.nix-writers.json).rev;
}; };
#backup-module.file = toString ~/dev/backup; nixPkgs = {
backup-module.git = { nixpkgs.git = {
url = https://git.ingolf-wagner.de/nix-modules/backup.git; ref = (ops.importJson ./.channelStable.json).rev;
ref = "1.3.3"; url = "https://github.com/NixOS/nixpkgs-channels";
};
nixpkgs-unstable.git = {
ref = (ops.importJson ./.channelUnstable.json).rev;
url = "https://github.com/NixOS/nixpkgs-channels";
};
}; };
#kops-lib.file = toString ~/dev/krops-lib; system = name: {
krops-lib.git = { system.file = toString ./system;
url = https://git.ingolf-wagner.de/nix-modules/krops.git; configs.file = toString ./configs;
ref = "1.0.2"; nixos-config.symlink = "configs/${name}/configuration.nix";
}; };
#cluster-module.file = toString ~/dev/cluster-module; desktopSecrets = {
cluster-module.git = { desktop_secrets.pass = {
url = https://git.ingolf-wagner.de/nix-modules/cluster.git; dir = toString ~/.password-store;
ref = "1.2.0"; name = "krops/desktop_secrets";
};
}; };
#home-manager.file = toString ~/dev/home-manager; keys = name: {
home-manager.git = { keys.pass = {
url = https://github.com/rycee/home-manager.git; dir = toString ~/.password-store;
ref = "024d1aa227978fe2dae2fb3e56bab9a7237c2401"; name = "krops/${name}/keys";
};
}; };
background-image-generators.git = { secrets = name: {
url = https://git.ingolf-wagner.de/nix-modules/background-image-generators.git; secrets.pass = {
ref = "1.0.0"; dir = toString ~/.password-store;
name = "krops/${name}/secrets";
};
common_secrets.pass = {
dir = toString ~/.password-store;
name = "krops/common_secrets";
};
}; };
cleverca22.git = { modules = {
url = https://github.com/mrVanDalo/nixos-configs.git; modules.file = toString ./modules;
ref = "76260ad60cd99d40ab25df1400b0663d48e736db"; library.file = toString ./library;
}; pkgs.file = toString ./pkgs;
assets.file = toString ./assets;
wetten.file = toString ./wetten; nix-writers.git = {
url = "https://cgit.krebsco.de/nix-writers/";
ref = (ops.importJson ./.nix-writers.json).rev;
};
#backup-module.file = toString ~/dev/backup;
backup-module.git = {
url = "https://git.ingolf-wagner.de/nix-modules/backup.git";
ref = "1.3.3";
};
#kops-lib.file = toString ~/dev/krops-lib;
krops-lib.git = {
url = "https://git.ingolf-wagner.de/nix-modules/krops.git";
ref = "1.0.2";
};
#cluster-module.file = toString ~/dev/cluster-module;
cluster-module.git = {
url = "https://git.ingolf-wagner.de/nix-modules/cluster.git";
ref = "1.2.0";
};
#home-manager.file = toString ~/dev/home-manager;
home-manager.git = {
url = "https://github.com/rycee/home-manager.git";
ref = "024d1aa227978fe2dae2fb3e56bab9a7237c2401";
};
background-image-generators.git = {
url =
"https://git.ingolf-wagner.de/nix-modules/background-image-generators.git";
ref = "1.0.0";
};
cleverca22.git = {
url = "https://github.com/mrVanDalo/nixos-configs.git";
ref = "76260ad60cd99d40ab25df1400b0663d48e736db";
};
wetten.file = toString ./wetten;
};
}; };
}; serverDeployment = name:
{ host ? "${name}.private", user ? "root" }:
with ops;
jobs "deploy-${name}" "${user}@${host}" [
(populateTmpfs (source.keys name))
(populate (source.secrets name))
(populate (source.system name))
(populate source.modules)
(populate source.nixPkgs)
switch
];
serverDeployment = name: { host ? "${name}.private", user ? "root" }: serverPushSecrets = name:
with ops; { host ? "${name}.private", user ? "root" }:
jobs "deploy-${name}" "${user}@${host}" [ with ops;
(populateTmpfs (source.keys name)) jobs "push-${name}" "${user}@${host}" [
(populate (source.secrets name)) (populateTmpfs (source.keys name))
(populate (source.system name)) (populate (source.secrets name))
(populate source.modules) ];
(populate source.nixPkgs)
switch
];
serverPushSecrets = name: { host ? "${name}.private", user ? "root" }: desktopDeployment = name:
with ops; { host ? "${name}.private", target ? "/var/src/", user ? "root"
jobs "push-${name}" "${user}@${host}" [ , commandPrefix ? "deploy", enableSwitch ? true }:
(populateTmpfs (source.keys name)) with ops;
(populate (source.secrets name)) jobs "${commandPrefix}-${name}" "${user}@${host}${target}" ([
]; (populate (source.secrets name))
(populate (source.system name))
(populate source.modules)
(populate source.desktopSecrets)
(populate source.nixPkgs)
] ++ (if enableSwitch then [ switch ] else [ ]));
desktopDeployment = name: { cleanupNix = name:
host ? "${name}.private", let
target ? "/var/src/", target = {
user ? "root", host = "${name}.private";
commandPrefix ? "deploy", user = "root";
enableSwitch ? true port = "22";
}: };
with ops; in pkgs.writers.writeDashBin "clean-${name}" # sh
jobs "${commandPrefix}-${name}" "${user}@${host}${target}" ([ ''
(populate (source.secrets name))
(populate (source.system name))
(populate source.modules)
(populate source.desktopSecrets)
(populate source.nixPkgs)
] ++ (if enableSwitch then [ switch ] else [])) ;
cleanupNix = name:
let
target = {
host = "${name}.private";
user = "root";
port = "22";
};
in
pkgs.writers.writeDashBin "clean-${name}" /* sh */ ''
set -eu set -eu
${pkgs.openssh}/bin/ssh \ ${pkgs.openssh}/bin/ssh \
${target.user}@${target.host} -p ${target.port} \ ${target.user}@${target.host} -p ${target.port} \
nix-collect-garbage -d nix-collect-garbage -d
''; '';
# generate tasks
# generate tasks servers = with lib;
let
serverList = [ "workhorse" "sputnik" "porani" ];
deployments = flip map serverList (name: serverDeployment name { });
secretPushes = flip map serverList (name: serverPushSecrets name { });
cleanup = flip map serverList (name: cleanupNix name);
in deployments ++ secretPushes ++ cleanup;
servers = with lib; desktops = with lib;
let let
serverList = [ "workhorse" "sputnik" "porani" ]; desktopList = [ "pepe" "workout" "sterni" ];
deployments = flip map serverList ( name: serverDeployment name {} ); deployments = flip map desktopList (name: desktopDeployment name { });
secretPushes = flip map serverList ( name: serverPushSecrets name {} ); cleanup = flip map desktopList (name: cleanupNix name);
cleanup = flip map serverList ( name: cleanupNix name ); install = flip map desktopList (name:
in desktopDeployment name {
deployments ++ secretPushes ++ cleanup; commandPrefix = "install";
host =
"wz7tdziakduqtmqbbt65ttmmj2q23jkjdyeyg2vfwe52vbvsp6tjimqd.onion";
target = "/mnt/var/src";
enableSwitch = false;
});
in deployments ++ cleanup ++ install;
desktops = with lib; in pkgs.mkShell {
let
desktopList = [ "pepe" "workout" "sterni" ];
deployments = flip map desktopList (name: desktopDeployment name {} );
cleanup = flip map desktopList ( name: cleanupNix name );
install = flip map desktopList (name: desktopDeployment name {
commandPrefix = "install";
host = "wz7tdziakduqtmqbbt65ttmmj2q23jkjdyeyg2vfwe52vbvsp6tjimqd.onion";
target = "/mnt/var/src";
enableSwitch = false;
} );
in
deployments ++ cleanup ++ install;
in
pkgs.mkShell {
buildInputs = with pkgs; buildInputs = with pkgs;
servers ++ desktops; servers ++ desktops ++ [
(pkgs.writers.writeBashBin "reformat" ''
find ${
toString ./.
} -type f | egrep "nix$" | grep -v wetten | while read line ; do ${pkgs.nixfmt}/bin/nixfmt "$line"; done
'')
];
} }