palo
/
tech-ingolf-wagner-de
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

last correctoins

master
Ingolf Wagner 2018-12-28 01:06:06 +01:00
parent 72ade764a3
commit 1cc8307373
1 changed files with 22 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
content/nixos/nix-instantiate.md
View File

@ -1,13 +1,14 @@
---
title: "nix-instantiate"
date: 2018-12-05T19:09:36+02:00
date: 2018-12-27T19:09:36+02:00
draft: false
tags:
- NixOS
- TerraNix
- Ansible
- Terraform
summary: >
a tool to create your JSON generator.
A tool to create your JSON generator.
---
# nix-instantiate
@ -156,7 +157,7 @@ let
modules = [ { imports = [ ./config.nix ]; } ];
};
in
# we whitelist the resource argument
# whitelist the resource attribute
{ resource = (sanitize result.config).resource ; }
```
@ -392,14 +393,14 @@ Whoa, a lot of other resources joined the party.
Additionally, the `additionalFileSize` parameter is
properly removed from `resource.hcloud_server.test`.
You could also create this very simple example with
You could also create this very simple example in `HCL` by using
`variables`, `locals` and `count`.
By doing that, you already reached the limits of
`HCL` but in Nix this is a very simple example.
## A More Complex Example
Lets create something you wouldn't be able to do in `HCL`
Let's create something you wouldn't be able to do in `HCL`
anymore.
Imagine you have an inner circle of admins,
@ -407,7 +408,7 @@ which need access to all machines created.
So when a machine is created we also add
all admin keys.
Let's look at the config first how it would look like.
Let's look at the `config.nix` first.
```nix
{
@ -433,9 +434,14 @@ Let's look at the config first how it would look like.
}
```
We want to define the admin keys "globally" without setting them
for every machine explicitly.
### `admins.nix`
But this time the `admins` module will not create any `resource` directly.
The `admins` module will not create any `resource` directly.
Instead it defines options which can be set and used by
other modules.
```nix
# admins.nix
@ -460,9 +466,13 @@ with lib;
### hcloud.nix
These options are used in the `hcloud.nix` file and of course every
The `admins` options are used in the `hcloud.nix` file, and of course every
other module that create servers.
They are accessed via `config.admins`
and depending on their content,
we create `hcloud_ssh_keys` and add them to the servers.
```nix
{ config, lib, ... }:
with lib;
@ -552,10 +562,10 @@ in {
}
```
The `hcloud.nix` starts to get big now, and it is very similar to the version
The `hcloud.nix` starts to get big now, but it is very similar to the version
from the privious section.
Focus on the last section on `mkMerge` and in `config` look closely
at the end of the `serverResource` definition.
Focus on the last `let` section and on `mkMerge`.
Look closely at the end of the `serverResource` definition.
### Output
@ -564,25 +574,6 @@ Let's look at the resulting JSON:
```json
$> nix-instantiate --eval --strict --json test3.nix --show-trace | jq
{
"admins": {
"lass": {
"ssh_key": "ssh-rsa AAAAB3NzaC1yc2EAAAA......hKIWndLJ lass@someMachine"
},
"palo": {
"ssh_key": "ssh-rsa AAAAB3NzaC1yc2EAAAA......hKIWndLJ palo@someMachine"
},
"tv": {
"ssh_key": "ssh-rsa AAAAB3NzaC1yc2EAAAA......hKIWndLJ tv@someMachine"
}
},
"hcloud": {
"server": {
"test": {
"image": "ubuntu",
"server_type": "cx11"
}
}
},
"resource": {
"hcloud_server": {
"test": {
@ -625,4 +616,5 @@ Happy Hacking!
## Thanks
Thanks to `tv` for his introduction to `nix-instantiate`.
Thanks to `lassulus` and `kmein` for polishing this article.