palo
/
tech-ingolf-wagner-de
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

proof-read

master
Kierán Meinhardt 2018-12-27 14:50:29 +01:00
parent 8d55e7fcb7
commit c1a3be6091
1 changed files with 37 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
content/nixos/nix-instantiate.md
View File

@ -13,13 +13,13 @@ summary: >
# nix-instantiate
I like NixOS and the way modules work.
I miss them when I do tasks in other languages,
which have less power than NixOS, for example
I miss them when I do tasks in other languages
that have less power than NixOS, for example
[Ansible](https://www.ansible.com) and [Terraform](https://www.terraform.io).
Luckily all these tools can be configured via JSON,
and Nix can easily create JSON.
The goto tool for that job is
The go-to tool for that job is
[nix-instantiate](https://nixos.org/nix/manual/#sec-nix-instantiate)
which every NixOS has installed (yeye!).
@ -33,13 +33,13 @@ different tools that use JSON.
If you are interessted in a full (or almost full)
terraform JSON renderer have a look at my
[terranix project](https://github.com/mrVanDalo/terranix)
[terranix project](https://github.com/mrVanDalo/terranix).
## First tests
Lets look what `nix-instantiate` does.
We create a file `test1.nix`
We create a file `test1.nix`:
```nix
# file test1.nix
@ -49,7 +49,7 @@ rec {
}
```
and than we run `nix-instantiate` to render json
and than we run `nix-instantiate` to render JSON:
```sh
$> nix-instantiate --eval --json --strict test1.nix | jq
@ -60,7 +60,7 @@ $> nix-instantiate --eval --json --strict test1.nix | jq
}
```
Nice! this is expected because it is an example from
Nice! This is expected because it is an example from
[the documentation](https://nixos.org/nix/manual/#sec-nix-instantiate).
## Modules for the win
@ -100,13 +100,13 @@ in
result.config
```
When running
When running:
```sh
nix-instantiate --eval --strict --json test2.nix --show-trace | jq
```
we get the following json.
We get the following JSON:
```json
{
@ -128,8 +128,8 @@ we get the following json.
```
This is almost what we want to see. the `_module` value is not needed.
So lets remove it with a sanitize function, and move the content path
to a different file called config.nix
So let's remove it with a sanitization function, and move the content path
to a different file called `config.nix`.
```nix
# file test3.nix
@ -159,7 +159,7 @@ in
(sanitize result.config)
```
in `config.nix` we can now focus on the configuration content. And we write it
In `config.nix` we can now focus on the configuration content. And we write it
just like we would write a NixOS module.
```nix
@ -189,7 +189,7 @@ The result of the now well known command
nix-instantiate --eval --strict --json test3.nix --show-trace | jq
```
looks like the result we want to have.
looks like the result we want to have:
```nix
{
@ -213,18 +213,18 @@ We can write modules to hide complexity and create very well readable
strange tooling which is not capable of mapping, filtering
or hiding complexity.
## a simple example
## A Simple Example
Let's make an example so a none NixOS veteran can see
Let's make an example so a non-NixOS-veteran can see
how to start using this modules system.
### hcloud.nix
### `hcloud.nix`
The following file is a module that let's us create
resource entries to create a
resource entries to create an
[hcloud server](https://www.terraform.io/docs/providers/hcloud/r/server.html).
But it has one parameter `additionalFileSize`
which will automatic add a `hcloud_volume` and a `hcloud_volume_attachment`.
which will automatically add an `hcloud_volume` and an `hcloud_volume_attachment`.
```nix
# hcloud.nix
@ -299,11 +299,11 @@ in {
}
```
### config.nix and output
### `config.nix` and Output
#### without additionalFileSize
#### Without `additionalFileSize`
Lets look at the different `config.nix` results.
Let's look at the different `config.nix` results.
```nix
{
@ -350,9 +350,9 @@ The `hcloud` parameter should be removed, but for now I will leave it here,
to see the original configuration.
To make this work in terraform, you have to remove everything except `resource`.
#### with additionalFileSize
#### With `additionalFileSize`
Lets add some `additionalFileSize`.
Let's add some `additionalFileSize`.
```nix
{
@ -408,21 +408,21 @@ $> nix-instantiate --eval --strict --json test3.nix --show-trace | jq
}
```
Oha, a lot of other resources joined the party.
Additionally the `additionalFileSize` parameter is
Whoa, a lot of other resources joined the party.
Additionally, the `additionalFileSize` parameter is
properly removed from `resource.hcloud_server.test`.
You could also create this very simple example with
`variables`, `locals` and `count`.
By doing that you already reached the limits of
By doing that, you already reached the limits of
`HCL` but in Nix this is a very simple example.
## A more complex Example
## A More Complex Example
Lets create something you wouldn't be able to do in `HCL`
anymore.
Imagine you have a inner circle of admins,
Imagine you have an inner circle of admins,
which need access to all machines created.
So when a machine is created we also add
all admin keys.
@ -453,9 +453,9 @@ Let's look at the config first how it would look like.
}
```
### admins.nix
### `admins.nix`
But this time `admins` module will not create any `resource` directly.
But this time the `admins` module will not create any `resource` directly.
```nix
# admins.nix
@ -481,7 +481,7 @@ with lib;
### hcloud.nix
These options are used in the `hcloud.nix` file and of course every
other module you write, where you write which create servers.
other module you write, where you write which servers to create.
```nix
{ config, lib, ... }:
@ -574,12 +574,12 @@ in {
The `hcloud.nix` starts to get big now, and it is very similar to the version
from the privious section.
Focus on the last section on `mkMerge` and in `config` look closely
Focus on the last section on `mkMerge` and in `config` look closely
at the end of the `serverResource` definition.
### output
### Output
Lets look at the resulting JSON
Let's look at the resulting JSON:
```json
$> nix-instantiate --eval --strict --json test3.nix --show-trace | jq
@ -634,15 +634,15 @@ $> nix-instantiate --eval --strict --json test3.nix --show-trace | jq
}
```
Nice all 3 keys will be created by `hcloud_ssh_key` and they all get wired
Nice! All 3 keys will be created by `hcloud_ssh_key` and they all get wired
to the new `hcloud_server`.
This should give you a feeling how you can maintain your
`JSON`/`YAML`-configured tools, with `nix-instantiate` and the NixOS module system.
JSON/YAML-configured tools, with `nix-instantiate` and the NixOS module system.
Happy Hacking!
## Thanks
Thanks to `tv` for his introduction to `nix-instantiate`.
Thanks to `lassulus` for polishing this article.
Thanks to `lassulus` and `kmein` for polishing this article.