diff options
author | Vincent Ambo <mail@tazj.in> | 2021-04-11T20·50+0200 |
---|---|---|
committer | tazjin <mail@tazj.in> | 2021-04-11T22·18+0000 |
commit | 90281c4eac4cd25045ed80c5f8f27c74898a02b3 (patch) | |
tree | 804425642af16b9e299d469ad6e21c6a23a400e9 | |
parent | 7deabb8c8d6f4c7e58e2b16548b8a1895795963b (diff) |
refactor(ops): Split //ops/nixos into different locations r/2482
Splits //ops/nixos into: * //ops/nixos.nix - utility functions for building systems * //ops/machines - shared machine definitions (read by readTree) * //ops/modules - shared NixOS modules (skipped by readTree) This simplifies working with the configuration fixpoint in whitby, and is overall a bit more in line with how NixOS systems in user folders currently work. Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: glittershark <grfn@gws.fyi>
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | docs/CONTRIBUTING.md | 2 | ||||
-rw-r--r-- | ops/machines/all-systems.nix (renamed from ops/nixos/all-systems.nix) | 2 | ||||
-rw-r--r-- | ops/machines/whitby/OWNERS (renamed from ops/nixos/whitby/OWNERS) | 0 | ||||
-rw-r--r-- | ops/machines/whitby/README.md (renamed from ops/nixos/whitby/README.md) | 0 | ||||
-rw-r--r-- | ops/machines/whitby/default.nix (renamed from ops/nixos/whitby/default.nix) | 43 | ||||
-rw-r--r-- | ops/modules/.skip-subtree (renamed from ops/nixos/.skip-subtree) | 0 | ||||
-rw-r--r-- | ops/modules/README.md (renamed from ops/nixos/README.md) | 0 | ||||
-rw-r--r-- | ops/modules/clbot.nix (renamed from ops/nixos/clbot.nix) | 0 | ||||
-rw-r--r-- | ops/modules/default.nix | 2 | ||||
-rw-r--r-- | ops/modules/irccat.nix (renamed from ops/nixos/irccat.nix) | 0 | ||||
-rw-r--r-- | ops/modules/monorepo-gerrit.nix (renamed from ops/nixos/monorepo-gerrit.nix) | 0 | ||||
-rw-r--r-- | ops/modules/panettone.nix (renamed from ops/nixos/panettone.nix) | 0 | ||||
-rw-r--r-- | ops/modules/paroxysm.nix (renamed from ops/nixos/paroxysm.nix) | 0 | ||||
-rw-r--r-- | ops/modules/quassel.nix (renamed from ops/nixos/quassel.nix) | 0 | ||||
-rw-r--r-- | ops/modules/smtprelay.nix (renamed from ops/nixos/smtprelay.nix) | 0 | ||||
-rw-r--r-- | ops/modules/sourcegraph.nix (renamed from ops/nixos/sourcegraph.nix) | 0 | ||||
-rw-r--r-- | ops/modules/tvl-buildkite.nix (renamed from ops/nixos/tvl-buildkite.nix) | 0 | ||||
-rw-r--r-- | ops/modules/tvl-slapd/default.nix (renamed from ops/nixos/tvl-slapd/default.nix) | 0 | ||||
-rw-r--r-- | ops/modules/tvl-sso/default.nix (renamed from ops/nixos/tvl-sso/default.nix) | 0 | ||||
-rw-r--r-- | ops/modules/v4l2loopback.nix (renamed from ops/nixos/v4l2loopback.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/b.tvl.fyi.nix (renamed from ops/nixos/www/b.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/base.nix (renamed from ops/nixos/www/base.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/cache.tvl.su.nix (renamed from ops/nixos/www/cache.tvl.su.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/cl.tvl.fyi.nix (renamed from ops/nixos/www/cl.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/code.tvl.fyi.nix (renamed from ops/nixos/www/code.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/cs.tvl.fyi.nix (renamed from ops/nixos/www/cs.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/login.tvl.fyi.nix (renamed from ops/nixos/www/login.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/tazj.in.nix (renamed from ops/nixos/www/tazj.in.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/todo.tvl.fyi.nix (renamed from ops/nixos/www/todo.tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/tvl.fyi.nix (renamed from ops/nixos/www/tvl.fyi.nix) | 0 | ||||
-rw-r--r-- | ops/modules/www/wigglydonke.rs.nix (renamed from ops/nixos/www/wigglydonke.rs.nix) | 0 | ||||
-rw-r--r-- | ops/nixos.nix (renamed from ops/nixos/default.nix) | 22 | ||||
-rw-r--r-- | ops/nixos/.gitignore | 3 | ||||
-rw-r--r-- | users/glittershark/system/system/machines/chupacabra.nix | 2 | ||||
-rw-r--r-- | users/tazjin/nixos/README.md | 17 | ||||
-rw-r--r-- | users/tazjin/nixos/camden/default.nix | 4 | ||||
-rw-r--r-- | users/tazjin/nixos/frog/default.nix | 2 |
38 files changed, 41 insertions, 60 deletions
diff --git a/README.md b/README.md index b7ea0f8765e2..0f618bf21d24 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Twitter][]. [`//ops/pipelines`](https://cs.tvl.fyi/depot/-/tree/ops/pipelines). All services that we host are deployed on NixOS machines that we manage. Their -configuration is tracked in `//ops/nixos`. +configuration is tracked in `//ops/{modules,machines}`. ## Nix diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md index 80481d88d3eb..7c9d034a9383 100644 --- a/docs/CONTRIBUTING.md +++ b/docs/CONTRIBUTING.md @@ -60,7 +60,7 @@ And `scope` should refer to some kind of logical grouping inside of the project. It does not make sense to include the full path unless it aids in disambiguating. For example, when changing the configuration of the host -`camden` at `//ops/nixos/camden` it is enough to write `feat(camden): ...`. +`whitby` at `//ops/machines/whitby` it is enough to write `feat(whitby): ...`. Please take a look at the existing commit log for examples. diff --git a/ops/nixos/all-systems.nix b/ops/machines/all-systems.nix index 05a89e05ab70..493d39e06b73 100644 --- a/ops/nixos/all-systems.nix +++ b/ops/machines/all-systems.nix @@ -1,6 +1,6 @@ { depot, ... }: -(with depot.ops.nixos; [ +(with depot.ops.machines; [ whitby ]) ++ diff --git a/ops/nixos/whitby/OWNERS b/ops/machines/whitby/OWNERS index b1b749e871e1..b1b749e871e1 100644 --- a/ops/nixos/whitby/OWNERS +++ b/ops/machines/whitby/OWNERS diff --git a/ops/nixos/whitby/README.md b/ops/machines/whitby/README.md index 55287c541256..55287c541256 100644 --- a/ops/nixos/whitby/README.md +++ b/ops/machines/whitby/README.md diff --git a/ops/nixos/whitby/default.nix b/ops/machines/whitby/default.nix index 394b79c21ba1..eb5ee4ed6d12 100644 --- a/ops/nixos/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -1,30 +1,31 @@ -{ depot, lib, pkgs, ... }: +{ depot, lib, pkgs, ... }: # readTree options +config: # passed by module system let inherit (builtins) listToAttrs; inherit (lib) range; in lib.fix(self: { imports = [ - "${depot.depotPath}/ops/nixos/clbot.nix" - "${depot.depotPath}/ops/nixos/irccat.nix" - "${depot.depotPath}/ops/nixos/monorepo-gerrit.nix" - "${depot.depotPath}/ops/nixos/panettone.nix" - "${depot.depotPath}/ops/nixos/paroxysm.nix" - "${depot.depotPath}/ops/nixos/smtprelay.nix" - "${depot.depotPath}/ops/nixos/sourcegraph.nix" - "${depot.depotPath}/ops/nixos/tvl-buildkite.nix" - "${depot.depotPath}/ops/nixos/tvl-slapd/default.nix" - "${depot.depotPath}/ops/nixos/tvl-sso/default.nix" - "${depot.depotPath}/ops/nixos/www/b.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/cache.tvl.su.nix" - "${depot.depotPath}/ops/nixos/www/cl.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/tazj.in.nix" - "${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/tvl.fyi.nix" - "${depot.depotPath}/ops/nixos/www/wigglydonke.rs.nix" + "${depot.depotPath}/ops/modules/clbot.nix" + "${depot.depotPath}/ops/modules/irccat.nix" + "${depot.depotPath}/ops/modules/monorepo-gerrit.nix" + "${depot.depotPath}/ops/modules/panettone.nix" + "${depot.depotPath}/ops/modules/paroxysm.nix" + "${depot.depotPath}/ops/modules/smtprelay.nix" + "${depot.depotPath}/ops/modules/sourcegraph.nix" + "${depot.depotPath}/ops/modules/tvl-buildkite.nix" + "${depot.depotPath}/ops/modules/tvl-slapd/default.nix" + "${depot.depotPath}/ops/modules/tvl-sso/default.nix" + "${depot.depotPath}/ops/modules/www/b.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/cache.tvl.su.nix" + "${depot.depotPath}/ops/modules/www/cl.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/code.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/cs.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/login.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/tazj.in.nix" + "${depot.depotPath}/ops/modules/www/todo.tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/tvl.fyi.nix" + "${depot.depotPath}/ops/modules/www/wigglydonke.rs.nix" "${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix" ]; diff --git a/ops/nixos/.skip-subtree b/ops/modules/.skip-subtree index 09520f8c831f..09520f8c831f 100644 --- a/ops/nixos/.skip-subtree +++ b/ops/modules/.skip-subtree diff --git a/ops/nixos/README.md b/ops/modules/README.md index 595b4c3344c6..595b4c3344c6 100644 --- a/ops/nixos/README.md +++ b/ops/modules/README.md diff --git a/ops/nixos/clbot.nix b/ops/modules/clbot.nix index ad33e25a4d54..ad33e25a4d54 100644 --- a/ops/nixos/clbot.nix +++ b/ops/modules/clbot.nix diff --git a/ops/modules/default.nix b/ops/modules/default.nix new file mode 100644 index 000000000000..8bdfecdf41b0 --- /dev/null +++ b/ops/modules/default.nix @@ -0,0 +1,2 @@ +# Make readTree happy at this level. +_: {} diff --git a/ops/nixos/irccat.nix b/ops/modules/irccat.nix index e4b30b73553e..e4b30b73553e 100644 --- a/ops/nixos/irccat.nix +++ b/ops/modules/irccat.nix diff --git a/ops/nixos/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix index eaea386ecd11..eaea386ecd11 100644 --- a/ops/nixos/monorepo-gerrit.nix +++ b/ops/modules/monorepo-gerrit.nix diff --git a/ops/nixos/panettone.nix b/ops/modules/panettone.nix index 51a7468578f4..51a7468578f4 100644 --- a/ops/nixos/panettone.nix +++ b/ops/modules/panettone.nix diff --git a/ops/nixos/paroxysm.nix b/ops/modules/paroxysm.nix index cd9cd3866e47..cd9cd3866e47 100644 --- a/ops/nixos/paroxysm.nix +++ b/ops/modules/paroxysm.nix diff --git a/ops/nixos/quassel.nix b/ops/modules/quassel.nix index df26a3945532..df26a3945532 100644 --- a/ops/nixos/quassel.nix +++ b/ops/modules/quassel.nix diff --git a/ops/nixos/smtprelay.nix b/ops/modules/smtprelay.nix index d8e03b5794b0..d8e03b5794b0 100644 --- a/ops/nixos/smtprelay.nix +++ b/ops/modules/smtprelay.nix diff --git a/ops/nixos/sourcegraph.nix b/ops/modules/sourcegraph.nix index a24328f3e366..a24328f3e366 100644 --- a/ops/nixos/sourcegraph.nix +++ b/ops/modules/sourcegraph.nix diff --git a/ops/nixos/tvl-buildkite.nix b/ops/modules/tvl-buildkite.nix index 2aa3b81811f4..2aa3b81811f4 100644 --- a/ops/nixos/tvl-buildkite.nix +++ b/ops/modules/tvl-buildkite.nix diff --git a/ops/nixos/tvl-slapd/default.nix b/ops/modules/tvl-slapd/default.nix index ae99fced7499..ae99fced7499 100644 --- a/ops/nixos/tvl-slapd/default.nix +++ b/ops/modules/tvl-slapd/default.nix diff --git a/ops/nixos/tvl-sso/default.nix b/ops/modules/tvl-sso/default.nix index 8e33c708b7f3..8e33c708b7f3 100644 --- a/ops/nixos/tvl-sso/default.nix +++ b/ops/modules/tvl-sso/default.nix diff --git a/ops/nixos/v4l2loopback.nix b/ops/modules/v4l2loopback.nix index 636b2ff6cf27..636b2ff6cf27 100644 --- a/ops/nixos/v4l2loopback.nix +++ b/ops/modules/v4l2loopback.nix diff --git a/ops/nixos/www/b.tvl.fyi.nix b/ops/modules/www/b.tvl.fyi.nix index 45f6c6ed5141..45f6c6ed5141 100644 --- a/ops/nixos/www/b.tvl.fyi.nix +++ b/ops/modules/www/b.tvl.fyi.nix diff --git a/ops/nixos/www/base.nix b/ops/modules/www/base.nix index 4b956cd95ef1..4b956cd95ef1 100644 --- a/ops/nixos/www/base.nix +++ b/ops/modules/www/base.nix diff --git a/ops/nixos/www/cache.tvl.su.nix b/ops/modules/www/cache.tvl.su.nix index 182306bebff1..182306bebff1 100644 --- a/ops/nixos/www/cache.tvl.su.nix +++ b/ops/modules/www/cache.tvl.su.nix diff --git a/ops/nixos/www/cl.tvl.fyi.nix b/ops/modules/www/cl.tvl.fyi.nix index 470122c395ea..470122c395ea 100644 --- a/ops/nixos/www/cl.tvl.fyi.nix +++ b/ops/modules/www/cl.tvl.fyi.nix diff --git a/ops/nixos/www/code.tvl.fyi.nix b/ops/modules/www/code.tvl.fyi.nix index c8a4b27b1b52..c8a4b27b1b52 100644 --- a/ops/nixos/www/code.tvl.fyi.nix +++ b/ops/modules/www/code.tvl.fyi.nix diff --git a/ops/nixos/www/cs.tvl.fyi.nix b/ops/modules/www/cs.tvl.fyi.nix index fac814baf064..fac814baf064 100644 --- a/ops/nixos/www/cs.tvl.fyi.nix +++ b/ops/modules/www/cs.tvl.fyi.nix diff --git a/ops/nixos/www/login.tvl.fyi.nix b/ops/modules/www/login.tvl.fyi.nix index 05b7cee25338..05b7cee25338 100644 --- a/ops/nixos/www/login.tvl.fyi.nix +++ b/ops/modules/www/login.tvl.fyi.nix diff --git a/ops/nixos/www/tazj.in.nix b/ops/modules/www/tazj.in.nix index 7d658a5ec4c1..7d658a5ec4c1 100644 --- a/ops/nixos/www/tazj.in.nix +++ b/ops/modules/www/tazj.in.nix diff --git a/ops/nixos/www/todo.tvl.fyi.nix b/ops/modules/www/todo.tvl.fyi.nix index b53f5437e7ab..b53f5437e7ab 100644 --- a/ops/nixos/www/todo.tvl.fyi.nix +++ b/ops/modules/www/todo.tvl.fyi.nix diff --git a/ops/nixos/www/tvl.fyi.nix b/ops/modules/www/tvl.fyi.nix index 45fd35803de7..45fd35803de7 100644 --- a/ops/nixos/www/tvl.fyi.nix +++ b/ops/modules/www/tvl.fyi.nix diff --git a/ops/nixos/www/wigglydonke.rs.nix b/ops/modules/www/wigglydonke.rs.nix index 0bc67898c633..0bc67898c633 100644 --- a/ops/nixos/www/wigglydonke.rs.nix +++ b/ops/modules/www/wigglydonke.rs.nix diff --git a/ops/nixos/default.nix b/ops/nixos.nix index 8be700b104a7..465a2eed3198 100644 --- a/ops/nixos/default.nix +++ b/ops/nixos.nix @@ -1,21 +1,8 @@ -# Most of the Nix expressions in this folder are NixOS modules, which -# are not readTree compatible. -# -# Some things (such as system configurations) are, and we import them -# here manually. -# -# TODO(tazjin): Find a more elegant solution for the whole module -# situation. +# Helper functions for instantiating depot-compatible NixOS machines. { depot, lib, pkgs, ... }@args: let inherit (lib) findFirst isAttrs; in rec { - whitby = import ./whitby/default.nix args; - - # System installation - - allSystems = import ./all-systems.nix args; - # This provides our standard set of arguments to all NixOS modules. baseModule = { ... }: { _module.args = { @@ -36,7 +23,7 @@ in rec { (findFirst (system: system.config.networking.hostName == hostname) (throw "${hostname} is not a known NixOS host") - (map nixosFor allSystems)); + (map nixosFor depot.ops.machines.all-systems)); rebuild-system = pkgs.writeShellScriptBin "rebuild-system" '' set -ue @@ -53,9 +40,6 @@ in rec { ''; # Systems that should be built in CI - # - # TODO(tazjin): Refactor the whole systems setup, it's a bit - # inconsistent at the moment. - whitbySystem = (nixosFor whitby).system; + whitbySystem = (nixosFor depot.ops.machines.whitby).system; meta.targets = [ "whitbySystem" ]; } diff --git a/ops/nixos/.gitignore b/ops/nixos/.gitignore deleted file mode 100644 index 773fa1667019..000000000000 --- a/ops/nixos/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -hardware-configuration.nix -local-configuration.nix -result diff --git a/users/glittershark/system/system/machines/chupacabra.nix b/users/glittershark/system/system/machines/chupacabra.nix index 4f7f39ee5aa1..974e3c34e37b 100644 --- a/users/glittershark/system/system/machines/chupacabra.nix +++ b/users/glittershark/system/system/machines/chupacabra.nix @@ -7,7 +7,7 @@ ../modules/tvl.nix ../modules/fcitx.nix ../modules/rtlsdr.nix - ../../../../../ops/nixos/v4l2loopback.nix + ../../../../../ops/modules/v4l2loopback.nix ../modules/desktop.nix ../modules/development.nix ]; diff --git a/users/tazjin/nixos/README.md b/users/tazjin/nixos/README.md index 0093f4ac65e1..662f2a36acac 100644 --- a/users/tazjin/nixos/README.md +++ b/users/tazjin/nixos/README.md @@ -1,20 +1,17 @@ NixOS configuration =================== -My NixOS configuration! It configures most of the packages I require +My NixOS configurations! It configures most of the packages I require on my systems, sets up Emacs the way I need and does a bunch of other interesting things. -System configuration lives in folders for each machine and a custom -fixed point evaluation (similar to standard NixOS module -configuration) is used to combine configuration together. +System configuration lives in folders, and some of the modules stem +from `//ops/modules`. -Building `ops.nixos.rebuilder` yields a script that will automatically -build and activate the newest configuration based on the current -hostname. +Machines are deployed with the script at `ops.nixos.rebuild-system`. ## Configured hosts: -* `frog` - weapon of mass computation at home -* `camden` - NUC serving tazj.in, tvl.fyi & co -* ~~`urdhva` - T470s~~ (currently with edef) +* `tverskoy` - X13 AMD that's travelling around with me +* `frog` - weapon of mass computation (in storage in London) +* `camden` - NUC formerly serving tazj.in (in storage in London) diff --git a/users/tazjin/nixos/camden/default.nix b/users/tazjin/nixos/camden/default.nix index f334320b381b..2659db5e91d9 100644 --- a/users/tazjin/nixos/camden/default.nix +++ b/users/tazjin/nixos/camden/default.nix @@ -25,8 +25,8 @@ in lib.fix(self: { sha256 = "157c64220lf825ll4c0cxsdwg7cxqdx4z559fdp7kpz0g6p8fhhr"; }; in [ - "${depot.depotPath}/ops/nixos/quassel.nix" - "${depot.depotPath}/ops/nixos/smtprelay.nix" + "${depot.depotPath}/ops/modules/quassel.nix" + "${depot.depotPath}/ops/modules/smtprelay.nix" "${oldChannel}/nixos/modules/security/acme.nix" ]; diff --git a/users/tazjin/nixos/frog/default.nix b/users/tazjin/nixos/frog/default.nix index 7f709da7eec5..1394f9cf4e91 100644 --- a/users/tazjin/nixos/frog/default.nix +++ b/users/tazjin/nixos/frog/default.nix @@ -16,7 +16,7 @@ config: let }; in lib.fix(self: { imports = [ - "${depot.depotPath}/ops/nixos/v4l2loopback.nix" + "${depot.depotPath}/ops/modules/v4l2loopback.nix" ]; boot = { |