home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

use flake-utils to abstract cpu architectures in some places

Browse source
This commit is contained in:
Pim Kunis 2024-03-02 12:42:00 +01:00
parent f7b7009ab2
commit 81b81695c2
2 changed files with 95 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
flake.lock
View file

@ -141,6 +141,24 @@
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
@ -178,7 +196,7 @@
},
"microvm": {
"inputs": {
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
],
@ -268,6 +286,7 @@
"deploy-rs": "deploy-rs",
"disko": "disko",
"dns": "dns",
"flake-utils": "flake-utils_2",
"microvm": "microvm",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
@ -335,6 +354,21 @@
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"

116
flake.nix
View file

@ -1,5 +1,5 @@
# TODO: good way to improve flake design: https://gist.github.com/lucperkins/437600b6aaaf0e1e8f91fb22fe421234
# Good tutorial for multiple architectures
# Good tutorial for multiple architectures: https://ertt.ca/nix/shell-scripts/
{
description = "NixOS definitions for our physical servers";
@ -8,6 +8,7 @@
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
deploy-rs.url = "github:serokell/deploy-rs";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
flake-utils.url = "github:numtide/flake-utils";
disko = {
url = "github:nix-community/disko";
@ -31,67 +32,26 @@
};
outputs =
{ self, nixpkgs, deploy-rs, disko, agenix, nixpkgs-unstable, dns, microvm, nixos-hardware, ... }:
{ self, nixpkgs, deploy-rs, disko, agenix, nixpkgs-unstable, dns, microvm, nixos-hardware, flake-utils, ... }:
(flake-utils.lib.eachDefaultSystem (system:
let
controllerArch = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${controllerArch};
pkgs = nixpkgs.legacyPackages.${system};
lib = pkgs.lib;
pkgs-unstable = nixpkgs-unstable.legacyPackages.${controllerArch};
pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
machines = (lib.modules.evalModules { modules = [ (import ./nixos/machines) ]; }).config.machines;
physicalMachines = lib.filterAttrs (n: v: v.isPhysical) machines;
mkNixosSystems = systemDef:
builtins.mapAttrs
(name: machine:
nixpkgs.lib.nixosSystem (systemDef name machine)
)
physicalMachines;
mkDeployNodes = nodeDef:
builtins.mapAttrs
(name: machine: nodeDef name machine)
physicalMachines;
in
{
formatter.${controllerArch} = pkgs.nixfmt;
formatter = pkgs.nixfmt;
nixosConfigurations = mkNixosSystems (name: machine: {
system = machine.arch;
specialArgs = { inherit machines machine dns microvm disko agenix nixos-hardware; };
modules = [
./nixos
{ networking.hostName = name; }
];
checks = deploy-rs.lib.${system}.deployChecks (self.deploy // {
nodes = (lib.attrsets.filterAttrs
(name: node:
machines.${name}.arch == system
)
self.deploy.nodes);
});
deploy = {
sshUser = "root";
user = "root";
nodes = mkDeployNodes (name: machine: {
hostname = self.nixosConfigurations.${name}.config.networking.fqdn;
profiles.system = {
remoteBuild = machine.arch != controllerArch;
path = deploy-rs.lib."${machine.arch}".activate.nixos
self.nixosConfigurations.${name};
};
});
};
# Deploy-rs' flake checks seem broken for architectures different from the deployment machine.
# We skip these here.
checks = builtins.mapAttrs
(system: deployLib:
deployLib.deployChecks (self.deploy // {
nodes = (lib.attrsets.filterAttrs
(name: node:
machines.${name}.arch == controllerArch
)
self.deploy.nodes);
})
)
deploy-rs.lib;
packages.${controllerArch}.bootstrap =
packages.bootstrap =
let
name = "bootstrap";
buildInputs = with pkgs; [ libsecret coreutils pkgs-unstable.nixos-anywhere ];
@ -106,9 +66,53 @@
postBuild = "wrapProgram $out/bin/${name} --set PATH $out/bin";
};
apps.${controllerArch}.deploy = {
apps.deploy = {
type = "app";
program = "${pkgs-unstable.deploy-rs}/bin/deploy";
};
};
})) //
(
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
lib = pkgs.lib;
machines = (lib.modules.evalModules { modules = [ (import ./nixos/machines) ]; }).config.machines;
physicalMachines = lib.filterAttrs (n: v: v.isPhysical) machines;
mkNixosSystems = systemDef:
builtins.mapAttrs
(name: machine:
nixpkgs.lib.nixosSystem (systemDef name machine)
)
physicalMachines;
mkDeployNodes = nodeDef:
builtins.mapAttrs
(name: machine: nodeDef name machine)
physicalMachines;
in
{
nixosConfigurations = mkNixosSystems (name: machine: {
system = machine.arch;
specialArgs = { inherit machines machine dns microvm disko agenix nixos-hardware; };
modules = [
./nixos
{ networking.hostName = name; }
];
});
deploy = {
sshUser = "root";
user = "root";
nodes = mkDeployNodes (name: machine: {
hostname = self.nixosConfigurations.${name}.config.networking.fqdn;
profiles.system = {
remoteBuild = machine.arch != system;
path = deploy-rs.lib."${machine.arch}".activate.nixos
self.nixosConfigurations.${name};
};
});
};
}
);
}