From 8ee72ba5fa250ffc047104e9d05992f7ea11402e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 15 Dec 2023 13:14:55 +0100 Subject: [PATCH] clanCore: refactor flake-module.nix into smaller files --- flake.nix | 1 - nixosModules/clanCore/default.nix | 17 +++ nixosModules/clanCore/flake-module.nix | 127 ------------------ .../{clan-imports/default.nix => imports.nix} | 0 nixosModules/clanCore/metadata.nix | 32 +++++ nixosModules/clanCore/outputs.nix | 76 +++++++++++ nixosModules/clanCore/schema.nix | 11 ++ nixosModules/flake-module.nix | 9 +- 8 files changed, 144 insertions(+), 129 deletions(-) create mode 100644 nixosModules/clanCore/default.nix delete mode 100644 nixosModules/clanCore/flake-module.nix rename nixosModules/clanCore/{clan-imports/default.nix => imports.nix} (100%) create mode 100644 nixosModules/clanCore/metadata.nix create mode 100644 nixosModules/clanCore/outputs.nix create mode 100644 nixosModules/clanCore/schema.nix diff --git a/flake.nix b/flake.nix index 7dc2e1e5..a515d40c 100644 --- a/flake.nix +++ b/flake.nix @@ -41,7 +41,6 @@ ./lib/flake-module.nix ./nixosModules/flake-module.nix - ./nixosModules/clanCore/flake-module.nix ]; }); } diff --git a/nixosModules/clanCore/default.nix b/nixosModules/clanCore/default.nix new file mode 100644 index 00000000..220fad60 --- /dev/null +++ b/nixosModules/clanCore/default.nix @@ -0,0 +1,17 @@ +{ + imports = [ + ./backups.nix + ./imports.nix + ./meshnamed + ./metadata.nix + ./networking.nix + ./nix-settings.nix + ./options.nix + ./outputs.nix + ./packages.nix + ./schema.nix + ./secrets + ./vm.nix + ./zerotier + ]; +} diff --git a/nixosModules/clanCore/flake-module.nix b/nixosModules/clanCore/flake-module.nix deleted file mode 100644 index 4d6dbe2e..00000000 --- a/nixosModules/clanCore/flake-module.nix +++ /dev/null @@ -1,127 +0,0 @@ -{ self, inputs, lib, ... }: { - flake.nixosModules.clanCore = { config, pkgs, options, ... }: { - imports = [ - ./backups.nix - ./clan-imports - ./secrets - ./zerotier - ./meshnamed - ./networking.nix - ./packages.nix - ./nix-settings.nix - inputs.sops-nix.nixosModules.sops - # just some example options. Can be removed later - ./vm.nix - ./options.nix - ]; - options.clanSchema = lib.mkOption { - type = lib.types.attrs; - description = "The json schema for the .clan options namespace"; - default = self.lib.jsonschema.parseOptions options.clan; - }; - options.clanCore = { - clanName = lib.mkOption { - type = lib.types.str; - description = '' - the name of the clan - ''; - }; - clanDir = lib.mkOption { - type = lib.types.either lib.types.path lib.types.str; - description = '' - the location of the flake repo, used to calculate the location of facts and secrets - ''; - }; - clanIcon = lib.mkOption { - type = lib.types.nullOr lib.types.path; - description = '' - the location of the clan icon - ''; - }; - machineName = lib.mkOption { - type = lib.types.str; - description = '' - the name of the machine - ''; - }; - clanPkgs = lib.mkOption { - default = self.packages.${pkgs.system}; - defaultText = "self.packages.${pkgs.system}"; - internal = true; - }; - }; - # TODO: factor these out into a separate interface.nix. - # Also think about moving these options out of `system.clan`. - # Maybe we should not re-use the already polluted confg.system namespace - # and instead have a separate top-level namespace like `clanOutputs`, with - # well defined options marked as `internal = true;`. - options.system.clan = lib.mkOption { - type = lib.types.submodule { - options = { - deployment.data = lib.mkOption { - type = lib.types.attrs; - description = '' - the data to be written to the deployment.json file - ''; - }; - deployment.file = lib.mkOption { - type = lib.types.path; - description = '' - the location of the deployment.json file - ''; - }; - deploymentAddress = lib.mkOption { - type = lib.types.str; - description = '' - the address of the deployment server - ''; - }; - secretsUploadDirectory = lib.mkOption { - type = lib.types.path; - description = '' - the directory on the deployment server where secrets are uploaded - ''; - }; - uploadSecrets = lib.mkOption { - type = lib.types.path; - description = '' - script to upload secrets to the deployment server - ''; - default = "${pkgs.coreutils}/bin/true"; - }; - generateSecrets = lib.mkOption { - type = lib.types.path; - description = '' - script to generate secrets - ''; - default = "${pkgs.coreutils}/bin/true"; - }; - vm.config = lib.mkOption { - type = lib.types.attrs; - description = '' - the vm config - ''; - }; - vm.create = lib.mkOption { - type = lib.types.path; - description = '' - json metadata about the vm - ''; - }; - }; - }; - description = '' - utility outputs for clan management of this machine - ''; - }; - # optimization for faster secret generate/upload and machines update - config = { - system.clan.deployment.data = { - inherit (config.system.clan) uploadSecrets generateSecrets; - inherit (config.clan.networking) deploymentAddress; - inherit (config.clanCore) secretsUploadDirectory; - }; - system.clan.deployment.file = pkgs.writeText "deployment.json" (builtins.toJSON config.system.clan.deployment.data); - }; - }; -} diff --git a/nixosModules/clanCore/clan-imports/default.nix b/nixosModules/clanCore/imports.nix similarity index 100% rename from nixosModules/clanCore/clan-imports/default.nix rename to nixosModules/clanCore/imports.nix diff --git a/nixosModules/clanCore/metadata.nix b/nixosModules/clanCore/metadata.nix new file mode 100644 index 00000000..77afc0ee --- /dev/null +++ b/nixosModules/clanCore/metadata.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, ... }: { + options.clanCore = { + clanName = lib.mkOption { + type = lib.types.str; + description = '' + the name of the clan + ''; + }; + clanDir = lib.mkOption { + type = lib.types.either lib.types.path lib.types.str; + description = '' + the location of the flake repo, used to calculate the location of facts and secrets + ''; + }; + clanIcon = lib.mkOption { + type = lib.types.nullOr lib.types.path; + description = '' + the location of the clan icon + ''; + }; + machineName = lib.mkOption { + type = lib.types.str; + description = '' + the name of the machine + ''; + }; + clanPkgs = lib.mkOption { + defaultText = "self.packages.${pkgs.system}"; + internal = true; + }; + }; +} diff --git a/nixosModules/clanCore/outputs.nix b/nixosModules/clanCore/outputs.nix new file mode 100644 index 00000000..d60f8778 --- /dev/null +++ b/nixosModules/clanCore/outputs.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: { + # TODO: factor these out into a separate interface.nix. + # Also think about moving these options out of `system.clan`. + # Maybe we should not re-use the already polluted confg.system namespace + # and instead have a separate top-level namespace like `clanOutputs`, with + # well defined options marked as `internal = true;`. + options.system.clan = lib.mkOption { + type = lib.types.submodule { + options = { + deployment.data = lib.mkOption { + type = lib.types.attrs; + description = '' + the data to be written to the deployment.json file + ''; + }; + deployment.file = lib.mkOption { + type = lib.types.path; + description = '' + the location of the deployment.json file + ''; + }; + deploymentAddress = lib.mkOption { + type = lib.types.str; + description = '' + the address of the deployment server + ''; + }; + secretsUploadDirectory = lib.mkOption { + type = lib.types.path; + description = '' + the directory on the deployment server where secrets are uploaded + ''; + }; + uploadSecrets = lib.mkOption { + type = lib.types.path; + description = '' + script to upload secrets to the deployment server + ''; + default = "${pkgs.coreutils}/bin/true"; + }; + generateSecrets = lib.mkOption { + type = lib.types.path; + description = '' + script to generate secrets + ''; + default = "${pkgs.coreutils}/bin/true"; + }; + vm.config = lib.mkOption { + type = lib.types.attrs; + description = '' + the vm config + ''; + }; + vm.create = lib.mkOption { + type = lib.types.path; + description = '' + json metadata about the vm + ''; + }; + }; + }; + description = '' + utility outputs for clan management of this machine + ''; + }; + # optimization for faster secret generate/upload and machines update + config = { + system.clan.deployment.data = { + inherit (config.system.clan) uploadSecrets generateSecrets; + inherit (config.clan.networking) deploymentAddress; + inherit (config.clanCore) secretsUploadDirectory; + }; + system.clan.deployment.file = pkgs.writeText "deployment.json" (builtins.toJSON config.system.clan.deployment.data); + }; + +} diff --git a/nixosModules/clanCore/schema.nix b/nixosModules/clanCore/schema.nix new file mode 100644 index 00000000..b93d8642 --- /dev/null +++ b/nixosModules/clanCore/schema.nix @@ -0,0 +1,11 @@ +{ options, lib, ... }: +let + jsonschema = import ../../lib/jsonschema { inherit lib; }; +in +{ + options.clanSchema = lib.mkOption { + type = lib.types.attrs; + description = "The json schema for the .clan options namespace"; + default = jsonschema.parseOptions options.clan; + }; +} diff --git a/nixosModules/flake-module.nix b/nixosModules/flake-module.nix index 6443ac97..96b264b5 100644 --- a/nixosModules/flake-module.nix +++ b/nixosModules/flake-module.nix @@ -1,6 +1,13 @@ -{ ... }: { +{ inputs, self, ... }: { flake.nixosModules = { hidden-ssh-announce.imports = [ ./hidden-ssh-announce.nix ]; installer.imports = [ ./installer ]; + clanCore.imports = [ + inputs.sops-nix.nixosModules.sops + ./clanCore + ({ pkgs, lib, ... }: { + clanCore.clanPkgs = lib.mkDefault self.packages.${pkgs.hostPlatform.system}; + }) + ]; }; }