From 313db5643f225399646d6bc1727bab6873b4f156 Mon Sep 17 00:00:00 2001 From: DavHau Date: Mon, 17 Jun 2024 17:42:28 +0700 Subject: [PATCH] refactor: rename clanCore -> clan.core --- checks/backups/flake-module.nix | 6 +-- checks/borgbackup/default.nix | 8 ++-- checks/deltachat/default.nix | 4 +- checks/flake-module.nix | 2 +- checks/matrix-synapse/default.nix | 6 +-- checks/postgresql/default.nix | 2 +- checks/secrets/default.nix | 4 +- checks/syncthing/default.nix | 14 +++--- checks/wayland-proxy-virtwl/default.nix | 4 +- checks/zt-tcp-relay/default.nix | 4 +- clanModules/borgbackup-static/default.nix | 14 +++--- clanModules/borgbackup/default.nix | 14 +++--- clanModules/deltachat/default.nix | 2 +- clanModules/ergochat/default.nix | 2 +- clanModules/localbackup/default.nix | 6 +-- clanModules/localsend/default.nix | 2 +- clanModules/matrix-synapse/default.nix | 4 +- clanModules/moonlight/default.nix | 8 ++-- clanModules/postgresql/default.nix | 2 +- clanModules/root-password/default.nix | 6 +-- clanModules/sshd/default.nix | 4 +- clanModules/static-hosts/default.nix | 4 +- clanModules/sunshine/default.nix | 16 +++---- .../syncthing-static-peers/default.nix | 10 ++-- clanModules/syncthing/default.nix | 10 ++-- clanModules/thelounge/default.nix | 2 +- clanModules/user-password/default.nix | 6 +-- clanModules/zerotier-static-peers/default.nix | 4 +- docs/nix/flake-module.nix | 2 +- docs/nix/get-module-docs.nix | 8 ++-- docs/nix/scripts/renderOptions.py | 6 +-- docs/site/getting-started/backups.md | 4 +- docs/site/getting-started/mesh-vpn.md | 2 +- lib/build-clan/default.nix | 8 ++-- nixosModules/clanCore/backups.nix | 2 +- nixosModules/clanCore/facts/compat.nix | 46 +++++++++++-------- nixosModules/clanCore/facts/default.nix | 25 +++++++--- .../clanCore/facts/public/in_repo.nix | 4 +- nixosModules/clanCore/facts/public/vm.nix | 4 +- .../clanCore/facts/secret/password-store.nix | 8 ++-- nixosModules/clanCore/facts/secret/sops.nix | 22 ++++----- nixosModules/clanCore/facts/secret/vm.nix | 8 ++-- nixosModules/clanCore/metadata.nix | 2 +- nixosModules/clanCore/options.nix | 8 +++- nixosModules/clanCore/outputs.nix | 2 +- nixosModules/clanCore/state.nix | 4 +- nixosModules/clanCore/vm.nix | 18 ++++---- nixosModules/clanCore/zerotier/default.nix | 18 ++++---- nixosModules/flake-module.nix | 2 +- nixosModules/iso/default.nix | 4 +- pkgs/clan-cli/clan_cli/backups/create.py | 2 +- pkgs/clan-cli/clan_cli/backups/list.py | 4 +- pkgs/clan-cli/clan_cli/backups/restore.py | 6 +-- pkgs/clan-cli/clan_cli/clan/inspect.py | 6 +-- pkgs/clan-cli/clan_cli/completions.py | 4 +- pkgs/clan-cli/clan_cli/config/__init__.py | 2 +- pkgs/clan-cli/clan_cli/config/machine.py | 2 +- pkgs/clan-cli/clan_cli/config/schema.py | 2 +- pkgs/clan-cli/clan_cli/machines/show.py | 2 +- pkgs/clan-cli/clan_cli/vms/inspect.py | 2 +- pkgs/clan-cli/tests/fixtures_flakes.py | 10 ++-- pkgs/clan-cli/tests/machines/vm1/default.nix | 2 +- .../machines/vm_with_secrets/default.nix | 2 +- pkgs/clan-cli/tests/test_flake/flake.nix | 2 +- .../tests/test_flake_with_core/flake.nix | 6 +-- .../test_flake_with_core_and_pass/flake.nix | 4 +- pkgs/clan-cli/tests/test_vms_cli.py | 2 +- pkgs/schemas/flake-module.nix | 2 +- 68 files changed, 237 insertions(+), 202 deletions(-) diff --git a/checks/backups/flake-module.nix b/checks/backups/flake-module.nix index 37aa28e3..b4822942 100644 --- a/checks/backups/flake-module.nix +++ b/checks/backups/flake-module.nix @@ -68,7 +68,7 @@ }; }; }; - clanCore.facts.secretStore = "vm"; + clan.core.facts.secretStore = "vm"; environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli @@ -87,9 +87,9 @@ flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; }; system.extraDependencies = dependencies; - clanCore.state.test-backups.folders = [ "/var/test-backups" ]; + clan.core.state.test-backups.folders = [ "/var/test-backups" ]; - clanCore.state.test-service = { + clan.core.state.test-service = { preBackupCommand = '' touch /var/test-service/pre-backup-command ''; diff --git a/checks/borgbackup/default.nix b/checks/borgbackup/default.nix index f92434f5..d376b354 100644 --- a/checks/borgbackup/default.nix +++ b/checks/borgbackup/default.nix @@ -16,9 +16,9 @@ }; } { - clanCore.machineName = "machine"; - clanCore.clanDir = ./.; - clanCore.state.testState.folders = [ "/etc/state" ]; + clan.core.machineName = "machine"; + clan.core.clanDir = ./.; + clan.core.state.testState.folders = [ "/etc/state" ]; environment.etc.state.text = "hello world"; systemd.tmpfiles.settings."vmsecrets" = { "/etc/secrets/borgbackup.ssh" = { @@ -36,7 +36,7 @@ }; }; }; - clanCore.facts.secretStore = "vm"; + clan.core.facts.secretStore = "vm"; clan.borgbackup.destinations.test.repo = "borg@localhost:."; } diff --git a/checks/deltachat/default.nix b/checks/deltachat/default.nix index aa6e43ff..efee1e41 100644 --- a/checks/deltachat/default.nix +++ b/checks/deltachat/default.nix @@ -10,8 +10,8 @@ self.clanModules.deltachat self.nixosModules.clanCore { - clanCore.machineName = "machine"; - clanCore.clanDir = ./.; + clan.core.machineName = "machine"; + clan.core.clanDir = ./.; } ]; }; diff --git a/checks/flake-module.nix b/checks/flake-module.nix index cd8281f3..6b591aa5 100644 --- a/checks/flake-module.nix +++ b/checks/flake-module.nix @@ -23,7 +23,7 @@ options = (pkgs.nixos { imports = [ self.nixosModules.clanCore ]; - clanCore.clanDir = ./.; + clan.core.clanDir = ./.; }).options; warningsAreErrors = false; }; diff --git a/checks/matrix-synapse/default.nix b/checks/matrix-synapse/default.nix index 3f2d72d7..5205abbf 100644 --- a/checks/matrix-synapse/default.nix +++ b/checks/matrix-synapse/default.nix @@ -15,8 +15,8 @@ self.clanModules.matrix-synapse self.nixosModules.clanCore { - clanCore.machineName = "machine"; - clanCore.clanDir = ./.; + clan.core.machineName = "machine"; + clan.core.clanDir = ./.; services.nginx.virtualHosts."matrix.clan.test" = { enableACME = lib.mkForce false; @@ -26,7 +26,7 @@ clan.matrix-synapse.users.admin.admin = true; clan.matrix-synapse.users.someuser = { }; - clanCore.facts.secretStore = "vm"; + clan.core.facts.secretStore = "vm"; # because we use systemd-tmpfiles to copy the secrets, we need to a seperate systemd-tmpfiles call to provison them. boot.postBootCommands = "${config.systemd.package}/bin/systemd-tmpfiles --create /etc/tmpfiles.d/00-vmsecrets.conf"; diff --git a/checks/postgresql/default.nix b/checks/postgresql/default.nix index b0818105..4c0182ab 100644 --- a/checks/postgresql/default.nix +++ b/checks/postgresql/default.nix @@ -50,7 +50,7 @@ machine.succeed(""" set -x - ${nodes.machine.clanCore.state.postgresql-test.postRestoreCommand} + ${nodes.machine.clan.core.state.postgresql-test.postRestoreCommand} """) machine.succeed("runuser -u postgres -- /run/current-system/sw/bin/psql -l >&2") machine.succeed("runuser -u postgres -- /run/current-system/sw/bin/psql -d test -c '\dt' >&2") diff --git a/checks/secrets/default.nix b/checks/secrets/default.nix index f4bbbfac..034625de 100644 --- a/checks/secrets/default.nix +++ b/checks/secrets/default.nix @@ -10,8 +10,8 @@ environment.etc."group-secret".source = config.sops.secrets.group-secret.path; sops.age.keyFile = "/etc/privkey.age"; - clanCore.clanDir = "${./.}"; - clanCore.machineName = "machine"; + clan.core.clanDir = "${./.}"; + clan.core.machineName = "machine"; networking.hostName = "machine"; }; diff --git a/checks/syncthing/default.nix b/checks/syncthing/default.nix index 8341c9e0..75d9447c 100644 --- a/checks/syncthing/default.nix +++ b/checks/syncthing/default.nix @@ -12,14 +12,14 @@ self.clanModules.syncthing self.nixosModules.clanCore { - clanCore.machineName = "introducer"; - clanCore.clanDir = ./.; + clan.core.machineName = "introducer"; + clan.core.clanDir = ./.; environment.etc = { "syncthing.pam".source = ./introducer/introducer_test_cert; "syncthing.key".source = ./introducer/introducer_test_key; "syncthing.api".source = ./introducer/introducer_test_api; }; - clanCore.facts.services.syncthing.secret."syncthing.api".path = "/etc/syncthing.api"; + clan.core.facts.services.syncthing.secret."syncthing.api".path = "/etc/syncthing.api"; services.syncthing.cert = "/etc/syncthing.pam"; services.syncthing.key = "/etc/syncthing.key"; # Doesn't test zerotier! @@ -53,8 +53,8 @@ self.clanModules.syncthing self.nixosModules.clanCore { - clanCore.machineName = "peer1"; - clanCore.clanDir = ./.; + clan.core.machineName = "peer1"; + clan.core.clanDir = ./.; clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( builtins.readFile ./introducer/introducer_device_id ); @@ -75,8 +75,8 @@ self.clanModules.syncthing self.nixosModules.clanCore { - clanCore.machineName = "peer2"; - clanCore.clanDir = ./.; + clan.core.machineName = "peer2"; + clan.core.clanDir = ./.; clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( builtins.readFile ./introducer/introducer_device_id ); diff --git a/checks/wayland-proxy-virtwl/default.nix b/checks/wayland-proxy-virtwl/default.nix index 4bfa2df7..e09e85cc 100644 --- a/checks/wayland-proxy-virtwl/default.nix +++ b/checks/wayland-proxy-virtwl/default.nix @@ -14,8 +14,8 @@ import ../lib/test-base.nix ( imports = [ self.nixosModules.clanCore { - clanCore.machineName = "machine"; - clanCore.clanDir = ./.; + clan.core.machineName = "machine"; + clan.core.clanDir = ./.; } ]; services.wayland-proxy-virtwl.enable = true; diff --git a/checks/zt-tcp-relay/default.nix b/checks/zt-tcp-relay/default.nix index b30e4c5f..08f616bf 100644 --- a/checks/zt-tcp-relay/default.nix +++ b/checks/zt-tcp-relay/default.nix @@ -10,8 +10,8 @@ self.nixosModules.clanCore self.clanModules.zt-tcp-relay { - clanCore.machineName = "machine"; - clanCore.clanDir = ./.; + clan.core.machineName = "machine"; + clan.core.clanDir = ./.; } ]; }; diff --git a/clanModules/borgbackup-static/default.nix b/clanModules/borgbackup-static/default.nix index 9cedfe6d..36fa6d6f 100644 --- a/clanModules/borgbackup-static/default.nix +++ b/clanModules/borgbackup-static/default.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - clanDir = config.clanCore.clanDir; + clanDir = config.clan.core.clanDir; machineDir = clanDir + "/machines/"; in { @@ -9,7 +9,7 @@ in options.clan.borgbackup-static = { excludeMachines = lib.mkOption { type = lib.types.listOf lib.types.str; - example = [ config.clanCore.machineName ]; + example = [ config.clan.core.machineName ]; default = [ ]; description = '' Machines that should not be backuped. @@ -20,7 +20,7 @@ in }; includeMachines = lib.mkOption { type = lib.types.listOf lib.types.str; - example = [ config.clanCore.machineName ]; + example = [ config.clan.core.machineName ]; default = [ ]; description = '' Machines that should be backuped. @@ -62,7 +62,9 @@ in }) machinesWithKey; in lib.mkIf - (builtins.any (target: target == config.clanCore.machineName) config.clan.borgbackup-static.targets) + (builtins.any ( + target: target == config.clan.core.machineName + ) config.clan.borgbackup-static.targets) (if (builtins.listToAttrs hosts) != null then builtins.listToAttrs hosts else { }); config.clan.borgbackup.destinations = @@ -70,12 +72,12 @@ in destinations = builtins.map (d: { name = d; value = { - repo = "borg@${d}:/var/lib/borgbackup/${config.clanCore.machineName}"; + repo = "borg@${d}:/var/lib/borgbackup/${config.clan.core.machineName}"; }; }) config.clan.borgbackup-static.targets; in lib.mkIf (builtins.any ( - target: target == config.clanCore.machineName + target: target == config.clan.core.machineName ) config.clan.borgbackup-static.includeMachines) (builtins.listToAttrs destinations); config.assertions = [ diff --git a/clanModules/borgbackup/default.nix b/clanModules/borgbackup/default.nix index 3d4a0cbb..30a28b44 100644 --- a/clanModules/borgbackup/default.nix +++ b/clanModules/borgbackup/default.nix @@ -17,7 +17,7 @@ let preCommandErrors["${state.name}"]=1 fi '' - ) (lib.attrValues config.clanCore.state)} + ) (lib.attrValues config.clan.core.state)} if [[ ''${#preCommandErrors[@]} -gt 0 ]]; then echo "PreBackupCommand failed for the following services:" @@ -47,9 +47,9 @@ in rsh = lib.mkOption { type = lib.types.str; default = "ssh -i ${ - config.clanCore.facts.services.borgbackup.secret."borgbackup.ssh".path + config.clan.core.facts.services.borgbackup.secret."borgbackup.ssh".path } -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=Yes"; - defaultText = "ssh -i \${config.clanCore.facts.services.borgbackup.secret.\"borgbackup.ssh\".path} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"; + defaultText = "ssh -i \${config.clan.core.facts.services.borgbackup.secret.\"borgbackup.ssh\".path} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"; description = "the rsh to use for the backup"; }; }; @@ -83,7 +83,7 @@ in services.borgbackup.jobs = lib.mapAttrs (_: dest: { paths = lib.unique ( - lib.flatten (map (state: state.folders) (lib.attrValues config.clanCore.state)) + lib.flatten (map (state: state.folders) (lib.attrValues config.clan.core.state)) ); exclude = [ "*.pyc" ]; repo = dest.repo; @@ -94,7 +94,7 @@ in encryption = { mode = "repokey"; - passCommand = "cat ${config.clanCore.facts.services.borgbackup.secret."borgbackup.repokey".path}"; + passCommand = "cat ${config.clan.core.facts.services.borgbackup.secret."borgbackup.repokey".path}"; }; prune.keep = { @@ -105,7 +105,7 @@ in }; }) cfg.destinations; - clanCore.facts.services.borgbackup = { + clan.core.facts.services.borgbackup = { public."borgbackup.ssh.pub" = { }; secret."borgbackup.ssh" = { }; secret."borgbackup.repokey" = { }; @@ -152,7 +152,7 @@ in '') ]; - clanCore.backups.providers.borgbackup = { + clan.core.backups.providers.borgbackup = { list = "borgbackup-list"; create = "borgbackup-create"; restore = "borgbackup-restore"; diff --git a/clanModules/deltachat/default.nix b/clanModules/deltachat/default.nix index 489ffaa3..33cc6554 100644 --- a/clanModules/deltachat/default.nix +++ b/clanModules/deltachat/default.nix @@ -5,7 +5,7 @@ services.maddy = let - domain = "${config.clanCore.machineName}.local"; + domain = "${config.clan.core.machineName}.local"; in { enable = true; diff --git a/clanModules/ergochat/default.nix b/clanModules/ergochat/default.nix index 6203c8d5..9265d47e 100644 --- a/clanModules/ergochat/default.nix +++ b/clanModules/ergochat/default.nix @@ -10,5 +10,5 @@ _: { }; }; - clanCore.state.ergochat.folders = [ "/var/lib/ergo" ]; + clan.core.state.ergochat.folders = [ "/var/lib/ergo" ]; } diff --git a/clanModules/localbackup/default.nix b/clanModules/localbackup/default.nix index 917406a8..6281a69f 100644 --- a/clanModules/localbackup/default.nix +++ b/clanModules/localbackup/default.nix @@ -7,7 +7,7 @@ let cfg = config.clan.localbackup; uniqueFolders = lib.unique ( - lib.flatten (lib.mapAttrsToList (_name: state: state.folders) config.clanCore.state) + lib.flatten (lib.mapAttrsToList (_name: state: state.folders) config.clan.core.state) ); rsnapshotConfig = target: '' config_version 1.2 @@ -143,7 +143,7 @@ in preCommandErrors["${state.name}"]=1 fi '' - ) (builtins.attrValues config.clanCore.state)} + ) (builtins.attrValues config.clan.core.state)} rsnapshot -c "${pkgs.writeText "rsnapshot.conf" (rsnapshotConfig target)}" sync rsnapshot -c "${pkgs.writeText "rsnapshot.conf" (rsnapshotConfig target)}" snapshot @@ -233,7 +233,7 @@ in '' ) cfg.targets; - clanCore.backups.providers.localbackup = { + clan.core.backups.providers.localbackup = { # TODO list needs to run locally or on the remote machine list = "localbackup-list"; create = "localbackup-create"; diff --git a/clanModules/localsend/default.nix b/clanModules/localsend/default.nix index b8721c4e..39f402a5 100644 --- a/clanModules/localsend/default.nix +++ b/clanModules/localsend/default.nix @@ -18,7 +18,7 @@ }; config = lib.mkIf config.clan.localsend.enable { - clanCore.state.localsend.folders = [ + clan.core.state.localsend.folders = [ "/var/localsend" config.clan.localsend.defaultLocation ]; diff --git a/clanModules/matrix-synapse/default.nix b/clanModules/matrix-synapse/default.nix index f50b7230..940c52b8 100644 --- a/clanModules/matrix-synapse/default.nix +++ b/clanModules/matrix-synapse/default.nix @@ -131,7 +131,7 @@ in systemd.tmpfiles.settings."01-matrix" = { "/run/synapse-registration-shared-secret" = { C.argument = - config.clanCore.facts.services.matrix-synapse.secret.synapse-registration_shared_secret.path; + config.clan.core.facts.services.matrix-synapse.secret.synapse-registration_shared_secret.path; z = { mode = "0400"; user = "matrix-synapse"; @@ -149,7 +149,7 @@ in }; clan.postgresql.databases.matrix-synapse.restore.stopOnRestore = [ "matrix-synapse" ]; - clanCore.facts.services = + clan.core.facts.services = { "matrix-synapse" = { secret."synapse-registration_shared_secret" = { }; diff --git a/clanModules/moonlight/default.nix b/clanModules/moonlight/default.nix index 2077d4f1..20e3b75f 100644 --- a/clanModules/moonlight/default.nix +++ b/clanModules/moonlight/default.nix @@ -13,10 +13,10 @@ in systemd.tmpfiles.rules = [ "d '/var/lib/moonlight' 0770 'user' 'users' - -" "C '/var/lib/moonlight/moonlight.cert' 0644 'user' 'users' - ${ - config.clanCore.facts.services.moonlight.secret."moonlight.cert".path or "" + config.clan.core.facts.services.moonlight.secret."moonlight.cert".path or "" }" "C '/var/lib/moonlight/moonlight.key' 0644 'user' 'users' - ${ - config.clanCore.facts.services.moonlight.secret."moonlight.key".path or "" + config.clan.core.facts.services.moonlight.secret."moonlight.key".path or "" }" ]; @@ -45,7 +45,7 @@ in systemd.user.services.moonlight-join = { description = "Join sunshine hosts"; script = ''${ms-accept}/bin/moonlight-sunshine-accept moonlight join --port ${builtins.toString defaultPort} --cert '${ - config.clanCore.facts.services.moonlight.public."moonlight.cert".value or "" + config.clan.core.facts.services.moonlight.public."moonlight.cert".value or "" }' --host fd2e:25da:6035:c98f:cd99:93e0:b9b8:9ca1''; serviceConfig = { Type = "oneshot"; @@ -68,7 +68,7 @@ in }; }; - clanCore.facts.services.moonlight = { + clan.core.facts.services.moonlight = { secret."moonlight.key" = { }; secret."moonlight.cert" = { }; public."moonlight.cert" = { }; diff --git a/clanModules/postgresql/default.nix b/clanModules/postgresql/default.nix index bde39a40..caed28d1 100644 --- a/clanModules/postgresql/default.nix +++ b/clanModules/postgresql/default.nix @@ -128,7 +128,7 @@ in ${lib.concatStringsSep "\n" databaseClauses} ''; - clanCore.state = lib.mapAttrs' ( + clan.core.state = lib.mapAttrs' ( _: db: lib.nameValuePair "postgresql-${db.name}" (createDatatbaseState db) ) config.clan.postgresql.databases; diff --git a/clanModules/root-password/default.nix b/clanModules/root-password/default.nix index 487d8310..ca512e60 100644 --- a/clanModules/root-password/default.nix +++ b/clanModules/root-password/default.nix @@ -2,9 +2,9 @@ { users.mutableUsers = false; users.users.root.hashedPasswordFile = - config.clanCore.facts.services.root-password.secret.password-hash.path; - sops.secrets."${config.clanCore.machineName}-password-hash".neededForUsers = true; - clanCore.facts.services.root-password = { + config.clan.core.facts.services.root-password.secret.password-hash.path; + sops.secrets."${config.clan.core.machineName}-password-hash".neededForUsers = true; + clan.core.facts.services.root-password = { secret.password = { }; secret.password-hash = { }; generator.path = with pkgs; [ diff --git a/clanModules/sshd/default.nix b/clanModules/sshd/default.nix index 25385c41..d68fce4f 100644 --- a/clanModules/sshd/default.nix +++ b/clanModules/sshd/default.nix @@ -5,12 +5,12 @@ services.openssh.hostKeys = [ { - path = config.clanCore.facts.services.openssh.secret."ssh.id_ed25519".path; + path = config.clan.core.facts.services.openssh.secret."ssh.id_ed25519".path; type = "ed25519"; } ]; - clanCore.facts.services.openssh = { + clan.core.facts.services.openssh = { secret."ssh.id_ed25519" = { }; public."ssh.id_ed25519.pub" = { }; generator.path = [ diff --git a/clanModules/static-hosts/default.nix b/clanModules/static-hosts/default.nix index 343f3812..89e443a5 100644 --- a/clanModules/static-hosts/default.nix +++ b/clanModules/static-hosts/default.nix @@ -4,7 +4,7 @@ excludeHosts = lib.mkOption { type = lib.types.listOf lib.types.str; default = - if config.clan.static-hosts.topLevelDomain != "" then [ ] else [ config.clanCore.machineName ]; + if config.clan.static-hosts.topLevelDomain != "" then [ ] else [ config.clan.core.machineName ]; description = "Hosts that should be excluded"; }; topLevelDomain = lib.mkOption { @@ -16,7 +16,7 @@ config.networking.hosts = let - clanDir = config.clanCore.clanDir; + clanDir = config.clan.core.clanDir; machineDir = clanDir + "/machines/"; zerotierIpMachinePath = machines: machineDir + machines + "/facts/zerotier-ip"; machinesFileSet = builtins.readDir machineDir; diff --git a/clanModules/sunshine/default.nix b/clanModules/sunshine/default.nix index 5a96b947..3785d645 100644 --- a/clanModules/sunshine/default.nix +++ b/clanModules/sunshine/default.nix @@ -97,10 +97,10 @@ in systemd.tmpfiles.rules = [ "d '/var/lib/sunshine' 0770 'user' 'users' - -" "C '/var/lib/sunshine/sunshine.cert' 0644 'user' 'users' - ${ - config.clanCore.facts.services.sunshine.secret."sunshine.cert".path or "" + config.clan.core.facts.services.sunshine.secret."sunshine.cert".path or "" }" "C '/var/lib/sunshine/sunshine.key' 0644 'user' 'users' - ${ - config.clanCore.facts.services.sunshine.secret."sunshine.key".path or "" + config.clan.core.facts.services.sunshine.secret."sunshine.key".path or "" }" ]; @@ -117,8 +117,8 @@ in RestartSec = "5s"; ReadWritePaths = [ "/var/lib/sunshine" ]; ReadOnlyPaths = [ - (config.clanCore.facts.services.sunshine.secret."sunshine.key".path or "") - (config.clanCore.facts.services.sunshine.secret."sunshine.cert".path or "") + (config.clan.core.facts.services.sunshine.secret."sunshine.key".path or "") + (config.clan.core.facts.services.sunshine.secret."sunshine.cert".path or "") ]; }; wantedBy = [ "graphical-session.target" ]; @@ -137,7 +137,7 @@ in startLimitIntervalSec = 500; script = '' ${ms-accept}/bin/moonlight-sunshine-accept sunshine init-state --uuid ${ - config.clanCore.facts.services.sunshine.public.sunshine-uuid.value or null + config.clan.core.facts.services.sunshine.public.sunshine-uuid.value or null } --state-file /var/lib/sunshine/state.json ''; serviceConfig = { @@ -173,9 +173,9 @@ in startLimitIntervalSec = 500; script = '' ${ms-accept}/bin/moonlight-sunshine-accept sunshine listen --port ${builtins.toString listenPort} --uuid ${ - config.clanCore.facts.services.sunshine.public.sunshine-uuid.value or null + config.clan.core.facts.services.sunshine.public.sunshine-uuid.value or null } --state /var/lib/sunshine/state.json --cert '${ - config.clanCore.facts.services.sunshine.public."sunshine.cert".value or null + config.clan.core.facts.services.sunshine.public."sunshine.cert".value or null }' ''; serviceConfig = { @@ -187,7 +187,7 @@ in wantedBy = [ "graphical-session.target" ]; }; - clanCore.facts.services.ergochat = { + clan.core.facts.services.ergochat = { secret."sunshine.key" = { }; secret."sunshine.cert" = { }; public."sunshine-uuid" = { }; diff --git a/clanModules/syncthing-static-peers/default.nix b/clanModules/syncthing-static-peers/default.nix index 9df8a9d6..137aa340 100644 --- a/clanModules/syncthing-static-peers/default.nix +++ b/clanModules/syncthing-static-peers/default.nix @@ -5,7 +5,7 @@ ... }: let - clanDir = config.clanCore.clanDir; + clanDir = config.clan.core.clanDir; machineDir = clanDir + "/machines/"; syncthingPublicKeyPath = machines: machineDir + machines + "/facts/syncthing.pub"; machinesFileSet = builtins.readDir machineDir; @@ -47,7 +47,7 @@ in options.clan.syncthing-static-peers = { excludeMachines = lib.mkOption { type = lib.types.listOf lib.types.str; - example = [ config.clanCore.machineName ]; + example = [ config.clan.core.machineName ]; default = [ ]; description = '' Machines that should not be added. @@ -83,11 +83,11 @@ in configDir = "/var/lib/syncthing"; group = "syncthing"; - key = lib.mkDefault config.clanCore.facts.services.syncthing.secret."syncthing.key".path or null; - cert = lib.mkDefault config.clanCore.facts.services.syncthing.secret."syncthing.cert".path or null; + key = lib.mkDefault config.clan.core.facts.services.syncthing.secret."syncthing.key".path or null; + cert = lib.mkDefault config.clan.core.facts.services.syncthing.secret."syncthing.cert".path or null; }; - clanCore.facts.services.syncthing = { + clan.core.facts.services.syncthing = { secret."syncthing.key" = { }; secret."syncthing.cert" = { }; public."syncthing.pub" = { }; diff --git a/clanModules/syncthing/default.nix b/clanModules/syncthing/default.nix index 07f18a2c..1bf2cb7d 100644 --- a/clanModules/syncthing/default.nix +++ b/clanModules/syncthing/default.nix @@ -9,8 +9,8 @@ id = lib.mkOption { type = lib.types.nullOr lib.types.str; example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS"; - default = config.clanCore.facts.services.syncthing.public."syncthing.pub".value or null; - defaultText = "config.clanCore.facts.services.syncthing.public.\"syncthing.pub\".value"; + default = config.clan.core.facts.services.syncthing.public."syncthing.pub".value or null; + defaultText = "config.clan.core.facts.services.syncthing.public.\"syncthing.pub\".value"; }; introducer = lib.mkOption { description = '' @@ -119,7 +119,7 @@ getPendingDevices = "/rest/cluster/pending/devices"; postNewDevice = "/rest/config/devices"; SharedFolderById = "/rest/config/folders/"; - apiKey = config.clanCore.facts.services.syncthing.secret."syncthing.api".path or null; + apiKey = config.clan.core.facts.services.syncthing.secret."syncthing.api".path or null; in lib.mkIf config.clan.syncthing.autoAcceptDevices { description = "Syncthing auto accept devices"; @@ -161,7 +161,7 @@ systemd.services.syncthing-init-api-key = let - apiKey = config.clanCore.facts.services.syncthing.secret."syncthing.api".path or null; + apiKey = config.clan.core.facts.services.syncthing.secret."syncthing.api".path or null; in lib.mkIf config.clan.syncthing.autoAcceptDevices { description = "Set the api key"; @@ -183,7 +183,7 @@ }; }; - clanCore.facts.services.syncthing = { + clan.core.facts.services.syncthing = { secret."syncthing.key" = { }; secret."syncthing.cert" = { }; secret."syncthing.api" = { }; diff --git a/clanModules/thelounge/default.nix b/clanModules/thelounge/default.nix index 936794b0..ec484f56 100644 --- a/clanModules/thelounge/default.nix +++ b/clanModules/thelounge/default.nix @@ -11,5 +11,5 @@ _: { }; }; - clanCore.state.thelounde.folders = [ "/var/lib/thelounge" ]; + clan.core.state.thelounde.folders = [ "/var/lib/thelounge" ]; } diff --git a/clanModules/user-password/default.nix b/clanModules/user-password/default.nix index 0d943c23..74c5bdf5 100644 --- a/clanModules/user-password/default.nix +++ b/clanModules/user-password/default.nix @@ -22,9 +22,9 @@ config = { users.mutableUsers = false; users.users.${config.clan.user-password.user}.hashedPasswordFile = - config.clanCore.facts.services.user-password.secret.user-password-hash.path; - sops.secrets."${config.clanCore.machineName}-user-password-hash".neededForUsers = true; - clanCore.facts.services.user-password = { + config.clan.core.facts.services.user-password.secret.user-password-hash.path; + sops.secrets."${config.clan.core.machineName}-user-password-hash".neededForUsers = true; + clan.core.facts.services.user-password = { secret.user-password = { }; secret.user-password-hash = { }; generator.prompt = ( diff --git a/clanModules/zerotier-static-peers/default.nix b/clanModules/zerotier-static-peers/default.nix index c0f197b7..f77b5a52 100644 --- a/clanModules/zerotier-static-peers/default.nix +++ b/clanModules/zerotier-static-peers/default.nix @@ -6,7 +6,7 @@ ... }: let - clanDir = config.clanCore.clanDir; + clanDir = config.clan.core.clanDir; machineDir = clanDir + "/machines/"; machinesFileSet = builtins.readDir machineDir; machines = lib.mapAttrsToList (name: _: name) machinesFileSet; @@ -28,7 +28,7 @@ in options.clan.zerotier-static-peers = { excludeHosts = lib.mkOption { type = lib.types.listOf lib.types.str; - default = [ config.clanCore.machineName ]; + default = [ config.clan.core.machineName ]; description = "Hosts that should be excluded"; }; }; diff --git a/docs/nix/flake-module.nix b/docs/nix/flake-module.nix index 6e849a4e..b398db44 100644 --- a/docs/nix/flake-module.nix +++ b/docs/nix/flake-module.nix @@ -50,7 +50,7 @@ }; module-docs = pkgs.runCommand "rendered" { nativeBuildInputs = [ pkgs.python3 ]; } '' - export CLAN_CORE=${jsonDocs.clanCore}/share/doc/nixos/options.json + export CLAN_CORE=${jsonDocs.clanCore}/share/doc/nixos/options.json # A file that contains the links to all clanModule docs export CLAN_MODULES=${clanModulesFileInfo} export CLAN_MODULES_READMES=${clanModulesReadmes} diff --git a/docs/nix/get-module-docs.nix b/docs/nix/get-module-docs.nix index 830e52fa..a05fe847 100644 --- a/docs/nix/get-module-docs.nix +++ b/docs/nix/get-module-docs.nix @@ -13,7 +13,7 @@ let clanCoreNixosModules = [ clanCore - { clanCore.clanDir = ./.; } + { clan.core.clanDir = ./.; } ] ++ allNixosModules; # TODO: optimally we would not have to evaluate all nixos modules for every page @@ -25,6 +25,8 @@ let # improves eval performance slightly (10%) getOptions = modules: (clanCoreNixos.extendModules { inherit modules; }).options; + getOptionsWithoutCore = modules: builtins.removeAttrs (getOptions modules) [ "core" ]; + evalDocs = options: pkgs.nixosOptionsDoc { @@ -34,7 +36,7 @@ let # clanModules docs clanModulesDocs = builtins.mapAttrs ( - name: module: (evalDocs ((getOptions [ module ]).clan.${name} or { })).optionsJSON + name: module: (evalDocs ((getOptionsWithoutCore [ module ]).clan.${name} or { })).optionsJSON ) clanModules; clanModulesReadmes = builtins.mapAttrs ( @@ -42,7 +44,7 @@ let ) clanModules; # clanCore docs - clanCoreDocs = (evalDocs (getOptions [ ]).clanCore).optionsJSON; + clanCoreDocs = (evalDocs (getOptions [ ]).clan.core).optionsJSON; in { inherit clanModulesReadmes; diff --git a/docs/nix/scripts/renderOptions.py b/docs/nix/scripts/renderOptions.py index 8d5dc197..4480d410 100644 --- a/docs/nix/scripts/renderOptions.py +++ b/docs/nix/scripts/renderOptions.py @@ -137,7 +137,7 @@ To use this module, import it like this: """ -clan_core_descr = """ClanCore delivers all the essential features for every clan. +clan_core_descr = """ClanCore delivers all the essential features for every clan. It's always included in your setup, and you can customize your clan's behavior with the configuration [options](#module-options) provided below. """ @@ -163,7 +163,7 @@ def produce_clan_core_docs() -> None: outfile = f"{module_name}/index.md" # Create separate files for nested options - if len(option_name.split(".")) <= 2: + if len(option_name.split(".")) <= 3: # i.e. clan-core.clanDir output = core_outputs.get( outfile, @@ -174,7 +174,7 @@ def produce_clan_core_docs() -> None: core_outputs[outfile] = output else: # Clan sub-options - [_, sub] = option_name.split(".")[0:2] + [_, sub] = option_name.split(".")[1:3] outfile = f"{module_name}/{sub}.md" # Get the content or write the header output = core_outputs.get(outfile, render_option_header(sub)) diff --git a/docs/site/getting-started/backups.md b/docs/site/getting-started/backups.md index 65dde5ae..a58563f6 100644 --- a/docs/site/getting-started/backups.md +++ b/docs/site/getting-started/backups.md @@ -98,7 +98,7 @@ Start by indicating where your backup data should be sent. Replace `hostname` wi Decide which folders you want to back up. For example, to backup your home and root directories: ```nix -{ clanCore.state.userdata.folders = [ "/home" "/root" ]; } +{ clan.core.state.userdata.folders = [ "/home" "/root" ]; } ``` 3. **Generate Backup Credentials:** @@ -116,7 +116,7 @@ On the server where backups will be stored, enable the SSH daemon and set up a r services.borgbackup.repos.myhostname = { path = "/var/lib/borgbackup/myhostname"; authorizedKeys = [ - (builtins.readFile (config.clanCore.clanDir + "/machines/myhostname/facts/borgbackup.ssh.pub")) + (builtins.readFile (config.clan.core.clanDir + "/machines/myhostname/facts/borgbackup.ssh.pub")) ]; }; } diff --git a/docs/site/getting-started/mesh-vpn.md b/docs/site/getting-started/mesh-vpn.md index c45d139e..56f0c89c 100644 --- a/docs/site/getting-started/mesh-vpn.md +++ b/docs/site/getting-started/mesh-vpn.md @@ -48,7 +48,7 @@ To introduce a new machine to the VPN, adhere to the following steps: configuration, substituting `` with the controller machine name: ```nix { config, ... }: { - clan.networking.zerotier.networkId = builtins.readFile (config.clanCore.clanDir + "/machines//facts/zerotier-network-id"); + clan.networking.zerotier.networkId = builtins.readFile (config.clan.core.clanDir + "/machines//facts/zerotier-network-id"); } ``` 1. **Update the New Machine**: Execute: diff --git a/lib/build-clan/default.nix b/lib/build-clan/default.nix index dda026c2..90bb8584 100644 --- a/lib/build-clan/default.nix +++ b/lib/build-clan/default.nix @@ -101,13 +101,13 @@ let ( { # Settings - clanCore.clanDir = directory; + clan.core.clanDir = directory; # Inherited from clan wide settings - clanCore.clanName = meta.name or clanName; - clanCore.clanIcon = meta.icon or clanIcon; + clan.core.clanName = meta.name or clanName; + clan.core.clanIcon = meta.icon or clanIcon; # Machine specific settings - clanCore.machineName = name; + clan.core.machineName = name; networking.hostName = lib.mkDefault name; nixpkgs.hostPlatform = lib.mkDefault system; diff --git a/nixosModules/clanCore/backups.nix b/nixosModules/clanCore/backups.nix index 3f483cba..42cff106 100644 --- a/nixosModules/clanCore/backups.nix +++ b/nixosModules/clanCore/backups.nix @@ -1,7 +1,7 @@ { lib, ... }: { imports = [ ./state.nix ]; - options.clanCore.backups = { + options.clan.core.backups = { providers = lib.mkOption { type = lib.types.attrsOf ( lib.types.submodule ( diff --git a/nixosModules/clanCore/facts/compat.nix b/nixosModules/clanCore/facts/compat.nix index c400f6de..bc2690fe 100644 --- a/nixosModules/clanCore/facts/compat.nix +++ b/nixosModules/clanCore/facts/compat.nix @@ -2,37 +2,43 @@ { imports = [ (lib.mkRemovedOptionModule [ - "clanCore" + "clan" + "core" "secretsPrefix" ] "secretsPrefix was only used by the sops module and the code is now integrated in there") (lib.mkRenamedOptionModule [ - "clanCore" + "clan" + "core" "secretStore" ] [ - "clanCore" + "clan" + "core" "facts" "secretStore" ] ) (lib.mkRemovedOptionModule [ - "clanCore" + "clan" + "core" "secretsDirectory" - ] "clancore.secretsDirectory was removed. Use clanCore.facts.secretPathFunction instead") + ] "clan.core.secretsDirectory was removed. Use clan.core.facts.secretPathFunction instead") (lib.mkRenamedOptionModule [ - "clanCore" + "clan" + "core" "secretsUploadDirectory" ] [ - "clanCore" + "clan" + "core" "facts" "secretUploadDirectory" ] ) ]; - options.clanCore.secrets = lib.mkOption { + options.clan.core.secrets = lib.mkOption { visible = false; default = { }; type = lib.types.attrsOf ( @@ -97,14 +103,14 @@ description = '' path to a secret which is generated by the generator ''; - default = config.clanCore.facts.secretPathFunction secret; - defaultText = lib.literalExpression "config.clanCore.facts.secretPathFunction secret"; + default = config.clan.core.facts.secretPathFunction secret; + defaultText = lib.literalExpression "config.clan.core.facts.secretPathFunction secret"; }; } - // lib.optionalAttrs (config.clanCore.facts.secretStore == "sops") { + // lib.optionalAttrs (config.clan.core.facts.secretStore == "sops") { groups = lib.mkOption { type = lib.types.listOf lib.types.str; - default = config.clanCore.sops.defaultGroups; + default = config.clan.core.sops.defaultGroups; description = '' Groups to decrypt the secret for. By default we always use the user's key. ''; @@ -134,12 +140,12 @@ path to a fact which is generated by the generator ''; default = - config.clanCore.clanDir - + "/machines/${config.clanCore.machineName}/facts/${fact.config._module.args.name}"; - defaultText = lib.literalExpression "\${config.clanCore.clanDir}/machines/\${config.clanCore.machineName}/facts/\${fact.config._module.args.name}"; + config.clan.core.clanDir + + "/machines/${config.clan.core.machineName}/facts/${fact.config._module.args.name}"; + defaultText = lib.literalExpression "\${config.clan.core.clanDir}/machines/\${config.clan.core.machineName}/facts/\${fact.config._module.args.name}"; }; value = lib.mkOption { - defaultText = lib.literalExpression "\${config.clanCore.clanDir}/\${fact.config.path}"; + defaultText = lib.literalExpression "\${config.clan.core.clanDir}/\${fact.config.path}"; type = lib.types.nullOr lib.types.str; default = if builtins.pathExists fact.config.path then lib.strings.fileContents fact.config.path else null; @@ -152,16 +158,16 @@ }) ); }; - config = lib.mkIf (config.clanCore.secrets != { }) { - clanCore.facts.services = lib.mapAttrs' ( + config = lib.mkIf (config.clan.core.secrets != { }) { + clan.core.facts.services = lib.mapAttrs' ( name: service: - lib.warn "clanCore.secrets.${name} is deprecated, use clanCore.facts.services.${name} instead" ( + lib.warn "clan.core.secrets.${name} is deprecated, use clan.core.facts.services.${name} instead" ( lib.nameValuePair name ({ secret = service.secrets; public = service.facts; generator = service.generator; }) ) - ) config.clanCore.secrets; + ) config.clan.core.secrets; }; } diff --git a/nixosModules/clanCore/facts/default.nix b/nixosModules/clanCore/facts/default.nix index 53de05ed..51a44a48 100644 --- a/nixosModules/clanCore/facts/default.nix +++ b/nixosModules/clanCore/facts/default.nix @@ -5,7 +5,7 @@ ... }: { - options.clanCore.facts = { + options.clan.core.facts = { secretStore = lib.mkOption { type = lib.types.enum [ "sops" @@ -115,6 +115,7 @@ type = lib.types.str; readOnly = true; internal = true; + defaultText = "read only script"; default = '' set -eu -o pipefail @@ -155,13 +156,13 @@ description = '' path to a secret which is generated by the generator ''; - default = config.clanCore.facts.secretPathFunction secret; + default = config.clan.core.facts.secretPathFunction secret; }; } - // lib.optionalAttrs (config.clanCore.facts.secretModule == "clan_cli.facts.secret_modules.sops") { + // lib.optionalAttrs (config.clan.core.facts.secretModule == "clan_cli.facts.secret_modules.sops") { groups = lib.mkOption { type = lib.types.listOf lib.types.str; - default = config.clanCore.sops.defaultGroups; + default = config.clan.core.sops.defaultGroups; description = '' Groups to decrypt the secret for. By default we always use the user's key. ''; @@ -190,12 +191,12 @@ description = '' path to a fact which is generated by the generator ''; - defaultText = lib.literalExpression "\${config.clanCore.clanDir}/machines/\${config.clanCore.machineName}/facts/\${fact.config.name}"; + defaultText = lib.literalExpression "\${config.clan.core.clanDir}/machines/\${config.clan.core.machineName}/facts/\${fact.config.name}"; default = - config.clanCore.clanDir + "/machines/${config.clanCore.machineName}/facts/${fact.config.name}"; + config.clan.core.clanDir + "/machines/${config.clan.core.machineName}/facts/${fact.config.name}"; }; value = lib.mkOption { - defaultText = lib.literalExpression "\${config.clanCore.clanDir}/\${fact.config.path}"; + defaultText = lib.literalExpression "\${config.clan.core.clanDir}/\${fact.config.path}"; type = lib.types.nullOr lib.types.str; default = if builtins.pathExists fact.config.path then lib.strings.fileContents fact.config.path else null; @@ -218,5 +219,15 @@ ./public/in_repo.nix ./public/vm.nix + + # (lib.mkRenamedOptionModule + # [ + # "clanCore" + # ] + # [ + # "clan" + # "core" + # ] + # ) ]; } diff --git a/nixosModules/clanCore/facts/public/in_repo.nix b/nixosModules/clanCore/facts/public/in_repo.nix index 5efda41e..9bdb48fc 100644 --- a/nixosModules/clanCore/facts/public/in_repo.nix +++ b/nixosModules/clanCore/facts/public/in_repo.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - config = lib.mkIf (config.clanCore.facts.publicStore == "in_repo") { - clanCore.facts.publicModule = "clan_cli.facts.public_modules.in_repo"; + config = lib.mkIf (config.clan.core.facts.publicStore == "in_repo") { + clan.core.facts.publicModule = "clan_cli.facts.public_modules.in_repo"; }; } diff --git a/nixosModules/clanCore/facts/public/vm.nix b/nixosModules/clanCore/facts/public/vm.nix index deeb8a59..cfc3cf79 100644 --- a/nixosModules/clanCore/facts/public/vm.nix +++ b/nixosModules/clanCore/facts/public/vm.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - config = lib.mkIf (config.clanCore.facts.publicStore == "vm") { - clanCore.facts.publicModule = "clan_cli.facts.public_modules.vm"; + config = lib.mkIf (config.clan.core.facts.publicStore == "vm") { + clan.core.facts.publicModule = "clan_cli.facts.public_modules.vm"; }; } diff --git a/nixosModules/clanCore/facts/secret/password-store.nix b/nixosModules/clanCore/facts/secret/password-store.nix index 1110be99..628c6657 100644 --- a/nixosModules/clanCore/facts/secret/password-store.nix +++ b/nixosModules/clanCore/facts/secret/password-store.nix @@ -8,10 +8,10 @@ ''; }; - config = lib.mkIf (config.clanCore.facts.secretStore == "password-store") { - clanCore.facts.secretPathFunction = + config = lib.mkIf (config.clan.core.facts.secretStore == "password-store") { + clan.core.facts.secretPathFunction = secret: "${config.clan.password-store.targetDirectory}/${secret.config.name}"; - clanCore.facts.secretUploadDirectory = config.clan.password-store.targetDirectory; - clanCore.facts.secretModule = "clan_cli.facts.secret_modules.password_store"; + clan.core.facts.secretUploadDirectory = config.clan.password-store.targetDirectory; + clan.core.facts.secretModule = "clan_cli.facts.secret_modules.password_store"; }; } diff --git a/nixosModules/clanCore/facts/secret/sops.nix b/nixosModules/clanCore/facts/secret/sops.nix index 5e533ba8..0ab30d86 100644 --- a/nixosModules/clanCore/facts/secret/sops.nix +++ b/nixosModules/clanCore/facts/secret/sops.nix @@ -5,8 +5,8 @@ ... }: let - secretsDir = config.clanCore.clanDir + "/sops/secrets"; - groupsDir = config.clanCore.clanDir + "/sops/groups"; + secretsDir = config.clan.core.clanDir + "/sops/secrets"; + groupsDir = config.clan.core.clanDir + "/sops/groups"; # My symlink is in the nixos module detected as a directory also it works in the repl. Is this because of pure evaluation? containsSymlink = @@ -16,7 +16,7 @@ let containsMachine = parent: name: type: - type == "directory" && containsSymlink "${parent}/${name}/machines/${config.clanCore.machineName}"; + type == "directory" && containsSymlink "${parent}/${name}/machines/${config.clan.core.machineName}"; containsMachineOrGroups = name: type: @@ -34,7 +34,7 @@ let in { options = { - clanCore.sops.defaultGroups = lib.mkOption { + clan.core.sops.defaultGroups = lib.mkOption { type = lib.types.listOf lib.types.str; default = [ ]; example = [ "admins" ]; @@ -42,16 +42,16 @@ in }; }; - config = lib.mkIf (config.clanCore.facts.secretStore == "sops") { + config = lib.mkIf (config.clan.core.facts.secretStore == "sops") { # Before we generate a secret we cannot know the path yet, so we need to set it to an empty string - clanCore.facts.secretPathFunction = + clan.core.facts.secretPathFunction = secret: - config.sops.secrets.${"${config.clanCore.machineName}-${secret.config.name}"}.path + config.sops.secrets.${"${config.clan.core.machineName}-${secret.config.name}"}.path or "/no-such-path"; - clanCore.facts.secretModule = "clan_cli.facts.secret_modules.sops"; - clanCore.facts.secretUploadDirectory = lib.mkDefault "/var/lib/sops-nix"; + clan.core.facts.secretModule = "clan_cli.facts.secret_modules.sops"; + clan.core.facts.secretUploadDirectory = lib.mkDefault "/var/lib/sops-nix"; sops.secrets = builtins.mapAttrs (name: _: { - sopsFile = config.clanCore.clanDir + "/sops/secrets/${name}/secret"; + sopsFile = config.clan.core.clanDir + "/sops/secrets/${name}/secret"; format = "binary"; }) secrets; # To get proper error messages about missing secrets we need a dummy secret file that is always present @@ -60,7 +60,7 @@ in ); sops.age.keyFile = lib.mkIf (builtins.pathExists ( - config.clanCore.clanDir + "/sops/secrets/${config.clanCore.machineName}-age.key/secret" + config.clan.core.clanDir + "/sops/secrets/${config.clan.core.machineName}-age.key/secret" )) (lib.mkDefault "/var/lib/sops-nix/key.txt"); }; } diff --git a/nixosModules/clanCore/facts/secret/vm.nix b/nixosModules/clanCore/facts/secret/vm.nix index d4c5919f..22773e80 100644 --- a/nixosModules/clanCore/facts/secret/vm.nix +++ b/nixosModules/clanCore/facts/secret/vm.nix @@ -1,8 +1,8 @@ { config, lib, ... }: { - config = lib.mkIf (config.clanCore.facts.secretStore == "vm") { - clanCore.facts.secretPathFunction = secret: "/etc/secrets/${secret.config.name}"; - clanCore.facts.secretUploadDirectory = "/etc/secrets"; - clanCore.facts.secretModule = "clan_cli.facts.secret_modules.vm"; + config = lib.mkIf (config.clan.core.facts.secretStore == "vm") { + clan.core.facts.secretPathFunction = secret: "/etc/secrets/${secret.config.name}"; + clan.core.facts.secretUploadDirectory = "/etc/secrets"; + clan.core.facts.secretModule = "clan_cli.facts.secret_modules.vm"; }; } diff --git a/nixosModules/clanCore/metadata.nix b/nixosModules/clanCore/metadata.nix index ce12633a..d9947296 100644 --- a/nixosModules/clanCore/metadata.nix +++ b/nixosModules/clanCore/metadata.nix @@ -1,6 +1,6 @@ { lib, pkgs, ... }: { - options.clanCore = { + options.clan.core = { clanName = lib.mkOption { type = lib.types.str; description = '' diff --git a/nixosModules/clanCore/options.nix b/nixosModules/clanCore/options.nix index 68824b4b..c3b1201e 100644 --- a/nixosModules/clanCore/options.nix +++ b/nixosModules/clanCore/options.nix @@ -5,7 +5,13 @@ ... }: { - options.clanCore.optionsNix = lib.mkOption { + imports = [ + (lib.mkRenamedOptionModule [ "clanCore" ] [ + "clan" + "core" + ]) + ]; + options.clan.core.optionsNix = lib.mkOption { type = lib.types.raw; internal = true; readOnly = true; diff --git a/nixosModules/clanCore/outputs.nix b/nixosModules/clanCore/outputs.nix index c2916552..e88b615a 100644 --- a/nixosModules/clanCore/outputs.nix +++ b/nixosModules/clanCore/outputs.nix @@ -66,7 +66,7 @@ config = { system.clan.deployment.data = { facts = { - inherit (config.clanCore.facts) + inherit (config.clan.core.facts) secretUploadDirectory secretModule publicModule diff --git a/nixosModules/clanCore/state.nix b/nixosModules/clanCore/state.nix index 1128fdcc..6750988b 100644 --- a/nixosModules/clanCore/state.nix +++ b/nixosModules/clanCore/state.nix @@ -1,10 +1,10 @@ { lib, ... }: { # defaults - config.clanCore.state.HOME.folders = [ "/home" ]; + config.clan.core.state.HOME.folders = [ "/home" ]; # interface - options.clanCore.state = lib.mkOption { + options.clan.core.state = lib.mkOption { default = { }; type = lib.types.attrsOf ( lib.types.submodule ( diff --git a/nixosModules/clanCore/vm.nix b/nixosModules/clanCore/vm.nix index 83805b86..cad534f3 100644 --- a/nixosModules/clanCore/vm.nix +++ b/nixosModules/clanCore/vm.nix @@ -9,7 +9,9 @@ }: let # Flatten the list of state folders into a single list - stateFolders = lib.flatten (lib.mapAttrsToList (_item: attrs: attrs.folders) config.clanCore.state); + stateFolders = lib.flatten ( + lib.mapAttrsToList (_item: attrs: attrs.folders) config.clan.core.state + ); vmModule = { imports = [ @@ -86,7 +88,7 @@ let fsType = "ext4"; }; - ${config.clanCore.secretsUploadDirectory} = { + ${config.clan.core.secretsUploadDirectory} = { device = "secrets"; fsType = "9p"; neededForBoot = true; @@ -158,7 +160,7 @@ in # All important VM config variables needed by the vm runner # this is really just a remapping of values defined elsewhere # and therefore not intended to be set by the user - clanCore.vm.inspect = { + clan.core.vm.inspect = { clan_name = lib.mkOption { type = lib.types.str; internal = true; @@ -228,11 +230,11 @@ in config = { # for clan vm inspect - clanCore.vm.inspect = { - clan_name = config.clanCore.clanName; - machine_icon = config.clanCore.machineIcon or config.clanCore.clanIcon; - machine_name = config.clanCore.machineName; - machine_description = config.clanCore.machineDescription; + clan.core.vm.inspect = { + clan_name = config.clan.core.clanName; + machine_icon = config.clan.core.machineIcon or config.clan.core.clanIcon; + machine_name = config.clan.core.machineName; + machine_description = config.clan.core.machineDescription; memory_size = config.clan.virtualisation.memorySize; inherit (config.clan.virtualisation) cores graphics waypipe; }; diff --git a/nixosModules/clanCore/zerotier/default.nix b/nixosModules/clanCore/zerotier/default.nix index c5796a90..c4e9c7a0 100644 --- a/nixosModules/clanCore/zerotier/default.nix +++ b/nixosModules/clanCore/zerotier/default.nix @@ -6,7 +6,7 @@ }: let cfg = config.clan.networking.zerotier; - facts = config.clanCore.facts.services.zerotier.public or { }; + facts = config.clan.core.facts.services.zerotier.public or { }; genMoonScript = pkgs.runCommand "genmoon" { nativeBuildInputs = [ pkgs.python3 ]; } '' install -Dm755 ${./genmoon.py} $out/bin/genmoon patchShebangs $out/bin/genmoon @@ -23,8 +23,8 @@ in }; name = lib.mkOption { type = lib.types.str; - default = config.clanCore.clanName; - defaultText = "config.clanCore.clanName"; + default = config.clan.core.clanName; + defaultText = "config.clan.core.clanName"; description = '' zerotier network name ''; @@ -111,7 +111,7 @@ in systemd.services.zerotierone.serviceConfig.ExecStartPre = [ "+${pkgs.writeShellScript "init-zerotier" '' - cp ${config.clanCore.facts.services.zerotier.secret.zerotier-identity-secret.path} /var/lib/zerotier-one/identity.secret + cp ${config.clan.core.facts.services.zerotier.secret.zerotier-identity-secret.path} /var/lib/zerotier-one/identity.secret zerotier-idtool getpublic /var/lib/zerotier-one/identity.secret > /var/lib/zerotier-one/identity.public ${lib.optionalString (cfg.controller.enable) '' @@ -176,7 +176,7 @@ in (lib.mkIf cfg.controller.enable { # only the controller needs to have the key in the repo, the other clients can be dynamic # we generate the zerotier code manually for the controller, since it's part of the bootstrap command - clanCore.facts.services.zerotier = { + clan.core.facts.services.zerotier = { public.zerotier-ip = { }; public.zerotier-network-id = { }; secret.zerotier-identity-secret = { }; @@ -192,12 +192,12 @@ in --network-id "$facts/zerotier-network-id" ''; }; - clanCore.state.zerotier.folders = [ "/var/lib/zerotier-one" ]; + clan.core.state.zerotier.folders = [ "/var/lib/zerotier-one" ]; - environment.systemPackages = [ config.clanCore.clanPkgs.zerotier-members ]; + environment.systemPackages = [ config.clan.core.clanPkgs.zerotier-members ]; }) (lib.mkIf (!cfg.controller.enable && cfg.networkId != null) { - clanCore.facts.services.zerotier = { + clan.core.facts.services.zerotier = { public.zerotier-ip = { }; secret.zerotier-identity-secret = { }; generator.path = [ @@ -255,7 +255,7 @@ in environment.etc."zerotier/network-id".text = facts.zerotier-network-id.value; systemd.services.zerotierone.serviceConfig.ExecStartPost = [ "+${pkgs.writeShellScript "whitelist-controller" '' - ${config.clanCore.clanPkgs.zerotier-members}/bin/zerotier-members allow ${ + ${config.clan.core.clanPkgs.zerotier-members}/bin/zerotier-members allow ${ builtins.substring 0 10 cfg.networkId } ''}" diff --git a/nixosModules/flake-module.nix b/nixosModules/flake-module.nix index e40cd662..22797f8d 100644 --- a/nixosModules/flake-module.nix +++ b/nixosModules/flake-module.nix @@ -16,7 +16,7 @@ ( { pkgs, lib, ... }: { - clanCore.clanPkgs = lib.mkDefault self.packages.${pkgs.hostPlatform.system}; + clan.core.clanPkgs = lib.mkDefault self.packages.${pkgs.hostPlatform.system}; } ) ]; diff --git a/nixosModules/iso/default.nix b/nixosModules/iso/default.nix index c3f0d132..5a0a2e41 100644 --- a/nixosModules/iso/default.nix +++ b/nixosModules/iso/default.nix @@ -19,7 +19,9 @@ let }; # Flatten the list of state folders into a single list - stateFolders = lib.flatten (lib.mapAttrsToList (_item: attrs: attrs.folders) config.clanCore.state); + stateFolders = lib.flatten ( + lib.mapAttrsToList (_item: attrs: attrs.folders) config.clan.core.state + ); # A module setting up bind mounts for all state folders stateMounts = { diff --git a/pkgs/clan-cli/clan_cli/backups/create.py b/pkgs/clan-cli/clan_cli/backups/create.py index eb5eb0e8..ad02d874 100644 --- a/pkgs/clan-cli/clan_cli/backups/create.py +++ b/pkgs/clan-cli/clan_cli/backups/create.py @@ -15,7 +15,7 @@ log = logging.getLogger(__name__) def create_backup(machine: Machine, provider: str | None = None) -> None: log.info(f"creating backup for {machine.name}") - backup_scripts = json.loads(machine.eval_nix("config.clanCore.backups")) + backup_scripts = json.loads(machine.eval_nix("config.clan.core.backups")) if provider is None: for provider in backup_scripts["providers"]: proc = machine.target_host.run( diff --git a/pkgs/clan-cli/clan_cli/backups/list.py b/pkgs/clan-cli/clan_cli/backups/list.py index a7eab3b9..dc428a54 100644 --- a/pkgs/clan-cli/clan_cli/backups/list.py +++ b/pkgs/clan-cli/clan_cli/backups/list.py @@ -20,7 +20,7 @@ class Backup: def list_provider(machine: Machine, provider: str) -> list[Backup]: results = [] - backup_metadata = json.loads(machine.eval_nix("config.clanCore.backups")) + backup_metadata = json.loads(machine.eval_nix("config.clan.core.backups")) proc = machine.target_host.run( [backup_metadata["providers"][provider]["list"]], stdout=subprocess.PIPE, @@ -40,7 +40,7 @@ def list_provider(machine: Machine, provider: str) -> list[Backup]: def list_backups(machine: Machine, provider: str | None = None) -> list[Backup]: - backup_metadata = json.loads(machine.eval_nix("config.clanCore.backups")) + backup_metadata = json.loads(machine.eval_nix("config.clan.core.backups")) results = [] if provider is None: for _provider in backup_metadata["providers"]: diff --git a/pkgs/clan-cli/clan_cli/backups/restore.py b/pkgs/clan-cli/clan_cli/backups/restore.py index 84b7e30b..ec582702 100644 --- a/pkgs/clan-cli/clan_cli/backups/restore.py +++ b/pkgs/clan-cli/clan_cli/backups/restore.py @@ -12,8 +12,8 @@ from ..machines.machines import Machine def restore_service(machine: Machine, name: str, provider: str, service: str) -> None: - backup_metadata = json.loads(machine.eval_nix("config.clanCore.backups")) - backup_folders = json.loads(machine.eval_nix("config.clanCore.state")) + backup_metadata = json.loads(machine.eval_nix("config.clan.core.backups")) + backup_folders = json.loads(machine.eval_nix("config.clan.core.state")) if service not in backup_folders: msg = f"Service {service} not found in configuration. Available services are: {', '.join(backup_folders.keys())}" @@ -66,7 +66,7 @@ def restore_backup( ) -> None: errors = [] if service is None: - backup_folders = json.loads(machine.eval_nix("config.clanCore.state")) + backup_folders = json.loads(machine.eval_nix("config.clan.core.state")) for _service in backup_folders: try: restore_service(machine, name, provider, _service) diff --git a/pkgs/clan-cli/clan_cli/clan/inspect.py b/pkgs/clan-cli/clan_cli/clan/inspect.py index 906a6630..b55c0a67 100644 --- a/pkgs/clan-cli/clan_cli/clan/inspect.py +++ b/pkgs/clan-cli/clan_cli/clan/inspect.py @@ -56,7 +56,7 @@ def inspect_flake(flake_url: str | Path, machine_name: str) -> FlakeConfig: # Get the Clan name cmd = nix_eval( [ - f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clanCore.clanName' + f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clan.core.clanName' ] ) res = run_cmd(cmd) @@ -65,7 +65,7 @@ def inspect_flake(flake_url: str | Path, machine_name: str) -> FlakeConfig: # Get the clan icon path cmd = nix_eval( [ - f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clanCore.clanIcon' + f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clan.core.clanIcon' ] ) res = run_cmd(cmd) @@ -78,7 +78,7 @@ def inspect_flake(flake_url: str | Path, machine_name: str) -> FlakeConfig: cmd = nix_build( [ - f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clanCore.clanIcon' + f'{flake_url}#clanInternals.machines."{system}"."{machine_name}".config.clan.core.clanIcon' ], machine_gcroot(flake_url=str(flake_url)) / "clanIcon", ) diff --git a/pkgs/clan-cli/clan_cli/completions.py b/pkgs/clan-cli/clan_cli/completions.py index f83db5cf..57132737 100644 --- a/pkgs/clan-cli/clan_cli/completions.py +++ b/pkgs/clan-cli/clan_cli/completions.py @@ -95,7 +95,7 @@ def complete_services_for_machine( run( nix_eval( flags=[ - f"{flake}#nixosConfigurations.{machines[0]}.config.clanCore.facts.services", + f"{flake}#nixosConfigurations.{machines[0]}.config.clan.core.facts.services", "--apply", "builtins.attrNames", ], @@ -137,7 +137,7 @@ def complete_backup_providers_for_machine( run( nix_eval( flags=[ - f"{flake}#nixosConfigurations.{machine}.config.clanCore.backups.providers", + f"{flake}#nixosConfigurations.{machine}.config.clan.core.backups.providers", "--apply", "builtins.attrNames", ], diff --git a/pkgs/clan-cli/clan_cli/config/__init__.py b/pkgs/clan-cli/clan_cli/config/__init__.py index 35505bd8..eda73be5 100644 --- a/pkgs/clan-cli/clan_cli/config/__init__.py +++ b/pkgs/clan-cli/clan_cli/config/__init__.py @@ -114,7 +114,7 @@ def options_for_machine( if show_trace: flags.append("--show-trace") flags.append( - f"{clan_dir}#nixosConfigurations.{machine_name}.config.clanCore.optionsNix" + f"{clan_dir}#nixosConfigurations.{machine_name}.config.clan.core.optionsNix" ) cmd = nix_eval(flags=flags) proc = run( diff --git a/pkgs/clan-cli/clan_cli/config/machine.py b/pkgs/clan-cli/clan_cli/config/machine.py index fa074f38..9155918c 100644 --- a/pkgs/clan-cli/clan_cli/config/machine.py +++ b/pkgs/clan-cli/clan_cli/config/machine.py @@ -50,7 +50,7 @@ def verify_machine_config( # potentially the config might affect submodule options, # therefore we need to import it config - {{clanCore.clanDir = {flake};}} + {{clan.core.clanDir = {flake};}} ] # add all clan modules specified via clanImports ++ (map (name: clan-core.clanModules.${{name}}) config.clanImports or []); diff --git a/pkgs/clan-cli/clan_cli/config/schema.py b/pkgs/clan-cli/clan_cli/config/schema.py index b4fe71d7..88b95565 100644 --- a/pkgs/clan-cli/clan_cli/config/schema.py +++ b/pkgs/clan-cli/clan_cli/config/schema.py @@ -84,7 +84,7 @@ def machine_schema( # potentially the config might affect submodule options, # therefore we need to import it config - {{ clanCore.clanName = "fakeClan"; }} + {{ clan.core.clanName = "fakeClan"; }} ] # add all clan modules specified via clanImports ++ (map (name: clan-core.clanModules.${{name}}) config.clanImports or []); diff --git a/pkgs/clan-cli/clan_cli/machines/show.py b/pkgs/clan-cli/clan_cli/machines/show.py index a77cd2b2..5343ed71 100644 --- a/pkgs/clan-cli/clan_cli/machines/show.py +++ b/pkgs/clan-cli/clan_cli/machines/show.py @@ -29,7 +29,7 @@ def show_machine(flake_url: str | Path, machine_name: str) -> MachineInfo: [ f"{flake_url}#clanInternals.machines.{system}.{machine_name}", "--apply", - "machine: { inherit (machine.config.clanCore) machineDescription machineIcon machineName; }", + "machine: { inherit (machine.config.clan.core) machineDescription machineIcon machineName; }", "--json", ] ) diff --git a/pkgs/clan-cli/clan_cli/vms/inspect.py b/pkgs/clan-cli/clan_cli/vms/inspect.py index fb896cfb..a6a35210 100644 --- a/pkgs/clan-cli/clan_cli/vms/inspect.py +++ b/pkgs/clan-cli/clan_cli/vms/inspect.py @@ -22,7 +22,7 @@ class VmConfig: def inspect_vm(machine: Machine) -> VmConfig: - data = json.loads(machine.eval_nix("config.clanCore.vm.inspect")) + data = json.loads(machine.eval_nix("config.clan.core.vm.inspect")) return VmConfig(flake_url=str(machine.flake), **data) diff --git a/pkgs/clan-cli/tests/fixtures_flakes.py b/pkgs/clan-cli/tests/fixtures_flakes.py index 0e640d9e..eb3847a6 100644 --- a/pkgs/clan-cli/tests/fixtures_flakes.py +++ b/pkgs/clan-cli/tests/fixtures_flakes.py @@ -47,6 +47,8 @@ def generate_flake( substitutions: dict[str, str] = { "__CHANGE_ME__": "_test_vm_persistence", "git+https://git.clan.lol/clan/clan-core": "path://" + str(CLAN_CORE), + "https://git.clan.lol/clan/clan-core/archive/main.tar.gz": "path://" + + str(CLAN_CORE), }, # define the machines directly including their config machine_configs: dict[str, dict] = {}, @@ -58,9 +60,11 @@ def generate_flake( Example: machine_configs = dict( my_machine=dict( - clanCore=dict( - backups=dict( - ... + clan=dict( + core=dict( + backups=dict( + ... + ) ) ) ) diff --git a/pkgs/clan-cli/tests/machines/vm1/default.nix b/pkgs/clan-cli/tests/machines/vm1/default.nix index 2f0f4cee..b77d37a2 100644 --- a/pkgs/clan-cli/tests/machines/vm1/default.nix +++ b/pkgs/clan-cli/tests/machines/vm1/default.nix @@ -3,7 +3,7 @@ clan.networking.targetHost = "__CLAN_TARGET_ADDRESS__"; system.stateVersion = lib.version; sops.age.keyFile = "__CLAN_SOPS_KEY_PATH__"; - clanCore.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; + clan.core.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; clan.virtualisation.graphics = false; clan.networking.zerotier.controller.enable = true; diff --git a/pkgs/clan-cli/tests/machines/vm_with_secrets/default.nix b/pkgs/clan-cli/tests/machines/vm_with_secrets/default.nix index 2f0f4cee..b77d37a2 100644 --- a/pkgs/clan-cli/tests/machines/vm_with_secrets/default.nix +++ b/pkgs/clan-cli/tests/machines/vm_with_secrets/default.nix @@ -3,7 +3,7 @@ clan.networking.targetHost = "__CLAN_TARGET_ADDRESS__"; system.stateVersion = lib.version; sops.age.keyFile = "__CLAN_SOPS_KEY_PATH__"; - clanCore.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; + clan.core.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; clan.virtualisation.graphics = false; clan.networking.zerotier.controller.enable = true; diff --git a/pkgs/clan-cli/tests/test_flake/flake.nix b/pkgs/clan-cli/tests/test_flake/flake.nix index ec93e145..53f8a7ba 100644 --- a/pkgs/clan-cli/tests/test_flake/flake.nix +++ b/pkgs/clan-cli/tests/test_flake/flake.nix @@ -43,7 +43,7 @@ nixpkgs.pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux; documentation.enable = false; }; - options.clanCore.optionsNix = lib.mkOption { + options.clan.core.optionsNix = lib.mkOption { type = lib.types.raw; internal = true; readOnly = true; diff --git a/pkgs/clan-cli/tests/test_flake_with_core/flake.nix b/pkgs/clan-cli/tests/test_flake_with_core/flake.nix index 2b1f4d0e..5d2e6ec1 100644 --- a/pkgs/clan-cli/tests/test_flake_with_core/flake.nix +++ b/pkgs/clan-cli/tests/test_flake_with_core/flake.nix @@ -18,8 +18,8 @@ clan.networking.targetHost = "__CLAN_TARGET_ADDRESS__"; system.stateVersion = lib.version; sops.age.keyFile = "__CLAN_SOPS_KEY_PATH__"; - clanCore.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; - clanCore.sops.defaultGroups = [ "admins" ]; + clan.core.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; + clan.core.sops.defaultGroups = [ "admins" ]; clan.virtualisation.graphics = false; clan.networking.zerotier.controller.enable = true; @@ -41,7 +41,7 @@ clan.networking.targetHost = "__CLAN_TARGET_ADDRESS__"; system.stateVersion = lib.version; sops.age.keyFile = "__CLAN_SOPS_KEY_PATH__"; - clanCore.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; + clan.core.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__"; clan.networking.zerotier.networkId = "82b44b162ec6c013"; }; }; diff --git a/pkgs/clan-cli/tests/test_flake_with_core_and_pass/flake.nix b/pkgs/clan-cli/tests/test_flake_with_core_and_pass/flake.nix index d9ca403b..68e3f2a1 100644 --- a/pkgs/clan-cli/tests/test_flake_with_core_and_pass/flake.nix +++ b/pkgs/clan-cli/tests/test_flake_with_core_and_pass/flake.nix @@ -17,8 +17,8 @@ { clan.networking.targetHost = "__CLAN_TARGET_ADDRESS__"; system.stateVersion = lib.version; - clanCore.secretStore = "password-store"; - clanCore.secretsUploadDirectory = lib.mkForce "__CLAN_SOPS_KEY_DIR__/secrets"; + clan.core.secretStore = "password-store"; + clan.core.secretsUploadDirectory = lib.mkForce "__CLAN_SOPS_KEY_DIR__/secrets"; clan.networking.zerotier.controller.enable = true; diff --git a/pkgs/clan-cli/tests/test_vms_cli.py b/pkgs/clan-cli/tests/test_vms_cli.py index 2a8f367f..73a614f0 100644 --- a/pkgs/clan-cli/tests/test_vms_cli.py +++ b/pkgs/clan-cli/tests/test_vms_cli.py @@ -40,7 +40,7 @@ def run_vm_in_thread(machine_name: str) -> None: # wait for qmp socket to exist def wait_vm_up(state_dir: Path) -> None: socket_file = state_dir / "qga.sock" - timeout: float = 300 + timeout: float = 20 while True: if timeout <= 0: raise TimeoutError( diff --git a/pkgs/schemas/flake-module.nix b/pkgs/schemas/flake-module.nix index a9a81426..9ba6f4ef 100644 --- a/pkgs/schemas/flake-module.nix +++ b/pkgs/schemas/flake-module.nix @@ -14,7 +14,7 @@ imports = (import (pkgs.path + "/nixos/modules/module-list.nix")) ++ [ { nixpkgs.hostPlatform = "x86_64-linux"; - clanCore.clanName = "dummy"; + clan.core.clanName = "dummy"; } ]; };