Skip to content

Commit

Permalink
blueprint
Browse files Browse the repository at this point in the history
  • Loading branch information
@zowoq
zowoq committed Nov 12, 2024
1 parent 872b09a commit c08844e
Show file tree
Hide file tree
Showing 18 changed files with 193 additions and 227 deletions.
36 changes: 0 additions & 36 deletions dev/docs.nix
View file

This file was deleted.

39 changes: 0 additions & 39 deletions dev/shell.nix
View file

This file was deleted.

14 changes: 14 additions & 0 deletions devshells/default.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{ inputs, pkgs, ... }:

with pkgs;

mkShellNoCC {
packages = [
inputs.agenix.packages.${pkgs.system}.default
jq
python3.pkgs.deploykit
python3.pkgs.invoke
sops
ssh-to-age
];
}
5 changes: 5 additions & 0 deletions devshells/mkdocs.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{ inputs, pkgs, ... }:

pkgs.mkShellNoCC {
inputsFrom = [ inputs.self.packages.${pkgs.system}.docs ];
}
22 changes: 22 additions & 0 deletions devshells/sotp.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{ pkgs, ... }:

pkgs.mkShellNoCC {
packages = [
(pkgs.buildGoModule rec {
pname = "sotp";
version = "e7f7c804b1641169ce850d8352fb07294881609e";
src = pkgs.fetchFromGitHub {
owner = "getsops";
repo = "sotp";
rev = version;
hash = "sha256-Cu8cZCmM19G5zeMIiiaCwVJee8wrBZP3Ltk1jWKb2vs=";
};
vendorHash = "sha256-vQruuohwi53By8UZLrPbRtUrmNbmPt+Sku9hI5J3Dlc=";
ldflags = [
"-s"
"-w"
];
doCheck = false;
})
];
}
14 changes: 14 additions & 0 deletions devshells/terraform.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{ pkgs, ... }:

pkgs.mkShellNoCC {
packages = [
(pkgs.terraform.withPlugins (p: [
p.cloudflare
p.external
p.hydra
p.null
p.sops
p.tfe
]))
];
}
40 changes: 24 additions & 16 deletions flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

162 changes: 46 additions & 116 deletions flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@
agenix.inputs.nixpkgs.follows = "nixpkgs";
agenix.inputs.systems.follows = "systems";
agenix.url = "github:ryantm/agenix";
blueprint.inputs.nixpkgs.follows = "nixpkgs";
blueprint.inputs.systems.follows = "systems";
blueprint.url = "github:numtide/blueprint";
buildbot-nix.inputs.flake-parts.follows = "flake-parts";
buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";
buildbot-nix.inputs.treefmt-nix.follows = "treefmt-nix";
Expand All @@ -29,7 +32,6 @@
hercules-ci-effects.url = "github:hercules-ci/hercules-ci-effects";
hydra.flake = false;
hydra.url = "github:qowoz/hydra/community";
lite-config.url = "github:yelite/lite-config";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
nix-darwin.url = "github:LnL7/nix-darwin";
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
Expand All @@ -54,123 +56,51 @@
treefmt-nix.url = "github:numtide/treefmt-nix";
};

outputs =
inputs@{ flake-parts, self, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
systems = import inputs.systems;

imports = [
inputs.lite-config.flakeModule
inputs.treefmt-nix.flakeModule
];

lite-config =
{ lib, ... }:
{
nixpkgs = {
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "terraform" ];
overlays = [
(final: prev: {
hydra = (prev.hydra.override { nix = final.nixVersions.nix_2_24; }).overrideAttrs (o: {
version = inputs.hydra.shortRev;
src = inputs.hydra;
buildInputs = o.buildInputs ++ [ final.perlPackages.DBIxClassHelpers ];
});
})
];
};

hostModuleDir = ./hosts;
# overlays = [
# (final: prev: {
# hydra = (prev.hydra.override { nix = final.nixVersions.nix_2_24; }).overrideAttrs (o: {
# version = inputs.hydra.shortRev;
# src = inputs.hydra;
# buildInputs = o.buildInputs ++ [ final.perlPackages.DBIxClassHelpers ];
# });
# })
# ];

hosts = {
build01.system = "x86_64-linux";
build02.system = "x86_64-linux";
build03.system = "x86_64-linux";
build04.system = "aarch64-linux";
darwin01.system = "aarch64-darwin";
darwin02.system = "aarch64-darwin";
web02.system = "x86_64-linux";
};
# treefmt = {
# flakeCheck = system == "x86_64-linux";
# imports = [ ./dev/treefmt.nix ];
# };

systemModules = [
(
{ hostPlatform, ... }:
{
imports =
lib.optionals hostPlatform.isDarwin [ ./modules/darwin/common ]
++ lib.optionals hostPlatform.isLinux [ ./modules/nixos/common ];
}
)
];
};
# checks =
# let
# darwinConfigurations = lib.mapAttrs' (
# name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
# ) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.darwinConfigurations);
# devShells = lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells;
# nixosConfigurations = lib.mapAttrs' (
# name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
# ) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.nixosConfigurations);
# in
# darwinConfigurations
# // devShells
# // {
# inherit (self') formatter;
# }
# // nixosConfigurations
# // pkgs.lib.optionalAttrs (system == "x86_64-linux") {
# inherit (self'.packages) docs docs-linkcheck;
# nixpkgs-update-supervisor-test = pkgs.callPackage ./hosts/build02/supervisor_test.nix { };
# nixosTests-buildbot = pkgs.nixosTests.buildbot;
# nixosTests-buildbot-nix-master = inputs'.buildbot-nix.checks.master;
# nixosTests-buildbot-nix-worker = inputs'.buildbot-nix.checks.worker;
# nixosTests-hydra = pkgs.nixosTests.hydra.hydra;
# };

perSystem =
{
inputs',
lib,
pkgs,
self',
system,
...
}:
{
imports = [
./dev/docs.nix
./dev/shell.nix
./terraform/shell.nix
];
treefmt = {
flakeCheck = system == "x86_64-linux";
imports = [ ./dev/treefmt.nix ];
};

checks =
let
darwinConfigurations = lib.mapAttrs' (
name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.darwinConfigurations);
devShells = lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells;
nixosConfigurations = lib.mapAttrs' (
name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.nixosConfigurations);
in
darwinConfigurations
// devShells
// {
inherit (self') formatter;
}
// nixosConfigurations
// pkgs.lib.optionalAttrs (system == "x86_64-linux") {
inherit (self'.packages) docs docs-linkcheck;
nixpkgs-update-supervisor-test = pkgs.callPackage ./hosts/build02/supervisor_test.nix { };
nixosTests-buildbot = pkgs.nixosTests.buildbot;
nixosTests-buildbot-nix-master = inputs'.buildbot-nix.checks.master;
nixosTests-buildbot-nix-worker = inputs'.buildbot-nix.checks.worker;
nixosTests-hydra = pkgs.nixosTests.hydra.hydra;
};
};

flake.darwinModules = {
builder = ./modules/darwin/builder.nix;
community-builder = ./modules/darwin/community-builder;
hercules-ci = ./modules/darwin/hercules-ci.nix;
remote-builder = ./modules/darwin/remote-builder.nix;
};

flake.nixosModules = {
backup = ./modules/nixos/backup.nix;
buildbot = ./modules/nixos/buildbot.nix;
builder = ./modules/nixos/builder.nix;
community-builder = ./modules/nixos/community-builder;
disko-zfs = ./modules/nixos/disko-zfs.nix;
github-org-backup = ./modules/nixos/github-org-backup.nix;
hercules-ci = ./modules/nixos/hercules-ci.nix;
hydra = ./modules/nixos/hydra.nix;
monitoring = ./modules/nixos/monitoring;
nginx = ./modules/nixos/nginx.nix;
nur-update = ./modules/nixos/nur-update.nix;
remote-builder = ./modules/nixos/remote-builder.nix;
watch-store = ./modules/nixos/watch-store.nix;
};
outputs =
inputs:
inputs.blueprint {
inherit inputs;
nixpkgs.config.allowUnfreePredicate =
pkg: builtins.elem (inputs.nixpkgs.lib.getName pkg) [ "terraform" ];
};
}
Loading

0 comments on commit c08844e

Please sign in to comment.