diff --git a/flake.lock b/flake.lock index 5bf5754..efc6b2d 100644 --- a/flake.lock +++ b/flake.lock @@ -26,11 +26,11 @@ "flake-utils": "flake-utils" }, "locked": { - "lastModified": 1675211530, - "narHash": "sha256-GuCynYpxeFrP2yC/N62Ch+MaFMOS5FPo3thI59dyODI=", + "lastModified": 1675298618, + "narHash": "sha256-gjsLHu5MNdSDdNUUtEvcohP0L/pF9cSxdRyS1yg9wXU=", "owner": "oddlama", "repo": "agenix-rekey", - "rev": "36bf84de1a1e44897e413e67efa32b01f1e48d09", + "rev": "df345c1a0e37985bc4da2c67d4fc5bdd433c53af", "type": "github" }, "original": { @@ -39,33 +39,48 @@ "type": "github" } }, - "deploy-rs": { + "colmena": { "inputs": { - "flake-compat": [ - "flake-compat" + "flake-compat": "flake-compat", + "flake-utils": [ + "flake-utils" ], "nixpkgs": [ "nixpkgs" ], - "utils": [ - "flake-utils" - ] + "stable": "stable" }, "locked": { - "lastModified": 1674127017, - "narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77", + "lastModified": 1675019967, + "narHash": "sha256-AD9udouBmfWxmsM1j6eNCu+HEB9E41+fA3XRIb765LU=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "7602e548a78932bd28a7e2f621b3d62b4124e993", "type": "github" }, "original": { - "owner": "serokell", - "repo": "deploy-rs", + "owner": "zhaofengli", + "repo": "colmena", "type": "github" } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1673956053, @@ -141,11 +156,11 @@ ] }, "locked": { - "lastModified": 1675203549, - "narHash": "sha256-SehK6lTqcB5gv4QpoIHcWcqvwpLzHW42+681ZBg52cE=", + "lastModified": 1675247113, + "narHash": "sha256-+YcXjfCP4hNu8A68b/UoXFCTDwKLuLV+x/7dQnM5U/o=", "owner": "nix-community", "repo": "home-manager", - "rev": "1d94de5604935591494eeb6ea80bc34ac84a9f23", + "rev": "782cb855b2f23c485011a196c593e2d7e4fce746", "type": "github" }, "original": { @@ -186,11 +201,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1675115703, - "narHash": "sha256-4zetAPSyY0D77x+Ww9QBe8RHn1akvIvHJ/kgg8kGDbk=", + "lastModified": 1675183161, + "narHash": "sha256-Zq8sNgAxDckpn7tJo7V1afRSk2eoVbu3OjI1QklGLNg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44", + "rev": "e1e1b192c1a5aab2960bf0a0bd53a2e8124fa18e", "type": "github" }, "original": { @@ -256,11 +271,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1673786180, - "narHash": "sha256-5tu71eDtQVmVUorho/GKaCzr4cdmNpvG8ZYxMhDCVKY=", + "lastModified": 1675293936, + "narHash": "sha256-xaObOxlMiZ8noXbXWfoUJrCjVZ8oc9HBblc/MeCq7fc=", "owner": "yaxitech", "repo": "ragenix", - "rev": "92248738a21db5687744d9e7796cf2433b96a7a5", + "rev": "325733b734aa4cc4d6b19f1169e6672cad4128ca", "type": "github" }, "original": { @@ -272,8 +287,8 @@ "root": { "inputs": { "agenix-rekey": "agenix-rekey", - "deploy-rs": "deploy-rs", - "flake-compat": "flake-compat", + "colmena": "colmena", + "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_2", "home-manager": "home-manager", "impermanence": "impermanence", @@ -309,6 +324,22 @@ "type": "github" } }, + "stable": { + "locked": { + "lastModified": 1669735802, + "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "731cc710aeebecbf45a258e977e8b68350549522", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, "templates": { "locked": { "lastModified": 1671651249, diff --git a/flake.nix b/flake.nix index eaa9762..f0539b7 100644 --- a/flake.nix +++ b/flake.nix @@ -2,13 +2,10 @@ description = "oddlama's NixOS Infrastructure"; inputs = { - deploy-rs = { - url = "github:serokell/deploy-rs"; - inputs = { - nixpkgs.follows = "nixpkgs"; - flake-compat.follows = "flake-compat"; - utils.follows = "flake-utils"; - }; + colmena = { + url = "github:zhaofengli/colmena"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; }; flake-compat = { @@ -46,6 +43,7 @@ outputs = { self, + colmena, nixpkgs, flake-utils, agenix-rekey, @@ -53,10 +51,9 @@ } @ inputs: { hosts = import ./nix/hosts.nix; - deploy = import ./nix/deploy.nix inputs; + colmena = import ./nix/colmena.nix inputs; overlays = import ./nix/overlay.nix inputs; homeConfigurations = import ./nix/home-manager.nix inputs; - nixosConfigurations = import ./nix/nixos.nix inputs; } // flake-utils.lib.eachDefaultSystem (system: rec { checks = import ./nix/checks.nix inputs system; @@ -79,6 +76,9 @@ config.allowUnfree = true; }; - apps = agenix-rekey.defineApps inputs system; + apps = let + inherit ((colmena.lib.makeHive self.colmena).introspect (x: x)) nodes; + in + agenix-rekey.defineApps inputs system nodes; }); } diff --git a/modules/core/default.nix b/modules/core/default.nix index 875ae06..cf9a872 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -5,7 +5,7 @@ ... }: let dummyConfig = pkgs.writeText "configuration.nix" '' - assert builtins.trace "This is a dummy config, use deploy-rs!" false; + assert builtins.trace "This is a dummy config, use colmena!" false; { } ''; in { @@ -56,8 +56,6 @@ in { "nixpkgs-overlays=/run/current-system/overlays" ]; - nixpkgs.config.allowUnfree = true; - programs = { git = { enable = true; diff --git a/nix/checks.nix b/nix/checks.nix index e6208c1..788eb33 100644 --- a/nix/checks.nix +++ b/nix/checks.nix @@ -3,19 +3,17 @@ pre-commit-hooks, ... }: system: -with self.pkgs.${system}; - { - pre-commit-check = - pre-commit-hooks.lib.${system}.run - { - src = lib.cleanSource ../.; - hooks = { - actionlint.enable = true; - luacheck.enable = true; - alejandra.enable = true; - statix.enable = true; - stylua.enable = true; - }; +with self.pkgs.${system}; { + pre-commit-check = + pre-commit-hooks.lib.${system}.run + { + src = lib.cleanSource ../.; + hooks = { + actionlint.enable = true; + luacheck.enable = true; + alejandra.enable = true; + statix.enable = true; + stylua.enable = true; }; - } - // (deploy-rs.lib.deployChecks self.deploy) + }; +} diff --git a/nix/colmena.nix b/nix/colmena.nix new file mode 100644 index 0000000..3343829 --- /dev/null +++ b/nix/colmena.nix @@ -0,0 +1,49 @@ +{ + self, + colmena, + home-manager, + #impermanence, + nixos-hardware, + nixpkgs, + ragenix, + agenix-rekey, + templates, + ... +}: +with nixpkgs.lib; let + generateColmenaNode = hostName: _: { + imports = [ + { + # By default, set networking.hostName to the hostName + networking.hostName = mkDefault hostName; + # Define global flakes for this system + nix.registry = { + nixpkgs.flake = nixpkgs; + p.flake = nixpkgs; + pkgs.flake = nixpkgs; + templates.flake = templates; + }; + } + (../hosts + "/${hostName}") + home-manager.nixosModules.default + #impermanence.nixosModules.default + ragenix.nixosModules.age + agenix-rekey.nixosModules.default + ]; + }; +in + { + meta = { + description = "oddlama's colmena configuration"; + # Just a required dummy for colmena, overwritten on a per-node basis by nodeNixpkgs below. + nixpkgs = self.pkgs.x86_64-linux; + nodeNixpkgs = mapAttrs (hostName: {system, ...}: self.pkgs.${system}) (self.hosts.nixos or {}); + #nodeSpecialArgs = mapAttrs (hostName: { system, ... }: {}) (self.hosts.nixos or {}); + specialArgs = { + inherit (nixpkgs) lib; + nixos-hardware = nixos-hardware.nixosModules; + #impermanence = impermanence.nixosModules; + }; + }; + } + // mapAttrs generateColmenaNode (self.hosts.nixos or {}) diff --git a/nix/deploy.nix b/nix/deploy.nix deleted file mode 100644 index 0a7e400..0000000 --- a/nix/deploy.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - self, - deploy-rs, - nixpkgs, - ... -}: let - inherit (nixpkgs) lib; - - generateNode = hostName: nixosCfg: let - host = self.hosts.${hostName}; - inherit (deploy-rs.lib.${host.hostPlatform}) activate; - in { - remoteBuild = host.remoteBuild or true; - hostname = host.address or hostName; - profiles.system.path = activate.nixos nixosCfg; - }; -in { - autoRollback = false; - magicRollback = false; - sshUser = "root"; - user = "root"; - sudo = "runuser -u"; - nodes = lib.mapAttrs generateNode (self.nixosConfigurations or {}); -} diff --git a/nix/dev-shell.nix b/nix/dev-shell.nix index c8ab043..339d0b4 100644 --- a/nix/dev-shell.nix +++ b/nix/dev-shell.nix @@ -6,7 +6,7 @@ with self.pkgs.${system}; nativeBuildInputs = [ # Nix cachix - deploy-rs.deploy-rs + colmena nix-build-uncached alejandra ragenix diff --git a/nix/home-manager.nix b/nix/home-manager.nix index e3ad1ab..77d76e0 100644 --- a/nix/home-manager.nix +++ b/nix/home-manager.nix @@ -39,9 +39,9 @@ }; }; - genConfiguration = hostName: {hostPlatform, ...} @ attrs: + genConfiguration = hostName: {system, ...} @ attrs: home-manager.lib.homeManagerConfiguration { - pkgs = self.pkgs.${hostPlatform}; + pkgs = self.pkgs.${system}; modules = [(genModules hostName attrs)]; }; in diff --git a/nix/hosts.nix b/nix/hosts.nix index 812dd90..c193400 100644 --- a/nix/hosts.nix +++ b/nix/hosts.nix @@ -1,19 +1,15 @@ -let +with builtins; let hosts = { nom = { type = "nixos"; - hostPlatform = "x86_64-linux"; - remoteBuild = true; + system = "x86_64-linux"; }; ward = { type = "nixos"; - hostPlatform = "x86_64-linux"; - remoteBuild = true; + system = "x86_64-linux"; }; }; - inherit (builtins) attrNames concatMap listToAttrs filter; - filterAttrs = pred: set: listToAttrs (concatMap (name: let value = set.${name}; @@ -24,11 +20,12 @@ let removeEmptyAttrs = filterAttrs (_: v: v != {}); + # TODO: so much strange shit genSystemGroups = hosts: let systems = ["aarch64-linux" "x86_64-linux"]; systemHostGroup = name: { inherit name; - value = filterAttrs (_: host: host.hostPlatform == name) hosts; + value = filterAttrs (_: host: host.system == name) hosts; }; in removeEmptyAttrs (listToAttrs (map systemHostGroup systems)); diff --git a/nix/nixos.nix b/nix/nixos.nix deleted file mode 100644 index 4079851..0000000 --- a/nix/nixos.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - self, - home-manager, - #impermanence, - nixos-hardware, - nixpkgs, - ragenix, - agenix-rekey, - templates, - ... -}: let - inherit (nixpkgs) lib; - - nixRegistry = { - nix.registry = { - nixpkgs.flake = nixpkgs; - p.flake = nixpkgs; - pkgs.flake = nixpkgs; - templates.flake = templates; - }; - }; - - genConfiguration = hostName: {hostPlatform, ...}: - lib.nixosSystem { - modules = [ - (../hosts + "/${hostName}") - # By default, set networking.hostName to the hostName - {networking.hostName = lib.mkDefault hostName;} - # Use correct pkgs definition - { - nixpkgs.pkgs = self.pkgs.${hostPlatform}; - # FIXME: This shouldn't be needed, but is for some reason - nixpkgs.hostPlatform = hostPlatform; - } - nixRegistry - home-manager.nixosModules.default - #impermanence.nixosModules.default - ragenix.nixosModules.age - agenix-rekey.nixosModules.default - ]; - specialArgs = { - #impermanence = impermanence.nixosModules; - nixos-hardware = nixos-hardware.nixosModules; - }; - }; -in - lib.mapAttrs genConfiguration (self.hosts.nixos or {}) diff --git a/nix/overlay.nix b/nix/overlay.nix index e213da8..27d12a8 100644 --- a/nix/overlay.nix +++ b/nix/overlay.nix @@ -1,5 +1,4 @@ { - deploy-rs, nixpkgs, ragenix, ... @@ -17,7 +16,6 @@ in // { default = lib.composeManyExtensions ((lib.attrValues localOverlays) ++ [ - deploy-rs.overlay ragenix.overlays.default ]); }