feat: upstream node generation

2025-10-10 22:00:39 +02:00 · 2025-02-06 21:14:42 +01:00 · 2025-02-06 21:14:42 +01:00 · 93b08971cf
commit 93b08971cf
parent f1a3f0303b
9 changed files with 268 additions and 48 deletions
--- a/flake-modules/default.nix
+++ b/flake-modules/default.nix
@ -0,0 +1,6 @@
+{
+  imports = [
+    ./globals.nix
+    ./nodes.nix
+  ];
+}
--- a/flake-modules/globals.nix
+++ b/flake-modules/globals.nix
@ -0,0 +1,74 @@
+{
+  inputs,
+  lib,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkOption types;
+in
+{
+  options.globals = {
+    optModules = mkOption {
+      type = types.listOf types.deferredModule;
+      default = [ ];
+      description = ''
+        Modules defining global options.
+        These should not include any config only option declaration.
+        Will be included in the exported nixos Modules from this flake to be included
+        into the host evaluation.
+      '';
+    };
+    defModules = mkOption {
+      type = types.listOf types.deferredModule;
+      default = [ ];
+      description = ''
+        Modules configuring global options.
+        These should not include any option declaration use {option}`optModules` for that.
+        Will not included in the exported nixos Modules.
+      '';
+    };
+    attrkeys = mkOption {
+      type = types.listOf types.str;
+      default = [ ];
+      description = ''
+        The toplevel attrNames for your globals.
+        Make sure the keys of this attrset are trivially evaluatable to avoid infinite recursion,
+        therefore we inherit relevant attributes from the config.
+      '';
+    };
+  };
+  config.flake = flakeSubmod: {
+    globals =
+      let
+        globalsSystem = lib.evalModules {
+          prefix = [ "globals" ];
+          specialArgs = {
+            inherit (inputs.self.pkgs.x86_64-linux) lib;
+            inherit inputs;
+            inherit (flakeSubmod.config) nodes;
+          };
+          modules =
+            config.globals.optModules
+            ++ config.globals.defModules
+            ++ [
+              ../modules/globals.nix
+              (
+                { lib, ... }:
+                {
+                  globals = lib.mkMerge (
+                    lib.concatLists (
+                      lib.flip lib.mapAttrsToList flakeSubmod.config.nodes (
+                        name: cfg:
+                        builtins.addErrorContext "while aggregating globals from nixosConfigurations.${name} into flake-level globals:" cfg.config._globalsDefs
+                      )
+                    )
+                  );
+                }
+              )
+            ];
+        };
+      in
+      lib.genAttrs config.globals.attrkeys (x: globalsSystem.config.globals.${x});
+  };
+}
--- a/flake-modules/nodes.nix
+++ b/flake-modules/nodes.nix
@ -0,0 +1,110 @@
+{
+  inputs,
+  self,
+  lib,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkOption types;
+  topConfig = config;
+in
+{
+  options.node = {
+    path = mkOption {
+      type = types.path;
+      description = "The path containing your host definitions";
+    };
+    nixpkgs = mkOption {
+      type = types.path;
+      default = inputs.nixpkgs;
+      description = "The path to your nixpkgs.";
+    };
+  };
+  config.flake =
+    {
+      config,
+      lib,
+      ...
+    }:
+    let
+      inherit (lib)
+        concatMapAttrs
+        filterAttrs
+        flip
+        genAttrs
+        mapAttrs'
+        nameValuePair
+        ;
+
+      # Creates a new nixosSystem with the correct specialArgs, pkgs and name definition
+      mkHost =
+        { minimal }:
+        name:
+        let
+          pkgs = config.pkgs.x86_64-linux;
+        in
+        (import "${topConfig.node.nixpkgs}/nixos/lib/eval-config.nix") {
+          system = null;
+          specialArgs = {
+            # Use the correct instance lib that has our overlays
+            inherit (pkgs) lib;
+            inherit (config) nodes globals;
+            inherit minimal;
+            extraModules = [
+              ../modules
+            ] ++ topConfig.globals.optModules;
+            inputs = inputs // {
+              inherit (topConfig.node) nixpkgs;
+            };
+          };
+          modules = [
+            (
+              { config, ... }:
+              {
+                node.name = name;
+                node.secretsDir = topConfig.node.path + "/${name}/secrets";
+                nixpkgs.pkgs = self.pkgs.${config.nixpkgs.hostPlatform.system};
+              }
+            )
+            (topConfig.node.path + "/${name}")
+            ../modules
+          ] ++ topConfig.globals.optModules;
+        };
+
+      # Load the list of hosts that this flake defines, which
+      # associates the minimum amount of metadata that is necessary
+      # to instanciate hosts correctly.
+      hosts = builtins.attrNames (
+        filterAttrs (_: type: type == "directory") (builtins.readDir topConfig.node.path)
+      );
+    in
+    # Process each nixosHosts declaration and generatea nixosSystem definitions
+    {
+      nixosConfigurations = genAttrs hosts (mkHost {
+        minimal = false;
+      });
+      minimalConfigurations = genAttrs hosts (mkHost {
+        minimal = true;
+      });
+
+      # True NixOS nodes can define additional guest nodes that are built
+      # together with it. We collect all defined guests from each node here
+      # to allow accessing any node via the unified attribute `nodes`.
+      guestConfigurations = flip concatMapAttrs config.nixosConfigurations (
+        _: node:
+        flip mapAttrs' (node.config.guests or { }) (
+          guestName: guestDef:
+          nameValuePair guestDef.nodeName (
+            if guestDef.backend == "microvm" then
+              node.config.microvm.vms.${guestName}.config
+            else
+              node.config.containers.${guestName}.nixosConfiguration
+          )
+        )
+      );
+      # All nixosSystem instanciations are collected here, so that we can refer
+      # to any system via nodes.<name>
+      nodes = config.nixosConfigurations // config.guestConfigurations;
+    };
+}
--- a/flake.nix
+++ b/flake.nix
@ -35,6 +35,10 @@
      ];

      flake.modules = {
+        flake = {
+          nixos-extra-modules = import ./flake-modules;
+          default = self.modules.flake.nixos-extra-modules;
+        };
        nixos = {
          nixos-extra-modules = import ./modules;
          default = self.modules.nixos.nixos-extra-modules;
--- a/modules/default.nix
+++ b/modules/default.nix
@ -1,8 +1,10 @@
-{inputs, ...}: {
+{ inputs, ... }:
+{
  imports = [
    inputs.microvm.nixosModules.host

    ./boot.nix
+    ./globals.nix
    ./guests/default.nix
    ./interface-naming.nix
    ./nginx.nix
--- a/modules/globals.nix
+++ b/modules/globals.nix
@ -0,0 +1,9 @@
+{ lib, options, ... }:
+{
+  options._globalsDefs = lib.mkOption {
+    type = lib.types.unspecified;
+    default = options.globals.definitions;
+    readOnly = true;
+    internal = true;
+  };
+}
--- a/modules/guests/common-guest-config.nix
+++ b/modules/guests/common-guest-config.nix
@ -1,12 +1,14 @@
-_guestName: guestCfg: {lib, ...}: let
-  inherit
-    (lib)
+_guestName: guestCfg:
+{ lib, ... }:
+let
+  inherit (lib)
    mkForce
    nameValuePair
    listToAttrs
    flip
    ;
-in {
+in
+{
  node.name = guestCfg.nodeName;
  node.type = guestCfg.backend;

--- a/modules/guests/container.nix
+++ b/modules/guests/container.nix
@ -1,17 +1,20 @@
-guestName: guestCfg: {
+guestName: guestCfg:
+{
  config,
  inputs,
  lib,
  pkgs,
+  extraModules,
  ...
-}: let
-  inherit
-    (lib)
+}:
+let
+  inherit (lib)
    flip
    mapAttrs'
    nameValuePair
    ;
-in {
+in
+{
  inherit (guestCfg.container) macvlans;
  ephemeral = true;
  privateNetwork = true;
@ -65,6 +68,7 @@ in {
        }
        (import ./common-guest-config.nix guestName guestCfg)
      ]
-      ++ guestCfg.modules;
+      ++ guestCfg.modules
+      ++ extraModules;
  };
 }
--- a/modules/guests/microvm.nix
+++ b/modules/guests/microvm.nix
@ -1,10 +1,12 @@
-guestName: guestCfg: {
+guestName: guestCfg:
+{
  inputs,
  lib,
+  extraModules,
  ...
-}: let
-  inherit
-    (lib)
+}:
+let
+  inherit (lib)
    concatMapAttrs
    flip
    mapAttrs
@ -13,17 +15,20 @@ guestName: guestCfg: {
    mkForce
    replaceStrings
    ;
-in {
+in
+{
  specialArgs = guestCfg.extraSpecialArgs;
  pkgs = inputs.self.pkgs.${guestCfg.microvm.system};
  inherit (guestCfg) autostart;
  config = {
    imports =
-      guestCfg.modules
+      extraModules
+      ++ guestCfg.modules
      ++ [
        (import ./common-guest-config.nix guestName guestCfg)
        (
-          {config, ...}: {
+          { config, ... }:
+          {
            # Set early hostname too, so we can associate those logs to this host and don't get "localhost" entries in loki
            boot.kernelParams = [ "systemd.hostname=${config.networking.hostName}" ];
          }
@ -47,11 +52,13 @@ in {

      # MACVTAP bridge to the host's network
      interfaces = flip mapAttrsToList guestCfg.microvm.interfaces (
-        _: {
+        _:
+        {
          mac,
          hostLink,
          ...
-        }: {
+        }:
+        {
          type = "macvtap";
          id = "vm-${replaceStrings [ ":" ] [ "" ] mac}";
          inherit mac;
@ -84,7 +91,9 @@ in {

    networking.renameInterfacesByMac = flip mapAttrs guestCfg.microvm.interfaces (_: { mac, ... }: mac);
    systemd.network.networks = flip concatMapAttrs guestCfg.microvm.interfaces (
-      name: {mac, ...}: {
+      name:
+      { mac, ... }:
+      {
        "10-${name}".matchConfig = mkForce {
          MACAddress = mac;
        };