feat: switch to colmena

flake.lock

@@ -26,11 +26,11 @@
         "flake-utils": "flake-utils"
       },
       "locked": {
-        "lastModified": 1675211530,
-        "narHash": "sha256-GuCynYpxeFrP2yC/N62Ch+MaFMOS5FPo3thI59dyODI=",
+        "lastModified": 1675298618,
+        "narHash": "sha256-gjsLHu5MNdSDdNUUtEvcohP0L/pF9cSxdRyS1yg9wXU=",
         "owner": "oddlama",
         "repo": "agenix-rekey",
-        "rev": "36bf84de1a1e44897e413e67efa32b01f1e48d09",
+        "rev": "df345c1a0e37985bc4da2c67d4fc5bdd433c53af",
         "type": "github"
       },
       "original": {
@@ -39,33 +39,48 @@
         "type": "github"
       }
     },
-    "deploy-rs": {
+    "colmena": {
       "inputs": {
-        "flake-compat": [
-          "flake-compat"
+        "flake-compat": "flake-compat",
+        "flake-utils": [
+          "flake-utils"
         ],
         "nixpkgs": [
           "nixpkgs"
         ],
-        "utils": [
-          "flake-utils"
-        ]
+        "stable": "stable"
       },
       "locked": {
-        "lastModified": 1674127017,
-        "narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=",
-        "owner": "serokell",
-        "repo": "deploy-rs",
-        "rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77",
+        "lastModified": 1675019967,
+        "narHash": "sha256-AD9udouBmfWxmsM1j6eNCu+HEB9E41+fA3XRIb765LU=",
+        "owner": "zhaofengli",
+        "repo": "colmena",
+        "rev": "7602e548a78932bd28a7e2f621b3d62b4124e993",
         "type": "github"
       },
       "original": {
-        "owner": "serokell",
-        "repo": "deploy-rs",
+        "owner": "zhaofengli",
+        "repo": "colmena",
         "type": "github"
       }
     },
     "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1650374568,
+        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "flake-compat_2": {
       "flake": false,
       "locked": {
         "lastModified": 1673956053,
@@ -141,11 +156,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1675203549,
-        "narHash": "sha256-SehK6lTqcB5gv4QpoIHcWcqvwpLzHW42+681ZBg52cE=",
+        "lastModified": 1675247113,
+        "narHash": "sha256-+YcXjfCP4hNu8A68b/UoXFCTDwKLuLV+x/7dQnM5U/o=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "1d94de5604935591494eeb6ea80bc34ac84a9f23",
+        "rev": "782cb855b2f23c485011a196c593e2d7e4fce746",
         "type": "github"
       },
       "original": {
@@ -186,11 +201,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1675115703,
-        "narHash": "sha256-4zetAPSyY0D77x+Ww9QBe8RHn1akvIvHJ/kgg8kGDbk=",
+        "lastModified": 1675183161,
+        "narHash": "sha256-Zq8sNgAxDckpn7tJo7V1afRSk2eoVbu3OjI1QklGLNg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44",
+        "rev": "e1e1b192c1a5aab2960bf0a0bd53a2e8124fa18e",
         "type": "github"
       },
       "original": {
@@ -256,11 +271,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1673786180,
-        "narHash": "sha256-5tu71eDtQVmVUorho/GKaCzr4cdmNpvG8ZYxMhDCVKY=",
+        "lastModified": 1675293936,
+        "narHash": "sha256-xaObOxlMiZ8noXbXWfoUJrCjVZ8oc9HBblc/MeCq7fc=",
         "owner": "yaxitech",
         "repo": "ragenix",
-        "rev": "92248738a21db5687744d9e7796cf2433b96a7a5",
+        "rev": "325733b734aa4cc4d6b19f1169e6672cad4128ca",
         "type": "github"
       },
       "original": {
@@ -272,8 +287,8 @@
     "root": {
       "inputs": {
         "agenix-rekey": "agenix-rekey",
-        "deploy-rs": "deploy-rs",
-        "flake-compat": "flake-compat",
+        "colmena": "colmena",
+        "flake-compat": "flake-compat_2",
         "flake-utils": "flake-utils_2",
         "home-manager": "home-manager",
         "impermanence": "impermanence",
@@ -309,6 +324,22 @@
         "type": "github"
       }
     },
+    "stable": {
+      "locked": {
+        "lastModified": 1669735802,
+        "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "731cc710aeebecbf45a258e977e8b68350549522",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-22.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "templates": {
       "locked": {
         "lastModified": 1671651249,

flake.nix

@@ -2,13 +2,10 @@
   description = "oddlama's NixOS Infrastructure";
 
   inputs = {
-    deploy-rs = {
-      url = "github:serokell/deploy-rs";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-        flake-compat.follows = "flake-compat";
-        utils.follows = "flake-utils";
-      };
+    colmena = {
+      url = "github:zhaofengli/colmena";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-utils.follows = "flake-utils";
     };
 
     flake-compat = {
@@ -46,6 +43,7 @@
 
   outputs = {
     self,
+    colmena,
     nixpkgs,
     flake-utils,
     agenix-rekey,
@@ -53,10 +51,9 @@
   } @ inputs:
     {
       hosts = import ./nix/hosts.nix;
-      deploy = import ./nix/deploy.nix inputs;
+      colmena = import ./nix/colmena.nix inputs;
       overlays = import ./nix/overlay.nix inputs;
       homeConfigurations = import ./nix/home-manager.nix inputs;
-      nixosConfigurations = import ./nix/nixos.nix inputs;
     }
     // flake-utils.lib.eachDefaultSystem (system: rec {
       checks = import ./nix/checks.nix inputs system;
@@ -79,6 +76,9 @@
         config.allowUnfree = true;
       };
 
-      apps = agenix-rekey.defineApps inputs system;
+      apps = let
+        inherit ((colmena.lib.makeHive self.colmena).introspect (x: x)) nodes;
+      in
+        agenix-rekey.defineApps inputs system nodes;
     });
 }

modules/core/default.nix

@@ -5,7 +5,7 @@
   ...
 }: let
   dummyConfig = pkgs.writeText "configuration.nix" ''
-    assert builtins.trace "This is a dummy config, use deploy-rs!" false;
+    assert builtins.trace "This is a dummy config, use colmena!" false;
     { }
   '';
 in {
@@ -56,8 +56,6 @@ in {
     "nixpkgs-overlays=/run/current-system/overlays"
   ];
 
-  nixpkgs.config.allowUnfree = true;
-
   programs = {
     git = {
       enable = true;

nix/checks.nix

@@ -3,8 +3,7 @@
   pre-commit-hooks,
   ...
 }: system:
-with self.pkgs.${system};
-  {
+with self.pkgs.${system}; {
   pre-commit-check =
     pre-commit-hooks.lib.${system}.run
     {
@@ -18,4 +17,3 @@ with self.pkgs.${system};
       };
     };
 }
-  // (deploy-rs.lib.deployChecks self.deploy)

nix/colmena.nix

@@ -0,0 +1,49 @@
+{
+  self,
+  colmena,
+  home-manager,
+  #impermanence,
+  nixos-hardware,
+  nixpkgs,
+  ragenix,
+  agenix-rekey,
+  templates,
+  ...
+}:
+with nixpkgs.lib; let
+  generateColmenaNode = hostName: _: {
+    imports = [
+      {
+        # By default, set networking.hostName to the hostName
+        networking.hostName = mkDefault hostName;
+        # Define global flakes for this system
+        nix.registry = {
+          nixpkgs.flake = nixpkgs;
+          p.flake = nixpkgs;
+          pkgs.flake = nixpkgs;
+          templates.flake = templates;
+        };
+      }
+      (../hosts + "/${hostName}")
+      home-manager.nixosModules.default
+      #impermanence.nixosModules.default
+      ragenix.nixosModules.age
+      agenix-rekey.nixosModules.default
+    ];
+  };
+in
+  {
+    meta = {
+      description = "oddlama's colmena configuration";
+      # Just a required dummy for colmena, overwritten on a per-node basis by nodeNixpkgs below.
+      nixpkgs = self.pkgs.x86_64-linux;
+      nodeNixpkgs = mapAttrs (hostName: {system, ...}: self.pkgs.${system}) (self.hosts.nixos or {});
+      #nodeSpecialArgs = mapAttrs (hostName: { system, ... }: {}) (self.hosts.nixos or {});
+      specialArgs = {
+        inherit (nixpkgs) lib;
+        nixos-hardware = nixos-hardware.nixosModules;
+        #impermanence = impermanence.nixosModules;
+      };
+    };
+  }
+  // mapAttrs generateColmenaNode (self.hosts.nixos or {})

nix/deploy.nix

@@ -1,24 +0,0 @@
-{
-  self,
-  deploy-rs,
-  nixpkgs,
-  ...
-}: let
-  inherit (nixpkgs) lib;
-
-  generateNode = hostName: nixosCfg: let
-    host = self.hosts.${hostName};
-    inherit (deploy-rs.lib.${host.hostPlatform}) activate;
-  in {
-    remoteBuild = host.remoteBuild or true;
-    hostname = host.address or hostName;
-    profiles.system.path = activate.nixos nixosCfg;
-  };
-in {
-  autoRollback = false;
-  magicRollback = false;
-  sshUser = "root";
-  user = "root";
-  sudo = "runuser -u";
-  nodes = lib.mapAttrs generateNode (self.nixosConfigurations or {});
-}

nix/dev-shell.nix

@@ -6,7 +6,7 @@ with self.pkgs.${system};
     nativeBuildInputs = [
       # Nix
       cachix
-      deploy-rs.deploy-rs
+      colmena
       nix-build-uncached
       alejandra
       ragenix

nix/home-manager.nix

@@ -39,9 +39,9 @@
     };
   };
 
-  genConfiguration = hostName: {hostPlatform, ...} @ attrs:
+  genConfiguration = hostName: {system, ...} @ attrs:
     home-manager.lib.homeManagerConfiguration {
-      pkgs = self.pkgs.${hostPlatform};
+      pkgs = self.pkgs.${system};
       modules = [(genModules hostName attrs)];
     };
 in

nix/hosts.nix

@@ -1,19 +1,15 @@
-let
+with builtins; let
   hosts = {
     nom = {
       type = "nixos";
-      hostPlatform = "x86_64-linux";
-      remoteBuild = true;
+      system = "x86_64-linux";
     };
     ward = {
       type = "nixos";
-      hostPlatform = "x86_64-linux";
-      remoteBuild = true;
+      system = "x86_64-linux";
     };
   };
 
-  inherit (builtins) attrNames concatMap listToAttrs filter;
-
   filterAttrs = pred: set:
     listToAttrs (concatMap (name: let
       value = set.${name};
@@ -24,11 +20,12 @@ let
 
   removeEmptyAttrs = filterAttrs (_: v: v != {});
 
+  # TODO: so much strange shit
   genSystemGroups = hosts: let
     systems = ["aarch64-linux" "x86_64-linux"];
     systemHostGroup = name: {
       inherit name;
-      value = filterAttrs (_: host: host.hostPlatform == name) hosts;
+      value = filterAttrs (_: host: host.system == name) hosts;
     };
   in
     removeEmptyAttrs (listToAttrs (map systemHostGroup systems));

nix/nixos.nix

@@ -1,47 +0,0 @@
-{
-  self,
-  home-manager,
-  #impermanence,
-  nixos-hardware,
-  nixpkgs,
-  ragenix,
-  agenix-rekey,
-  templates,
-  ...
-}: let
-  inherit (nixpkgs) lib;
-
-  nixRegistry = {
-    nix.registry = {
-      nixpkgs.flake = nixpkgs;
-      p.flake = nixpkgs;
-      pkgs.flake = nixpkgs;
-      templates.flake = templates;
-    };
-  };
-
-  genConfiguration = hostName: {hostPlatform, ...}:
-    lib.nixosSystem {
-      modules = [
-        (../hosts + "/${hostName}")
-        # By default, set networking.hostName to the hostName
-        {networking.hostName = lib.mkDefault hostName;}
-        # Use correct pkgs definition
-        {
-          nixpkgs.pkgs = self.pkgs.${hostPlatform};
-          # FIXME: This shouldn't be needed, but is for some reason
-          nixpkgs.hostPlatform = hostPlatform;
-        }
-        nixRegistry
-        home-manager.nixosModules.default
-        #impermanence.nixosModules.default
-        ragenix.nixosModules.age
-        agenix-rekey.nixosModules.default
-      ];
-      specialArgs = {
-        #impermanence = impermanence.nixosModules;
-        nixos-hardware = nixos-hardware.nixosModules;
-      };
-    };
-in
-  lib.mapAttrs genConfiguration (self.hosts.nixos or {})

nix/overlay.nix

@@ -1,5 +1,4 @@
 {
-  deploy-rs,
   nixpkgs,
   ragenix,
   ...
@@ -17,7 +16,6 @@ in
   // {
     default = lib.composeManyExtensions ((lib.attrValues localOverlays)
       ++ [
-        deploy-rs.overlay
         ragenix.overlays.default
       ]);
   }