git.delta.rocks / jrsonnet / refs/commits / 5b343db89280

difftreelog

source

flake.nix6.8 KiBsourcehistory
1{2  description = "NixOS cluster configuration management";34  inputs = {5    nixpkgs.url = "github:nixos/nixpkgs/release-25.05";6    rust-overlay = {7      url = "github:oxalica/rust-overlay";8      inputs.nixpkgs.follows = "nixpkgs";9    };10    flake-parts = {11      url = "github:hercules-ci/flake-parts";12      inputs.nixpkgs-lib.follows = "nixpkgs";13    };14    crane.url = "github:ipetkov/crane";15    shelly.url = "github:CertainLach/shelly";16    fleet-tf = {17      url = "github:CertainLach/fleet-tf";18      inputs.nixpkgs.follows = "nixpkgs";19      inputs.shelly.follows = "shelly";20      inputs.flake-parts.follows = "flake-parts";21    };22    treefmt-nix = {23      url = "github:numtide/treefmt-nix";24      inputs.nixpkgs.follows = "nixpkgs";25    };26    # DeterminateSystem's nix fork is controversial, but I don't mind it,27    # and it has lazy-trees support which is useful for fleet.28    nix.url = "github:deltarocks/nix/fleet";29  };30  outputs =31    inputs:32    inputs.flake-parts.lib.mkFlake33      {34        inherit inputs;35      }36      {37        imports = [ inputs.shelly.flakeModule ];38        flake = rec {39          lib =40            (import ./lib {41              inherit (inputs.nixpkgs) lib;42            })43            // {44              fleetConfiguration = throw "function-based interface is deprecated, use flake-parts syntax instead";45            };46          flakeModules.default = import ./lib/flakePart.nix {47            inherit (inputs) crane;48          };49          flakeModule = flakeModules.default;5051          flakeModules.fleet-tf = ./modules/extras/tf.nix;5253          # Used to test nix-eval bindings54          testData = {55            testObj = {56              v = "Hello";57            };58            testString = "hello";59          };6061          # To be used with https://github.com/NixOS/nix/pull/889262          schemas =63            let64              inherit (inputs.nixpkgs.lib) mapAttrs;65            in66            {67              fleetConfigurations = {68                version = 1;69                doc = ''70                  The `fleetConfigurations` flake output defines fleet cluster configurations.71                '';72                inventory = output: {73                  children = mapAttrs (configName: cluster: {74                    what = "fleet cluster configuration";7576                    children = mapAttrs (hostName: host: {77                      what = "host [${host.system}]";78                    }) cluster.config.hosts;79                    # It is possible to implement this inventory right now, but I want to80                    # get rid of `fleet.nix` file in the future.81                    # children.secrets = { };82                  }) output;83                };84              };85            };86        };87        # Supported and tested list of deployment targets.88        systems = [89          "x86_64-linux"90          "aarch64-linux"91          "armv7l-linux"92          "armv6l-linux"93        ];94        perSystem =95          {96            config,97            system,98            pkgs,99            self,100            inputs',101            ...102          }:103          let104            inherit (lib.attrsets) mapAttrs';105            inherit (lib.lists) elem;106            # Can also be built for darwin, through it is not usual to deploy nixos systems from macos machines.107            # I have no hardware for such testing, thus only adding machines I actually have and use.108            #109            # It is not possible to deploy any host from armv6/armv7 hardware, and I don't think it even makes sense.110            deployerSystems = [111              "aarch64-linux"112              "x86_64-linux"113            ];114            deployerSystem = elem system deployerSystems;115            lib = pkgs.lib;116            rust = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;117            craneLib = (inputs.crane.mkLib pkgs).overrideToolchain rust;118            treefmt = (inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix).config.build;119          in120          {121            _module.args.pkgs = import inputs.nixpkgs {122              inherit system;123              overlays = [124                (inputs.rust-overlay.overlays.default)125                (final: prev: {126                  boehmgc = prev.boehmgc.overrideAttrs (prevAttrs: {127                    configureFlags = prevAttrs.configureFlags ++ [128                      "--enable-gc-assertions"129                    ];130                  });131                })132              ];133            };134            # Reference fleet package should be built with nightly rust, specified in rust-toolchain.toml.135            packages = lib.mkIf deployerSystem (136              let137                packages = pkgs.callPackages ./pkgs {138                  inherit craneLib inputs';139                };140              in141              packages // { default = packages.fleet; }142            );143            # fleet-install-secrets will not be built normally, because they are not ran directly by user most of the time.144            # checks there build packages for default nixpkgs rustPlatform packages.145            checks =146              let147                nixpkgsCraneLib = inputs.crane.mkLib pkgs;148                packages = pkgs.callPackages ./pkgs {149                  craneLib = nixpkgsCraneLib;150                  inherit inputs;151                };152                prefixAttrs =153                  prefix: attrs:154                  mapAttrs' (name: value: {155                    name = "${prefix}${name}";156                    value = value.overrideAttrs (prev: {157                      pname = "${prefix}${prev.pname}";158                    });159                  }) attrs;160              in161              # fleet-install-secrets is installed to remote systems, thus needs to work162              # with rust in nixpkgs.163              (prefixAttrs "nixpkgs-" {164                inherit (packages) fleet-install-secrets;165              })166              // {167                formatting = treefmt.check self;168              };169            # TODO: It should be possible to move lib.mkIf to default attribute, instead of disabling the whole170            # devShells block, yet nix flake check fails here, due to no default shell found. It is nix or flake-parts bug?171            shelly.shells.default = lib.mkIf deployerSystem {172              factory = craneLib.devShell;173              packages = with pkgs; [174                rust175176                pkg-config177                openssl178                rustPlatform.bindgenHook179                inputs'.nix.packages.nix-expr-c180                inputs'.nix.packages.nix-flake-c181                inputs'.nix.packages.nix-fetchers-c182                inputs'.nix.packages.nix-store-c183184                (rage.overrideAttrs { cargoFeatures = [ "plugin" ]; })185              ];186              environment.PROTOC = "${pkgs.protobuf}/bin/protoc";187            };188            formatter = treefmt.wrapper;189          };190      };191}