difftreelog
feat lenient nixosModules type
in: trunk
8 files changed
README.adocdiffbeforeafterboth--- a/README.adoc
+++ b/README.adoc
@@ -63,18 +63,14 @@
# nixosModules section of fleet config declares modules, which are used for all configured nixos hosts.
nixosModules = [
lanzaboote.nixosModules.lanzaboote
- ({
- config,
- lib,
- ...
- }: {
+ {
# Make `nix shell nixpkgs#thing` use the same nixpkgs, as used to build the system.
nix.registry.nixpkgs = {
from = { id = "nixpkgs"; type = "indirect"; };
flake = nixpkgs;
exact = false;
};
- })
+ }
];
# Those modules are used to configure all the machines in cluster at the same time, good example of global modules
@@ -97,12 +93,12 @@
./controlplane-1/hardware-configuration.nix
./controlplane-1/configuration.nix
# Configuration may also be specified inline, as in any nixos config.
- ({...}: {
+ {
services.ray = {
gpus = 4;
cpus = 128;
};
- })
+ }
];
};
};
flake.nixdiffbeforeafterboth--- a/flake.nix
+++ b/flake.nix
@@ -16,19 +16,18 @@
inputs.nixpkgs.follows = "nixpkgs";
};
};
- outputs = {
+ outputs = inputs @ {
self,
- rust-overlay,
flake-parts,
- nixpkgs,
- nixpkgs-stable-for-tests,
crane,
+ ...
}:
flake-parts.lib.mkFlake {
- # Not passing inputs through inputs for better visibility.
- inputs = {};
+ inherit inputs;
} {
- flake = {
+ flake = let
+ inherit (inputs.nixpkgs.lib) mapAttrs;
+ in {
lib = import ./lib {
fleetPkgsForPkgs = pkgs:
import ./pkgs {
@@ -45,11 +44,11 @@
'';
inventory = output: {
children =
- builtins.mapAttrs (configName: cluster: {
+ mapAttrs (configName: cluster: {
what = "fleet cluster configuration";
children =
- builtins.mapAttrs (hostName: host: {
+ mapAttrs (hostName: host: {
what = "host [${host.system}]";
})
cluster.config.hosts;
@@ -70,19 +69,20 @@
pkgs,
...
}: let
+ inherit (lib) mapAttrs' elem;
# Can also be built for darwin, through it is not usual to deploy nixos systems from macos machines.
# I have no hardware for such testing, thus only adding machines I actually have and use.
#
# It is not possible to deploy any host from armv6/armv7 hardware, and I don't think it even makes sense.
deployerSystems = ["aarch64-linux" "x86_64-linux"];
- deployerSystem = builtins.elem system deployerSystems;
+ deployerSystem = elem system deployerSystems;
lib = pkgs.lib;
rust = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
craneLib = (crane.mkLib pkgs).overrideToolchain rust;
in {
- _module.args.pkgs = import nixpkgs {
+ _module.args.pkgs = import inputs.nixpkgs {
inherit system;
- overlays = [(rust-overlay.overlays.default)];
+ overlays = [(inputs.rust-overlay.overlays.default)];
};
# Reference fleet package should be built with nightly rust, specified in rust-toolchain.toml.
packages = lib.mkIf deployerSystem (let
@@ -116,14 +116,14 @@
checks = let
packages = import ./pkgs {
inherit (pkgs) callPackage;
- craneLib = crane.mkLib (import nixpkgs {inherit system;});
+ craneLib = crane.mkLib pkgs;
};
packages-with-nixpkgs-stable = import ./pkgs {
inherit (pkgs) callPackage;
- craneLib = crane.mkLib (import nixpkgs-stable-for-tests {inherit system;});
+ craneLib = crane.mkLib (import inputs.nixpkgs-stable-for-tests {inherit system;});
};
prefixAttrs = prefix: attrs:
- nixpkgs.lib.attrsets.mapAttrs' (name: value: {
+ mapAttrs' (name: value: {
name = "${prefix}${name}";
value = value.overrideAttrs (prev: {
pname = "${prefix}${prev.pname}";
lib/fleetLib.nixdiffbeforeafterboth--- a/lib/fleetLib.nix
+++ b/lib/fleetLib.nix
@@ -2,8 +2,11 @@
{
nixpkgs,
hostNames,
-}:
-with nixpkgs.lib; rec {
+}: let
+ inherit (nixpkgs) lib;
+ inherit (lib) listToAttrs remove unique crossLists sort elemAt mkOptionType mkOverride optionalString;
+ inherit (lib.types) listOf coercedTo oneOf submodule;
+in rec {
hostsToAttrs = f:
listToAttrs (
map (name: {
@@ -34,6 +37,27 @@
then "${this}-${other}"
else "${other}-${this}";
+ types = rec {
+ anyModule = mkOptionType {
+ name = "submodule";
+ inherit (submodule {}) check;
+ merge = lib.options.mergeOneOption;
+ description = "Nixos module";
+ };
+ listOfAnyModuleStrict =
+ listOf anyModule;
+ listOfAnyModule =
+ coercedTo (oneOf [listOfAnyModuleStrict anyModule]) (
+ v:
+ if builtins.isAttrs v
+ then [v]
+ else if builtins.isFunction v
+ then [v]
+ else v
+ )
+ listOfAnyModuleStrict;
+ };
+
# mkDefault = mkOverride 1000
# For places, where fleet knows better than nixpkgs defaults.
mkFleetDefault = mkOverride 999;
modules/fleet/assertions.nixdiffbeforeafterboth--- a/modules/fleet/assertions.nix
+++ b/modules/fleet/assertions.nix
@@ -1,8 +1,10 @@
-{lib, ...}:
-with lib; {
+{lib, ...}: let
+ inherit (lib) mkOption;
+ inherit (lib.types) listOf unspecified str;
+in {
options = {
assertions = mkOption {
- type = types.listOf types.unspecified;
+ type = listOf unspecified;
internal = true;
default = [];
example = [
@@ -21,7 +23,7 @@
warnings = mkOption {
internal = true;
default = [];
- type = types.listOf types.str;
+ type = listOf str;
example = ["The `foo' service is deprecated and will go away soon!"];
description = ''
This option allows modules to show warnings to users during
modules/fleet/meta.nixdiffbeforeafterboth4 config,4 config,5 nixpkgs,5 nixpkgs,6 ...6 ...7}:7}: let8with lib;9with fleetLib; let8 inherit (fleetLib) hostsToAttrs mkFleetGeneratorDefault;9 inherit (fleetLib.types) listOfAnyModule;10 inherit (lib) mkOption mkOptionType;11 inherit (lib.types) str unspecified attrsOf listOf submodule;10 hostModule = with types;12 hostModule = {...} @ hostConfig: let11 {...} @ hostConfig: let12 hostName = hostConfig.config._module.args.name;13 hostName = hostConfig.config._module.args.name;13 in {14 in {14 options = {15 options = {15 nixosModules = mkOption {16 nixosModules = mkOption {17 # Not too strict, but nixos module system will fix everything.16 type = listOf (mkOptionType {18 type =17 name = "submodule";18 inherit (submodule {}) check;19 merge = lib.options.mergeOneOption;20 description = "Nixos module";21 });19 listOfAnyModule;2022 description = "List of nixos modules";21 description = "List of nixos modules";23 default = [];22 default = [];49 fleet = hostsToAttrs (host: config.hosts.${host}.nixosSystem.config);48 fleet = hostsToAttrs (host: config.hosts.${host}.nixosSystem.config);50 };49 };51 };50 };52 nixosModules = [51 nixosModules.networking.hostName = mkFleetGeneratorDefault hostName;53 ({...}: {54 networking.hostName = mkFleetGeneratorDefault hostName;55 })56 ];57 };52 };58 };53 };59 overlayType = mkOptionType {54 overlayType = mkOptionType {60 name = "nixpkgs-overlay";55 name = "nixpkgs-overlay";61 description = "nixpkgs overlay";56 description = "nixpkgs overlay";62 check = lib.isFunction;57 check = lib.isFunction;63 merge = lib.mergeOneOption;58 merge = lib.mergeOneOption;64 };59 };65in {60in {66 options = with types; {61 options = {67 hosts = mkOption {62 hosts = mkOption {68 type = attrsOf (submodule hostModule);63 type = attrsOf (submodule hostModule);69 default = {};64 default = {};70 description = "Configurations of individual hosts";65 description = "Configurations of individual hosts";71 };66 };72 nixosModules = mkOption {67 nixosModules = mkOption {73 type = listOf (mkOptionType {68 type = listOfAnyModule;74 name = "submodule";69 description = "Modules, which should be added to every system";75 inherit (submodule {}) check;70 default = [];76 merge = lib.options.mergeOneOption;71 };77 description = "Nixos modules";72 overlays = mkOption {78 });73 default = [];79 description = "Modules, which should be added to every system";74 type = listOf overlayType;80 default = [];75 };81 };76 };82 overlays = mkOption {77 config = {83 default = [];78 hosts = hostsToAttrs (host: {84 type = listOf overlayType;79 nixosModules =85 };80 config.nixosModules86 };81 ++ [87 config = {82 {88 hosts = hostsToAttrs (host: {83 nixpkgs.overlays = config.overlays;89 nixosModules =84 }90 config.nixosModules85 ];91 ++ [86 });92 ({...}: {87 nixosModules = import ../../nixos/modules/module-list.nix;93 nixpkgs.overlays = config.overlays;88 };94 })89}95 ];96 });97 nixosModules = import ../../nixos/modules/module-list.nix;98 };99}10090modules/fleet/secrets.nixdiffbeforeafterboth--- a/modules/fleet/secrets.nix
+++ b/modules/fleet/secrets.nix
@@ -3,11 +3,13 @@
fleetLib,
config,
...
-}:
-with lib;
-with fleetLib; let
- sharedSecret = with types; ({config, ...}: {
- freeformType = types.lazyAttrsOf unspecified;
+}: let
+ inherit (fleetLib) hostsToAttrs;
+ inherit (lib) mkOption mapAttrsToList mapAttrs filterAttrs concatStringsSep;
+ inherit (lib.types) lazyAttrsOf unspecified nullOr listOf str bool attrsOf submodule;
+
+ sharedSecret = {config, ...}: {
+ freeformType = lazyAttrsOf unspecified;
options = {
expectedOwners = mkOption {
type = nullOr (listOf str);
@@ -66,9 +68,9 @@
default = [];
};
};
- });
- hostSecret = with types; {
- freeformType = types.lazyAttrsOf unspecified;
+ };
+ hostSecret = {
+ freeformType = lazyAttrsOf unspecified;
options = {
createdAt = mkOption {
type = nullOr str;
@@ -81,7 +83,7 @@
};
};
in {
- options = with types; {
+ options = {
version = mkOption {
type = str;
default = "";
@@ -128,11 +130,7 @@
});
# TODO: Should this attribute be moved to `nixpkgs.overlays`?
overlays = [
- (final: prev: let
- lib = final.lib;
- inherit (lib) strings;
- inherit (strings) concatStringsSep;
- in {
+ (final: prev: {
mkSecretGenerators = {recipients}: rec {
# TODO: Merge both generators to one with consistent options syntax?
# Impure generator is built on local machine, then built closure is copied to remote machine,
nixos/meta.nixdiffbeforeafterboth--- a/nixos/meta.nix
+++ b/nixos/meta.nix
@@ -2,11 +2,13 @@
lib,
pkgs,
...
-}:
-with lib; {
- options = with types; {
+}: let
+ inherit (lib) mkOption;
+ inherit (lib.types) listOf str submodule;
+in {
+ options = {
nixpkgs.resolvedPkgs = mkOption {
- type = types.pkgs // {description = "nixpkgs.pkgs";};
+ type = lib.types.pkgs // {description = "nixpkgs.pkgs";};
description = "Value of pkgs";
};
tags = mkOption {
@@ -30,9 +32,6 @@
};
};
description = "Network definition of host";
- };
- buildTarget = mkOption {
- type = enum ["toplevel" "sd-image" "installation-cd"];
};
};
config = {
nixos/secrets.nixdiffbeforeafterboth--- a/nixos/secrets.nix
+++ b/nixos/secrets.nix
@@ -3,16 +3,17 @@
config,
pkgs,
...
-}:
-with lib; let
+}: let
inherit (lib.strings) hasPrefix removePrefix;
+ inherit (lib) mkOption mkOptionDefault mapAttrs stringAfter;
+ inherit (lib.types) submodule str attrsOf nullOr unspecified lazyAttrsOf;
plaintextPrefix = "<PLAINTEXT>";
plaintextNewlinePrefix = "<PLAINTEXT-NL>";
sysConfig = config;
secretPartType = secretName:
- types.submodule ({config, ...}: {
- options = with types; {
+ submodule ({config, ...}: {
+ options = {
raw = mkOption {
description = "Secret in fleet-specific undocumented format, do not use. Import from fleet.nix";
internal = true;
@@ -49,11 +50,11 @@
stablePath = mkOptionDefault "/run/secrets/${secretName}/${partName}";
};
});
- secretType = types.submodule ({config, ...}: let
+ secretType = submodule ({config, ...}: let
secretName = config._module.args.name;
in {
- freeformType = types.lazyAttrsOf (secretPartType secretName);
- options = with types; {
+ freeformType = lazyAttrsOf (secretPartType secretName);
+ options = {
shared = mkOption {
description = "Is this secret owned by this machine, or propagated from shared secrets";
default = false;
@@ -112,7 +113,7 @@
in {
options = {
secrets = mkOption {
- type = types.attrsOf secretType;
+ type = attrsOf secretType;
default = {};
description = "Host-local secrets";
};