James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Flake parts with x64 and ARM support for devshell on both Linux and Mac

Browse Source
This commit is contained in:
James Eversole 2023-07-01 18:30:30 -05:00
parent baf8223799
commit cfe907101d
20 changed files with 137 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
flake.lock generated
View File

@ -75,11 +75,48 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1685564631,
"narHash": "sha256-8ywr3AkblY4++3lIVxmrWZFzac7+f32ZEhH/A8pNscI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4f53efe34b3a8877ac923b9350c874e3dcd5dc0a",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1687762428,
"narHash": "sha256-DIf7mi45PKo+s8dOYF+UlXHzE0Wl/+k3tXUyAoAnoGE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "37dd7bb15791c86d55c5121740a1887ab55ee836",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"nix-serve-ng": "nix-serve-ng", "nix-serve-ng": "nix-serve-ng",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"parts": "parts"
} }
}, },
"utils": { "utils": {

107
flake.nix
View File

@ -3,7 +3,6 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-23.05"; nixpkgs.url = "nixpkgs/nixos-23.05";
agenix = { agenix = {
url = "github:ryantm/agenix"; url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -14,57 +13,67 @@
url = github:aristanetworks/nix-serve-ng; url = github:aristanetworks/nix-serve-ng;
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
parts.url = "github:hercules-ci/flake-parts";
}; };
outputs = { self, nixpkgs, agenix, nix-serve-ng, ... }@attrs: outputs = { self, agenix, nix-serve-ng, nixpkgs, parts, ... }@inputs:
let parts.lib.mkFlake { inherit inputs; } {
forEachSystem = nixpkgs.lib.genAttrs systems; systems =
pkgs = import nixpkgs { inherit system; }; [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];
shell = import ./shell.nix { inherit agenix pkgs; };
system = "x86_64-linux";
systems = [ system ];
in
{
devShell.x86_64-linux = shell.dev;
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
packages = shell.packages; perSystem = { config, self', inputs', pkgs, system, ... }:
let
nixosConfigurations = { shell = import ./nix/shell.nix { inherit inputs' agenix pkgs; };
eve-psr-nix0 = nixpkgs.lib.nixosSystem { in
inherit system; {
specialArgs = attrs; devShells.default = shell.dev;
modules = [ formatter = pkgs.nixpkgs-fmt;
({ modulesPath, ... }: { };
imports = [ flake =
agenix.nixosModules.default let
nix-serve-ng.nixosModules.default pkgs = import nixpkgs { inherit system; };
system = "x86_64-linux";
./application/containers.nix in
./application/nginx.nix {
inherit system;
./monitoring/nginx.nix
./monitoring/grafana.nix nixosConfigurations = {
./monitoring/prometheus.nix eve-psr-nix0 = nixpkgs.lib.nixosSystem {
./monitoring/loki.nix inherit system;
./monitoring/promtail.nix specialArgs = inputs;
modules = [
./system/age.nix ({ modulesPath, ... }: {
./system/dns.nix
./system/hardware.nix imports = [
./system/nix-conf.nix agenix.nixosModules.default
./system/security.nix nix-serve-ng.nixosModules.default
./system/system.nix
./system/virtualisation.nix ./nix/application/containers.nix
./nix/application/nginx.nix
./user/users.nix
]; ./nix/monitoring/nginx.nix
./nix/monitoring/grafana.nix
system.stateVersion = "22.11"; ./nix/monitoring/prometheus.nix
}) ./nix/monitoring/loki.nix
]; ./nix/monitoring/promtail.nix
./nix/system/age.nix
./nix/system/dns.nix
./nix/system/hardware.nix
./nix/system/nix-conf.nix
./nix/system/security.nix
./nix/system/system.nix
./nix/system/virtualisation.nix
./nix/user/users.nix
];
system.stateVersion = "22.11";
})
];
};
};
}; };
};
}; };
} }

0
application/containers.nix → nix/application/containers.nix
View File

0
application/nginx.nix → nix/application/nginx.nix
View File

0
monitoring/grafana.nix → nix/monitoring/grafana.nix
View File

0
monitoring/loki.nix → nix/monitoring/loki.nix
View File

0
monitoring/nginx.nix → nix/monitoring/nginx.nix
View File

0
monitoring/prometheus.nix → nix/monitoring/prometheus.nix
View File

0
monitoring/promtail.nix → nix/monitoring/promtail.nix
View File

22
nix/shell.nix Normal file
View File

@ -0,0 +1,22 @@
{ agenix, inputs', pkgs, ... }: rec {
dev = pkgs.mkShell {
buildInputs = [
inputs'.agenix.packages.default
(pkgs.nixos { }).nixos-rebuild
pkgs.terraform
packages.deploy
packages.format
];
shellHook = ''
'';
};
packages = {
deploy = pkgs.writeShellScriptBin "deploy" ''
nixos-rebuild switch --target-host root@192.168.0.130 --build-host root@192.168.0.130 --flake .#eve-psr-nix0 ;
'';
format = pkgs.writeShellScriptBin "format" ''
find . -type f -name "*.nix" -exec sh -c 'echo "Formatting: $1"; nix fmt $1' _ {} \;
'';
};
}

19
nix/system/age.nix Normal file
View File

@ -0,0 +1,19 @@
{ ... }: {
age = {
secrets = {
cache-key.file = ../../secrets/cache-key.age;
gitlab-runner.file = ../../secrets/gitlab-runner.age;
graf-email = {
file = ../../secrets/graf-email.age;
mode = "770";
owner = "grafana";
group = "grafana";
};
htpasswd-dock.file = ../../secrets/htpasswd-dock.age;
keys.file = ../../secrets/keys.age;
sezycei.file = ../../secrets/sezycei.age;
transmission-env.file = ../../secrets/transmission-env.age;
};
identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
}

0
system/dns.nix → nix/system/dns.nix
View File

0
system/hardware.nix → nix/system/hardware.nix
View File

0
system/nix-conf.nix → nix/system/nix-conf.nix
View File

0
system/security.nix → nix/system/security.nix
View File

0
system/system.nix → nix/system/system.nix
View File

0
system/virtualisation.nix → nix/system/virtualisation.nix
View File

0
user/users.nix → nix/user/users.nix
View File

27
shell.nix
View File

@ -1,27 +0,0 @@
{ agenix, pkgs, ... }: rec {
dev = pkgs.mkShell {
buildInputs = [
agenix.packages.x86_64-linux.default
(pkgs.nixos { }).nixos-rebuild
pkgs.terraform
packages.x86_64-linux.deploy
packages.x86_64-linux.format
];
shellHook = ''
'';
};
packages = {
x86_64-linux = {
deploy = pkgs.writeShellScriptBin "deploy" ''
nixos-rebuild switch --target-host root@192.168.0.130 --build-host root@192.168.0.130 --flake .#eve-psr-nix0 ;
'';
format = pkgs.writeShellScriptBin "format" ''
nix fmt ./*.nix;
for i in */; do
nix fmt $i/*.nix;
done;
'';
};
};
}

19
system/age.nix
View File

@ -1,19 +0,0 @@
{ ... }: {
age = {
secrets = {
cache-key.file = ../secrets/cache-key.age;
gitlab-runner.file = ../secrets/gitlab-runner.age;
graf-email = {
file = ../secrets/graf-email.age;
mode = "770";
owner = "grafana";
group = "grafana";
};
htpasswd-dock.file = ../secrets/htpasswd-dock.age;
keys.file = ../secrets/keys.age;
sezycei.file = ../secrets/sezycei.age;
transmission-env.file = ../secrets/transmission-env.age;
};
identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
}