summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Makefile2
-rw-r--r--krebs/3modules/build.nix7
-rw-r--r--lib/default.nix3
-rw-r--r--lib/eval-source.nix17
-rw-r--r--shell.nix6
-rw-r--r--tv/1systems/alnus/config.nix (renamed from tv/1systems/alnus.nix)8
-rw-r--r--tv/1systems/alnus/source.nix3
-rw-r--r--tv/1systems/caxi/config.nix (renamed from tv/1systems/caxi.nix)8
-rw-r--r--tv/1systems/caxi/source.nix3
-rw-r--r--tv/1systems/cd/config.nix (renamed from tv/1systems/cd.nix)10
-rw-r--r--tv/1systems/cd/source.nix3
-rw-r--r--tv/1systems/mu/config.nix (renamed from tv/1systems/mu.nix)10
-rw-r--r--tv/1systems/mu/source.nix3
-rw-r--r--tv/1systems/nomic/config.nix (renamed from tv/1systems/nomic.nix)20
-rw-r--r--tv/1systems/nomic/source.nix4
-rw-r--r--tv/1systems/test/source.nix3
-rw-r--r--tv/1systems/wu/config.nix (renamed from tv/1systems/wu.nix)22
-rw-r--r--tv/1systems/wu/source.nix4
-rw-r--r--tv/1systems/xu/config.nix (renamed from tv/1systems/xu.nix)24
-rw-r--r--tv/1systems/xu/source.nix4
-rw-r--r--tv/1systems/zu/config.nix (renamed from tv/1systems/zu.nix)20
-rw-r--r--tv/1systems/zu/source.nix4
-rw-r--r--tv/2configs/default.nix18
-rw-r--r--tv/source.nix22
24 files changed, 140 insertions, 88 deletions
diff --git a/Makefile b/Makefile
index cab53d52..e35aa89b 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ export STOCKHOLM_VERSION ?= $(shell \
system ?= $(HOSTNAME)
$(if $(system),,$(error unbound variable: system))
-nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix
+nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system)/config.nix
ifneq ($(words $(wildcard $(nixos-config))),1)
$(error bad nixos-config: $(nixos-config))
endif
diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix
index 976d378f..904deb16 100644
--- a/krebs/3modules/build.nix
+++ b/krebs/3modules/build.nix
@@ -14,16 +14,9 @@ with import <stockholm/lib>;
default = "/nix/var/nix/profiles/system";
};
- source = mkOption {
- type = types.attrsOf types.source;
- default = {};
- };
-
# TODO deprecate krebs.build.user
user = mkOption {
type = types.user;
};
};
-
- config.krebs.build.source.stockholm.file = mkDefault (toString <stockholm>);
}
diff --git a/lib/default.nix b/lib/default.nix
index 803a614a..4c54f60a 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -1,6 +1,9 @@
let
nixpkgs-lib = import <nixpkgs/lib>;
lib = with lib; nixpkgs-lib // builtins // {
+
+ evalSource = import ./eval-source.nix;
+
git = import ./git.nix { inherit lib; };
shell = import ./shell.nix { inherit lib; };
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
diff --git a/lib/eval-source.nix b/lib/eval-source.nix
new file mode 100644
index 00000000..de5f0b43
--- /dev/null
+++ b/lib/eval-source.nix
@@ -0,0 +1,17 @@
+with import <stockholm/lib>;
+let
+ eval = _file: source: evalModules {
+ modules = singleton {
+ inherit _file;
+ options.source = mkOption {
+ type = types.attrsOf types.source;
+ default = {};
+ };
+ config = {
+ inherit source;
+ };
+ };
+ };
+in
+ # This function's return value can be used as pkgs.populate input.
+ _file: source: (eval _file source).config.source
diff --git a/shell.nix b/shell.nix
index e0c60e33..57957f82 100644
--- a/shell.nix
+++ b/shell.nix
@@ -43,9 +43,11 @@ let
'';
init.env = pkgs.writeText "init.env" /* sh */ ''
- config=''${config-$LOGNAME/1systems/$system.nix}
+ config=''${config-$LOGNAME/1systems/$system/config.nix}
+ source=''${source-$LOGNAME/1systems/$system/source.nix}
export config
+ export source
export system
export target
@@ -92,7 +94,7 @@ let
--show-trace \
--strict \
-I nixos-config="$config" \
- -E 'with import <stockholm>; config.krebs.build.source')
+ "$source")
echo $_source |
${pkgs.populate}/bin/populate \
"$target_user@$target_host:$target_port$target_path" \
diff --git a/tv/1systems/alnus.nix b/tv/1systems/alnus/config.nix
index ef2a0500..d08a2901 100644
--- a/tv/1systems/alnus.nix
+++ b/tv/1systems/alnus/config.nix
@@ -4,10 +4,10 @@ with import <stockholm/lib>;
{
imports = [
- ../.
- ../2configs/hw/x220.nix
- ../2configs/exim-retiolum.nix
- ../2configs/retiolum.nix
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/x220.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/retiolum.nix>
];
# TODO remove non-hardware stuff from ../2configs/hw/x220.nix
diff --git a/tv/1systems/alnus/source.nix b/tv/1systems/alnus/source.nix
new file mode 100644
index 00000000..f9dcefee
--- /dev/null
+++ b/tv/1systems/alnus/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/tv/source.nix> {
+ name = "alnus";
+}
diff --git a/tv/1systems/caxi.nix b/tv/1systems/caxi/config.nix
index 59f3cd63..b136d1ad 100644
--- a/tv/1systems/caxi.nix
+++ b/tv/1systems/caxi/config.nix
@@ -6,10 +6,10 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.caxi;
imports = [
- ../.
- ../2configs/hw/CAC-Developer-1.nix
- ../2configs/fs/CAC-CentOS-7-64bit.nix
- ../2configs/retiolum.nix
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/CAC-Developer-1.nix>
+ <stockholm/tv/2configs/fs/CAC-CentOS-7-64bit.nix>
+ <stockholm/tv/2configs/retiolum.nix>
];
networking = let
diff --git a/tv/1systems/caxi/source.nix b/tv/1systems/caxi/source.nix
new file mode 100644
index 00000000..bc875b76
--- /dev/null
+++ b/tv/1systems/caxi/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/tv/source.nix> {
+ name = "caxi";
+}
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd/config.nix
index 9f2cec57..f78bcafe 100644
--- a/tv/1systems/cd.nix
+++ b/tv/1systems/cd/config.nix
@@ -6,11 +6,11 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.cd;
imports = [
- ../.
- ../2configs/hw/CAC-Developer-2.nix
- ../2configs/fs/CAC-CentOS-7-64bit.nix
- ../2configs/exim-smarthost.nix
- ../2configs/retiolum.nix
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/CAC-Developer-2.nix>
+ <stockholm/tv/2configs/fs/CAC-CentOS-7-64bit.nix>
+ <stockholm/tv/2configs/exim-smarthost.nix>
+ <stockholm/tv/2configs/retiolum.nix>
];
networking = {
diff --git a/tv/1systems/cd/source.nix b/tv/1systems/cd/source.nix
new file mode 100644
index 00000000..019e8bc2
--- /dev/null
+++ b/tv/1systems/cd/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/tv/source.nix> {
+ name = "cd";
+}
diff --git a/tv/1systems/mu.nix b/tv/1systems/mu/config.nix
index 3f3b2c2f..239f333b 100644
--- a/tv/1systems/mu.nix
+++ b/tv/1systems/mu/config.nix
@@ -4,11 +4,11 @@ with import <stockholm/lib>;
{
imports = [
- ../../krebs
- ../2configs
- ../3modules
- ../2configs/exim-retiolum.nix
- ../2configs/retiolum.nix
+ <stockholm/krebs>
+ <stockholm/tv/2configs>
+ <stockholm/tv/3modules>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/retiolum.nix>
];
krebs.build.host = config.krebs.hosts.mu;
diff --git a/tv/1systems/mu/source.nix b/tv/1systems/mu/source.nix
new file mode 100644
index 00000000..7e148cf3
--- /dev/null
+++ b/tv/1systems/mu/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/tv/source.nix> {
+ name = "mu";
+}
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic/config.nix
index 9b950225..d0144986 100644
--- a/tv/1systems/nomic.nix
+++ b/tv/1systems/nomic/config.nix
@@ -6,16 +6,16 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.nomic;
imports = [
- ../.
- ../2configs/hw/x220.nix
- ../2configs/exim-retiolum.nix
- ../2configs/gitrepos.nix
- ../2configs/im.nix
- ../2configs/mail-client.nix
- ../2configs/nginx/public_html.nix
- ../2configs/pulse.nix
- ../2configs/retiolum.nix
- ../2configs/xserver
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/x220.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/gitrepos.nix>
+ <stockholm/tv/2configs/im.nix>
+ <stockholm/tv/2configs/mail-client.nix>
+ <stockholm/tv/2configs/nginx/public_html.nix>
+ <stockholm/tv/2configs/pulse.nix>
+ <stockholm/tv/2configs/retiolum.nix>
+ <stockholm/tv/2configs/xserver>
];
boot.initrd.luks = {
diff --git a/tv/1systems/nomic/source.nix b/tv/1systems/nomic/source.nix
new file mode 100644
index 00000000..f173b65a
--- /dev/null
+++ b/tv/1systems/nomic/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/tv/source.nix> {
+ name = "nomic";
+ secure = true;
+}
diff --git a/tv/1systems/test/source.nix b/tv/1systems/test/source.nix
new file mode 100644
index 00000000..f756b858
--- /dev/null
+++ b/tv/1systems/test/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/tv/source.nix> {
+ name = "test";
+}
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu/config.nix
index 4b3bf853..5b2542ac 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu/config.nix
@@ -6,17 +6,17 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.wu;
imports = [
- ../.
- ../2configs/hw/w110er.nix
- ../2configs/exim-retiolum.nix
- ../2configs/gitrepos.nix
- ../2configs/im.nix
- ../2configs/mail-client.nix
- ../2configs/man.nix
- ../2configs/nginx/public_html.nix
- ../2configs/pulse.nix
- ../2configs/retiolum.nix
- ../2configs/xserver
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/w110er.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/gitrepos.nix>
+ <stockholm/tv/2configs/im.nix>
+ <stockholm/tv/2configs/mail-client.nix>
+ <stockholm/tv/2configs/man.nix>
+ <stockholm/tv/2configs/nginx/public_html.nix>
+ <stockholm/tv/2configs/pulse.nix>
+ <stockholm/tv/2configs/retiolum.nix>
+ <stockholm/tv/2configs/xserver>
{
environment.systemPackages = with pkgs; [
# root
diff --git a/tv/1systems/wu/source.nix b/tv/1systems/wu/source.nix
new file mode 100644
index 00000000..2e9cdeb8
--- /dev/null
+++ b/tv/1systems/wu/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/tv/source.nix> {
+ name = "wu";
+ secure = true;
+}
diff --git a/tv/1systems/xu.nix b/tv/1systems/xu/config.nix
index d82f45ac..2bffdddb 100644
--- a/tv/1systems/xu.nix
+++ b/tv/1systems/xu/config.nix
@@ -6,18 +6,18 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.xu;
imports = [
- ../.
- ../2configs/hw/x220.nix
- ../2configs/exim-retiolum.nix
- ../2configs/gitconfig.nix
- ../2configs/gitrepos.nix
- ../2configs/mail-client.nix
- ../2configs/man.nix
- ../2configs/nginx/public_html.nix
- ../2configs/pulse.nix
- ../2configs/retiolum.nix
- ../2configs/binary-cache
- ../2configs/xserver
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/x220.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/gitconfig.nix>
+ <stockholm/tv/2configs/gitrepos.nix>
+ <stockholm/tv/2configs/mail-client.nix>
+ <stockholm/tv/2configs/man.nix>
+ <stockholm/tv/2configs/nginx/public_html.nix>
+ <stockholm/tv/2configs/pulse.nix>
+ <stockholm/tv/2configs/retiolum.nix>
+ <stockholm/tv/2configs/binary-cache>
+ <stockholm/tv/2configs/xserver>
{
environment.systemPackages = with pkgs; [
diff --git a/tv/1systems/xu/source.nix b/tv/1systems/xu/source.nix
new file mode 100644
index 00000000..46e1aee9
--- /dev/null
+++ b/tv/1systems/xu/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/tv/source.nix> {
+ name = "xu";
+ secure = true;
+}
diff --git a/tv/1systems/zu.nix b/tv/1systems/zu/config.nix
index 4fae3ca7..d2aab8c5 100644
--- a/tv/1systems/zu.nix
+++ b/tv/1systems/zu/config.nix
@@ -12,16 +12,16 @@ with import <stockholm/lib>;
default = {};
};
}
- ../.
- ../2configs/hw/x220.nix
- ../2configs/exim-retiolum.nix
- ../2configs/gitrepos.nix
- ../2configs/mail-client.nix
- ../2configs/man.nix
- ../2configs/nginx/public_html.nix
- ../2configs/pulse.nix
- ../2configs/retiolum.nix
- ../2configs/xserver
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/x220.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/gitrepos.nix>
+ <stockholm/tv/2configs/mail-client.nix>
+ <stockholm/tv/2configs/man.nix>
+ <stockholm/tv/2configs/nginx/public_html.nix>
+ <stockholm/tv/2configs/pulse.nix>
+ <stockholm/tv/2configs/retiolum.nix>
+ <stockholm/tv/2configs/xserver>
{
environment.systemPackages = with pkgs; [
diff --git a/tv/1systems/zu/source.nix b/tv/1systems/zu/source.nix
new file mode 100644
index 00000000..7a5c4f52
--- /dev/null
+++ b/tv/1systems/zu/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/tv/source.nix> {
+ name = "zu";
+ secure = true;
+}
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 3d95d6de..07496fd1 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -6,23 +6,7 @@ with import <stockholm/lib>;
in {
krebs.enable = true;
- krebs.build = {
- user = config.krebs.users.tv;
- source = let inherit (config.krebs.build) host; in {
- nixos-config.symlink = "stockholm/tv/1systems/${host.name}.nix";
- secrets.file = getAttr builder {
- buildbot = toString <stockholm/tv/dummy_secrets>;
- tv = "/home/tv/secrets/${host.name}";
- };
- secrets-common.file = "/home/tv/secrets/common";
- nixpkgs.git = {
- url = https://github.com/NixOS/nixpkgs;
- ref = "057f89b9344e5341796046f25ae4f269be6d4529"; # nixos-17.03
- };
- } // optionalAttrs host.secure {
- secrets-master.file = "/home/tv/secrets/master";
- };
- };
+ krebs.build.user = config.krebs.users.tv;
networking.hostName = config.krebs.build.host.name;
diff --git a/tv/source.nix b/tv/source.nix
new file mode 100644
index 00000000..7306cd95
--- /dev/null
+++ b/tv/source.nix
@@ -0,0 +1,22 @@
+with import <stockholm/lib>;
+host@{ name, secure ? false }: let
+ builder = if getEnv "dummy_secrets" == "true"
+ then "buildbot"
+ else "tv";
+ _file = <stockholm> + "/tv/1systems/${name}/source.nix";
+in
+ evalSource (toString _file) {
+ nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
+ secrets.file = getAttr builder {
+ buildbot = toString <stockholm/tv/dummy_secrets>;
+ tv = "/home/tv/secrets/${name}";
+ };
+ stockholm.file = toString <stockholm>;
+ secrets-common.file = "/home/tv/secrets/common";
+ nixpkgs.git = {
+ url = https://github.com/NixOS/nixpkgs;
+ ref = "1b57bf274ae5c76e91b2b264d8aa8bfcecb72102"; # nixos-17.03
+ };
+ } // optionalAttrs secure {
+ secrets-master.file = "/home/tv/secrets/master";
+ }