diff options
| -rw-r--r-- | .env.template | 8 | ||||
| -rw-r--r-- | .envrc | 5 | ||||
| -rw-r--r-- | .known_hosts | 1 | ||||
| -rw-r--r-- | ci.nix | 32 | ||||
| -rw-r--r-- | ext/openwrt.nix | 58 | ||||
| -rw-r--r-- | flake.nix | 95 | ||||
| -rw-r--r-- | lib/ci.nix | 6 | ||||
| -rw-r--r-- | pre-commit.nix | 15 | ||||
| -rw-r--r-- | shell.nix | 33 | ||||
| -rw-r--r-- | treefmt.nix | 19 |
10 files changed, 154 insertions, 118 deletions
diff --git a/.env.template b/.env.template index 712fa63..e66273f 100644 --- a/.env.template +++ b/.env.template @@ -1,5 +1,13 @@ +# shellcheck shell=sh +# shellcheck disable=SC2034 +# +# these are used with terranix +# + # cloudflare CLOUDFLARE_API_TOKEN= +CLOUDFLARE_ZONE_ID= +CLOUDFLARE_ACCOUNT_ID= # tailscale OAUTH_CLIENT_ID= @@ -1,3 +1,4 @@ -use flake -watch_file repo/shell.nix +if has nix_direnv_version; then + use flake +fi dotenv_if_exists diff --git a/.known_hosts b/.known_hosts deleted file mode 100644 index ab29aeb..0000000 --- a/.known_hosts +++ /dev/null @@ -1 +0,0 @@ -atlas ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7YiSYYx/+zmVOPSCERHzSsMeUQtA+Vt1W0sLUw4YhK @@ -0,0 +1,32 @@ +{self, ...}: { + perSystem = { + lib, + pkgs, + system, + self', + ... + }: { + packages.ciGate = let + toTopLevel = cfg: cfg.config.system.build.toplevel or cfg.activationPackage; + isCompatible = cfg: cfg.pkgs.system == system; + + configurations = + map + (type: + lib.mapAttrs (lib.const toTopLevel) + (lib.filterAttrs (lib.const isCompatible) self.${type})) + [ + "nixosConfigurations" + "darwinConfigurations" + "homeConfigurations" + ]; + + required = lib.concatMap lib.attrValues ( + lib.flatten [self'.checks self'.devShells configurations] + ); + in + pkgs.writeText "ci-gate" ( + lib.concatMapStringsSep "\n" toString required + ); + }; +} diff --git a/ext/openwrt.nix b/ext/openwrt.nix index 2d912dc..d0e8d08 100644 --- a/ext/openwrt.nix +++ b/ext/openwrt.nix @@ -1,32 +1,42 @@ -{withSystem, ...}: { +{withSystem, ...}: let + mkScript = script: + withSystem "x86_64-linux" ( + {pkgs, ...}: + pkgs.runCommand "image-files" {} script + ); + + setDefaults = opts: + mkScript '' + mkdir -p $out/etc/uci-defaults + + cat > $out/etc/uci-defaults/99-custom << EOF + uci -q batch << EOI + ${opts} + commit + EOI + EOF + ''; +in { openWrtImages = { turret = { release = "23.05.0"; profile = "netgear_wac104"; - files = withSystem "x86_64-linux" ({pkgs, ...}: - pkgs.runCommand "image-files" {} '' - mkdir -p $out/etc/uci-defaults - - cat > $out/etc/uci-defaults/99-custom << EOF - uci -q batch << EOI - set system.@system[0].hostname="turret" - del_list network.@device[0].ports="lan4" - set network.wan="interface" - set network.wan.device="lan4" - set network.wan.proto="dhcp" - set wireless.default_radio0.ssid="Box-2.4G" - set wireless.default_radio0.encryption="psk2" - set wireless.default_radio0.key="CorrectHorseBatteryStaple" - set wireless.default_radio1.ssid="Box-5G" - set wireless.default_radio1.encryption="psk2" - set wireless.default_radio1.key="CorrectHorseBatteryStaple" - add_list dhcp.@dnsmasq[0].server="1.1.1.1" - add_list dhcp.@dnsmasq[0].server="1.0.0.1" - commit - EOI - EOF - ''); + files = setDefaults '' + set system.@system[0].hostname="turret" + del_list network.@device[0].ports="lan4" + set network.wan="interface" + set network.wan.device="lan4" + set network.wan.proto="dhcp" + set wireless.default_radio0.ssid="Box-2.4G" + set wireless.default_radio0.encryption="psk2" + set wireless.default_radio0.key="CorrectHorseBatteryStaple" + set wireless.default_radio1.ssid="Box-5G" + set wireless.default_radio1.encryption="psk2" + set wireless.default_radio1.key="CorrectHorseBatteryStaple" + add_list dhcp.@dnsmasq[0].server="1.1.1.1" + add_list dhcp.@dnsmasq[0].server="1.0.0.1" + ''; }; }; } @@ -9,15 +9,22 @@ outputs = inputs: let flakeModules = import ./modules/flake; in - inputs.flake-parts.lib.mkFlake {inherit inputs;} ({self, ...}: { + inputs.flake-parts.lib.mkFlake {inherit inputs;} { imports = [ + # primary outputs ./lib ./modules ./overlay ./systems ./users - ./ext # nix expressions for *external*, not so nix-y things + # some tools to help me out + ./pre-commit.nix + ./shell.nix + ./treefmt.nix + + ./ext # expressions for *external*, not so nix-y things + ./ci.nix # how i make sure my systems wont implode before i update inputs.pre-commit.flakeModule inputs.treefmt-nix.flakeModule @@ -34,89 +41,7 @@ "x86_64-darwin" "aarch64-darwin" ]; - - perSystem = { - config, - lib, - pkgs, - system, - inputs', - self', - ... - }: { - treefmt = { - projectRootFile = "flake.nix"; - - programs = { - alejandra.enable = true; - deadnix.enable = true; - prettier.enable = true; - }; - - settings.global = { - excludes = [ - "./flake.lock" - ]; - }; - }; - - pre-commit.settings.hooks = { - actionlint.enable = true; - - treefmt = { - enable = true; - package = config.treefmt.build.wrapper; - }; - - nil.enable = true; - statix.enable = true; - }; - - devShells.default = pkgs.mkShellNoCC { - shellHook = config.pre-commit.installationScript; - packages = with pkgs; - [ - nix - - # format + lint - actionlint - self'.formatter - deadnix - nil - statix - - # utils - deploy-rs - fzf - just - config.terranix.package - ] - ++ lib.optional stdenv.isDarwin [inputs'.darwin.packages.darwin-rebuild] - ++ lib.optionals stdenv.isLinux [nixos-rebuild inputs'.agenix.packages.agenix]; - }; - - packages.ciGate = let - ci = self.lib.ci [system]; - - configurations = map (type: ci.mapCfgsToDerivs (ci.getCompatibleCfgs self.${type})) [ - "nixosConfigurations" - "darwinConfigurations" - "homeConfigurations" - ]; - - required = lib.concatMap lib.attrValues ( - [ - self'.checks - self'.devShells - ] - ++ configurations - ); - in - pkgs.writeText "ci-gate" ( - lib.concatMapStringsSep "\n" toString required - ); - }; - }); + }; inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; diff --git a/lib/ci.nix b/lib/ci.nix deleted file mode 100644 index 7a01e39..0000000 --- a/lib/ci.nix +++ /dev/null @@ -1,6 +0,0 @@ -{lib, ...}: ciSystems: { - getOutputs = lib.getAttrs ciSystems; - - mapCfgsToDerivs = lib.mapAttrs (_: cfg: cfg.activationPackage or cfg.config.system.build.toplevel); - getCompatibleCfgs = lib.filterAttrs (_: cfg: lib.elem cfg.pkgs.system ciSystems); -} diff --git a/pre-commit.nix b/pre-commit.nix new file mode 100644 index 0000000..b70ceba --- /dev/null +++ b/pre-commit.nix @@ -0,0 +1,15 @@ +{ + perSystem = {config, ...}: { + pre-commit.settings.hooks = { + actionlint.enable = true; + + treefmt = { + enable = true; + package = config.treefmt.build.wrapper; + }; + + nil.enable = true; + statix.enable = true; + }; + }; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..942a9fc --- /dev/null +++ b/shell.nix @@ -0,0 +1,33 @@ +{ + perSystem = { + config, + lib, + pkgs, + inputs', + self', + ... + }: { + devShells.default = pkgs.mkShellNoCC { + shellHook = config.pre-commit.installationScript; + packages = + [ + pkgs.nix + + # format + lint + pkgs.actionlint + self'.formatter + pkgs.deadnix + pkgs.nil + pkgs.statix + + # utils + pkgs.deploy-rs + pkgs.fzf + pkgs.just + config.terranix.package + ] + ++ lib.optional pkgs.stdenv.isDarwin [inputs'.darwin.packages.darwin-rebuild] + ++ lib.optionals pkgs.stdenv.isLinux [pkgs.nixos-rebuild inputs'.agenix.packages.agenix]; + }; + }; +} diff --git a/treefmt.nix b/treefmt.nix new file mode 100644 index 0000000..d26409e --- /dev/null +++ b/treefmt.nix @@ -0,0 +1,19 @@ +{ + perSystem = { + treefmt = { + projectRootFile = "flake.nix"; + + programs = { + alejandra.enable = true; + deadnix.enable = true; + prettier.enable = true; + }; + + settings.global = { + excludes = [ + "./flake.lock" + ]; + }; + }; + }; +} |