Compare commits

...

13 commits

17 changed files with 6811 additions and 339 deletions

2
.envrc Normal file
View file

@ -0,0 +1,2 @@
use flake
watch_file flake.nix

1
.gitignore vendored
View file

@ -1,6 +1,5 @@
*.swp *.swp
.direnv .direnv
.envrc
Deployments/syncserver.nix Deployments/syncserver.nix
examples examples
result result

View file

@ -1,23 +0,0 @@
{
sources ? import ./nix/sources.nix,
system ? builtins.currentSystem,
crossSystem ? null,
config ? {},
alejandraUnstable ? (import sources.nixpkgsUnstable {}).alejandra,
cardanoNodeProject ? import sources.cardano-node {},
} @ args:
with import ./nix args; {
shell = mkShell {
inherit (import sources.niv {}) niv;
buildInputs = [
alejandraUnstable # The Uncompromising Nix Code Formatter
cardanoNodeProject.cardano-cli # required for KES key rotation
niv
nixops_unstable_minimal # work around for issue #127423
tea # Gitea official CLI client
treefmt # one CLI to format the code tree
];
NIX_PATH = "nixpkgs=${sources.nixpkgs}";
NIXOPS_DEPLOYMENT = "${globals.deploymentName}";
};
}

6711
flake.lock Normal file

File diff suppressed because it is too large Load diff

15
flake.nix Normal file
View file

@ -0,0 +1,15 @@
{
description = "mio-ops deployment";
inputs = {
cardano-node.url = "github:input-output-hk/cardano-node/?ref=1.35.7";
daedalus.url = "github:input-output-hk/daedalus/?ref=5.2.0";
iohkNix.url = "github:input-output-hk/iohk-nix/?ref=df1da282f996ec46b33379407df99613a1fbafdd";
nix.url = "github:NixOS/nix/?ref=2.24.3";
nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-24.05;
nixpkgsUnstable.url = github:NixOS/nixpkgs/?ref=nixos-unstable;
utils.url = "github:numtide/flake-utils";
};
outputs = {...} @ args: import ./outputs.nix args;
}

View file

@ -1 +0,0 @@
{}

View file

@ -1,11 +0,0 @@
self: super: {
globals =
import ./globals-defaults.nix
// rec {
deploymentName = "mio-ops";
domain = "mcwhirter.io";
environment = "${deploymentName}";
};
}

View file

@ -1,107 +0,0 @@
{
"cardano-node": {
"branch": "refs/tags/1.35.7",
"description": "The core component that is used to participate in a Cardano decentralised blockchain.",
"homepage": "https://cardano.org",
"owner": "input-output-hk",
"repo": "cardano-node",
"rev": "f0b4ac897dcbefba9fa0d247b204a24543cf55f6",
"sha256": "0s2jkj4mwl03hxg4ff9kyw41s32xbf31rnhag2m1qrglgsh8wzw9",
"type": "tarball",
"url": "https://github.com/input-output-hk/cardano-node/archive/f0b4ac897dcbefba9fa0d247b204a24543cf55f6.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"daedalus": {
"branch": "release/5.2.0",
"description": "The open source cryptocurrency wallet for ada, built to grow with the community",
"homepage": "https://daedaluswallet.io/",
"owner": "input-output-hk",
"repo": "daedalus",
"rev": "2990f5a44189097b3de2e7e7a19caa8062a8ae7b",
"sha256": "1w2w7qfashbqimcywzvhh0z5jrlfaja04sgi6p5hp08adwad6r92",
"type": "tarball",
"url": "https://github.com/input-output-hk/daedalus/archive/2990f5a44189097b3de2e7e7a19caa8062a8ae7b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"iohk-nix": {
"branch": "master",
"description": "nix scripts shared across projects",
"homepage": null,
"owner": "input-output-hk",
"repo": "iohk-nix",
"rev": "df1da282f996ec46b33379407df99613a1fbafdd",
"sha256": "0vpcyrswxkynn2q37qsrhvf62whk2ijpcwqnamxcchcq6lwfpn0l",
"type": "tarball",
"url": "https://github.com/input-output-hk/iohk-nix/archive/df1da282f996ec46b33379407df99613a1fbafdd.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"mcwhirter-io": {
"branch": "nixos-23.11",
"rev": "2ca0244e2ff130ca851bb2487b03b606b701286a",
"sha256": "1alh4z2qpnh1wv3mclnmh8f3cqnks4h6hcrq1kwl5xz4xs2pc1ss",
"type": "tarball",
"url": "https://reciproka.dev/sercanto/mcwhirter.io/archive/2ca0244e2ff130ca851bb2487b03b606b701286a.tar.gz",
"url_template": "https://reciproka.dev/sercanto/mcwhirter.io/archive/<rev>.tar.gz"
},
"niv": {
"branch": "master",
"description": "Easy dependency management for Nix projects",
"homepage": "https://github.com/nmattia/niv",
"owner": "nmattia",
"repo": "niv",
"rev": "82e5cd1ad3c387863f0545d7591512e76ab0fc41",
"sha256": "090l219mzc0gi33i3psgph6s2pwsc8qy4lyrqjdj4qzkvmaj65a7",
"type": "tarball",
"url": "https://github.com/nmattia/niv/archive/82e5cd1ad3c387863f0545d7591512e76ab0fc41.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixos-23.05": {
"branch": "nixos-23.05",
"description": "Nix Packages collection & NixOS",
"homepage": "",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"sha256": "05cbl1k193c9la9xhlz4y6y8ijpb2mkaqrab30zij6z4kqgclsrd",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/70bdadeb94ffc8806c0570eb5c2695ad29f0e421.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixos2111": {
"branch": "nixos-21.11",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "63198c9ccefdbd337cef0d85db0ea2689f4ce418",
"sha256": "05gc6xyv8a2dppngm1q44j85j769lr90lg20s6jv62gfg344i50r",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/63198c9ccefdbd337cef0d85db0ea2689f4ce418.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs": {
"branch": "nixos-24.05",
"builtin": false,
"description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",
"homepage": "https://github.com/NixOS/nixpkgs",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
"sha256": "1n3dm76ip39zgw75jjn8ak9yp25m02ya1mzzg3764yfqq4jz18mj",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/c3d4ac725177c030b1e289015989da2ad9d56af0.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgsUnstable": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d04953086551086b44b6f3c6b7eeb26294f207da",
"sha256": "12inzywn6w6ikfjicbzka0v9xd6gvsx4cr6mlc3jslm5ypvqdk44",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/d04953086551086b44b6f3c6b7eeb26294f207da.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

View file

@ -1,141 +0,0 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: spec:
if spec.builtin or true
then builtins_fetchurl {inherit (spec) url sha256;}
else pkgs.fetchurl {inherit (spec) url sha256;};
fetch_tarball = pkgs: spec:
if spec.builtin or true
then builtins_fetchTarball {inherit (spec) url sha256;}
else pkgs.fetchzip {inherit (spec) url sha256;};
fetch_git = spec:
builtins.fetchGit {
url = spec.repo;
inherit (spec) rev ref;
};
fetch_builtin-tarball = spec:
builtins.trace ''
WARNING:
The niv type "builtin-tarball" will soon be deprecated. You should
instead use `builtin = true`.
$ niv modify <package> -a type=tarball -a builtin=true
''
builtins_fetchTarball {inherit (spec) url sha256;};
fetch_builtin-url = spec:
builtins.trace ''
WARNING:
The niv type "builtin-url" will soon be deprecated. You should
instead use `builtin = true`.
$ niv modify <package> -a type=file -a builtin=true
'' (builtins_fetchurl {inherit (spec) url sha256;});
#
# Various helpers
#
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: let
sourcesNixpkgs =
import (builtins_fetchTarball {inherit (sources.nixpkgs) url sha256;})
{};
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && !hasThisAsNixpkgsPath
then import <nixpkgs> {}
else
abort ''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if !builtins.hasAttr "type" spec
then abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file"
then fetch_file pkgs spec
else if spec.type == "tarball"
then fetch_tarball pkgs spec
else if spec.type == "git"
then fetch_git spec
else if spec.type == "builtin-tarball"
then fetch_builtin-tarball spec
else if spec.type == "builtin-url"
then fetch_builtin-url spec
else
abort
"ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs =
builtins.mapAttrs
or (f: set:
with builtins;
listToAttrs (map (attr: {
name = attr;
value = f attr set.${attr};
}) (attrNames set)));
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = {
url,
sha256,
} @ attrs: let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12"
then fetchTarball {inherit url;}
else fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = {
url,
sha256,
} @ attrs: let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12"
then fetchurl {inherit url;}
else fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs (name: spec:
if builtins.hasAttr "outPath" spec
then
abort
"The values in sources.json should not have an 'outPath' attribute"
else spec // {outPath = fetch config.pkgs name spec;})
config.sources;
# The "config" used by the fetchers
mkConfig = {
sourcesFile ? ./sources.json,
sources ? builtins.fromJSON (builtins.readFile sourcesFile),
pkgs ? mkPkgs sources,
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig {})
// {
__functor = _: settings: mkSources (mkConfig settings);
}

View file

@ -1,34 +0,0 @@
# NixOps configuration for the mio-ops nodes
{
network = {
description = "mio-ops nodes";
enableRollback = true;
};
network.storage.legacy = {databasefile = "~/.nixops/deployments.nixops";};
defaults = {
config,
pkgs,
lib,
...
}: {
system.autoUpgrade.enable = false; # Disabled as it conflicts with NixOps
};
airgead = import hosts/airgead.nix;
brighde = import hosts/brighde.nix;
ceilidh = import hosts/ceilidh.nix;
cuallaidh = import hosts/cuallaidh.nix;
dhu = import hosts/dhu.nix;
dionach = import hosts/dionach.nix;
iolear-beag = import hosts/iolear-beag.nix;
doilidh = import hosts/doilidh.nix;
eamhair = import hosts/eamhair.nix;
ceitidh = import hosts/ceitidh.nix;
paidh-uachdar = import hosts/paidh-uachdar.nix;
sanganto = import hosts/sanganto.nix;
sercanto = import hosts/sercanto.nix;
sithlainnir = import hosts/sithlainnir.nix;
teintidh = import hosts/teintidh.nix;
}

48
outputs.nix Normal file
View file

@ -0,0 +1,48 @@
{
self,
daedalus,
nix,
nixpkgs,
nixpkgsUnstable,
utils,
...
} @ inputs:
(utils.lib.eachDefaultSystem (system: let
deploymentName = "mio-ops";
pkgs = nixpkgs.legacyPackages."${system}";
nix_path = "nixpkgs=${nixpkgs}";
in {
devShell =
pkgs.callPackage
./shell.nix {
inherit (nix.packages."${pkgs.system}") nix;
inherit deploymentName;
inherit nix_path;
};
nixopsConfigurations."${pkgs.system}".default = {
inherit (inputs) nixpkgs;
network = {
description = "mio-ops nodes";
enableRollback = true;
storage.legacy = {databasefile = "~/.nixops/deployments.nixops";};
};
defaults = {};
airgead = import hosts/airgead.nix;
brighde = import hosts/brighde.nix;
ceilidh = import hosts/ceilidh.nix;
cuallaidh = import hosts/cuallaidh.nix;
dhu = import hosts/dhu.nix;
dionach = import hosts/dionach.nix;
iolear-beag = import hosts/iolear-beag.nix;
doilidh = import hosts/doilidh.nix;
eamhair = import hosts/eamhair.nix;
ceitidh = import hosts/ceitidh.nix;
paidh-uachdar = import hosts/paidh-uachdar.nix;
sanganto = import hosts/sanganto.nix;
sercanto = import hosts/sercanto.nix;
sithlainnir = import hosts/sithlainnir.nix;
teintidh = import hosts/teintidh.nix;
};
}))
// {
}

View file

@ -3,15 +3,15 @@
config, config,
pkgs, pkgs,
lib, lib,
cardano-node,
iohkNix,
... ...
}: let }: let
sources = import ../nix/sources.nix; cardanoNodeProject = import (cardano-node + "/nix") {
cardanoNodeProject = import (sources.cardano-node + "/nix") { gitrev = cardano-node.rev;
gitrev = sources.cardano-node.rev;
}; };
iohkNix = import (sources.iohk-nix) {};
in { in {
imports = [../secrets/cardano/producers.nix "${sources.cardano-node}/nix/nixos"]; imports = [../secrets/cardano/producers.nix "${cardano-node.cardano-node}/nix/nixos"];
environment.systemPackages = [cardanoNodeProject.cardano-cli]; environment.systemPackages = [cardanoNodeProject.cardano-cli];

View file

@ -2,11 +2,11 @@
{ {
config, config,
pkgs, pkgs,
daedalus,
lib, lib,
... ...
}: let }: let
sources = import ../nix/sources.nix; daedalusProject = import daedalus.daedalus {};
daedalusProject = import sources.daedalus {};
daedalusMainnet = daedalusProject.daedalus; daedalusMainnet = daedalusProject.daedalus;
#daedalusFlight = daedalusProject.daedalus {--argstr cluster mainnet_flight -o daedalusFlight}; #daedalusFlight = daedalusProject.daedalus {--argstr cluster mainnet_flight -o daedalusFlight};
in { in {

View file

@ -2,11 +2,9 @@
{ {
config, config,
pkgs, pkgs,
nixpkgsUnstable,
... ...
}: let }: {
sources = import ../nix/sources.nix;
unstable = import sources.nixpkgsUnstable {};
in {
imports = [ imports = [
../profiles/minecraftClient.nix # Play Minecraft :-) ../profiles/minecraftClient.nix # Play Minecraft :-)
]; ];
@ -20,7 +18,7 @@ in {
freeciv # Multiplayer (or single player), turn-based strategy game freeciv # Multiplayer (or single player), turn-based strategy game
freedroidrpg # Isometric 3D RPG similar to game Diablo freedroidrpg # Isometric 3D RPG similar to game Diablo
gcompris # Educational software suite, kids aged 2 to 10 gcompris # Educational software suite, kids aged 2 to 10
unstable.grapejuice # Simple Wine+Roblox management tool nixpkgsUnstable.grapejuice # Simple Wine+Roblox management tool
#lincity_ng # City building game #lincity_ng # City building game
meritous # Action-adventure dungeon crawl game meritous # Action-adventure dungeon crawl game
minetest # Infinite-world block sandbox game minetest # Infinite-world block sandbox game

View file

@ -3,15 +3,13 @@
config, config,
pkgs, pkgs,
lib, lib,
nix,
... ...
}: let }: {
sources = import ../nix/sources.nix;
nixVersion = (import sources.nixpkgs {}).nixVersions.latest;
in {
imports = [../profiles/terminal-recording.nix ../profiles/nix-direnv.nix]; imports = [../profiles/terminal-recording.nix ../profiles/nix-direnv.nix];
nix = { nix = {
package = nixVersion; package = nix;
settings = { settings = {
substituters = [ substituters = [
"https://cache.nixos.org" "https://cache.nixos.org"

View file

@ -4,10 +4,7 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }: {
sources = import ../nix/sources.nix;
nixpkgs2305 = (import sources."nixos-23.05" {}).pkgs;
in {
imports = [ imports = [
../profiles/openssh.nix ../profiles/openssh.nix
../secrets/user-craige.nix ../secrets/user-craige.nix

21
shell.nix Normal file
View file

@ -0,0 +1,21 @@
{
pkgs ? import <nixpkgs> {},
deploymentName,
mkShell,
nix,
nix_path,
}:
with pkgs;
mkShell {
buildInputs = [
alejandra # The Uncompromising Nix Code Formatter
nix # Powerful package manager, makes packaging reliable & reproducible
nixops_unstable_minimal # work around for issue #127423
tea # Gitea official CLI client
treefmt # one CLI to format the code tree
];
shellHook = ''
export NIX_PATH=${nix_path}
export NIXOPS_DEPLOYMENT=${deploymentName}
'';
}