From 23d9db27e6e90669941a3776ba1f007c174bef63 Mon Sep 17 00:00:00 2001 From: yukkop Date: Thu, 17 Jul 2025 15:21:06 +0000 Subject: [PATCH] refactor: pull out systems --- flake.nix | 98 ++----------------- lib/default.nix | 14 ++- .../{devvm|manual => devvm-hemar}/default.nix | 6 +- nixos/system/devvm-hemar/devvm-hemar.nix | 91 +++++++++++++++++ nixos/system/devvm-manual/default.nix | 17 ++++ .../devvm-manual.nix} | 1 + 6 files changed, 128 insertions(+), 99 deletions(-) rename nixos/system/{devvm|manual => devvm-hemar}/default.nix (87%) create mode 100644 nixos/system/devvm-hemar/devvm-hemar.nix create mode 100644 nixos/system/devvm-manual/default.nix rename nixos/system/{devvm|manual/devvm|manual.nix => devvm-manual/devvm-manual.nix} (99%) diff --git a/flake.nix b/flake.nix index fb13c92..024ec25 100644 --- a/flake.nix +++ b/flake.nix @@ -18,7 +18,8 @@ }@inputs: let flake = ./.; nixpkgs = nixpkgs-25-05; - self-lib = import ./lib { inherit flake self inputs; }; + overlays = [ self.overlays.default ]; + self-lib = import ./lib { inherit flake self inputs nixpkgs; }; buildPostgresqlExtension = pkgs: pkgs.callPackage (import (builtins.path { @@ -369,98 +370,15 @@ }); }; nixosConfigurations = { - "devvm|manual|${system}" = import "./nixos/system/devvm|manual" { inherit flake self inputs; }; - "hemar-test|${system}" = nixpkgs.lib.nixosSystem { - inherit system; - modules = [ - ({modulesPath, pkgs, lib, ...}: { - imports = [ - self.nixosModules.hectic - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - hectic = { - archetype.dev.enable = true; - hardware.hetzner-cloud.enable = true; - }; - - users.users.root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrbBG+U07f7OKvOxYIGYCaNvyozzxQF+I9Fb5TYZErK yukkop vm-postgres'' - ]; - - - - services.postgresql = - let - package = pkgs.postgresql_15; - in { - enable = true; - package = package; - settings = - { - port = 64317; - listen_addresses = lib.mkForce "*"; - shared_preload_libraries = ""; - }; - extensions = [ package.pkgs.hemar ]; - authentication = builtins.concatStringsSep "\n" [ - "local all all trust" - "host sameuser all 127.0.0.1/32 scram-sha-256" - "host sameuser all ::1/128 scram-sha-256" - ]; - initialScript = pkgs.writeText "init-sql-script" '' - SET log_min_messages TO DEBUG1; - SET client_min_messages TO DEBUG1; - ALTER DATABASE postgres SET log_min_messages TO DEBUG1; - ALTER DATABASE postgres SET client_min_messages TO DEBUG1; - CREATE EXTENSION "hemar"; - - \i ${./package/c/hemar/test}/mod.sql - ''; - }; - - environment.systemPackags = with pkgs; [ - gdb - hectic.nvim-pager - (writeScriptBin "check" '' - journalctl -u postgresql.service | grep postgresql-post-start | sed 's|psql:/nix/store/[^:]*:[0-9]*: ||' | sed 's|^[^:]*:[^:]*:[^:]*: ||' | grep -v '^\[.*\]' | ${hectic.prettify-log}/bin/prettify-log --color-output - '') - ]; - programs.zsh.shellAliases = self.lib.sharedShellAliasesForDevVm // { - conn = "sudo su postgres -c 'psql -p 64317'"; - }; - - virtualisation = { - vmVariant = { - systemd.services.fix-root-perms = { - description = "Fix root directory permissions"; - after = [ "local-fs.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.coreutils}/bin/chmod 755 /"; - }; - }; - virtualisation = { - diskSize = 1024*6; - diskImage = null; - forwardPorts = [ ]; - }; - }; - }; - networking.firewall = { - enable = true; - allowedTCPPorts = [ - 80 - ]; - }; - }) - ]; - pkgs = import nixpkgs {inherit system; overlays = [ self.overlays.default ];}; - }; + "devvm-manual|${system}" = import ./nixos/system/devvm-manual/default.nix { inherit flake self inputs system; }; + "devvm-hemar|${system}" = import ./nixos/system/devvm-hemar/default.nix { inherit flake self inputs system; }; }; }) // { + legacyPackages = self.lib.forAllSystems (system: import nixpkgs { + inherit system overlays; + }); + lib = self-lib; overlays.default = import ./overlay { inherit flake self inputs nixpkgs; }; nixosModules = import ./nixos/module { inherit flake self inputs nixpkgs; }; diff --git a/lib/default.nix b/lib/default.nix index 791cdea..b303716 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,5 +1,4 @@ -{ flake, inputs, self }: let - nixpkgs = inputs.nixpkgs-25-05; +{ flake, inputs, self, nixpkgs }: let lib = nixpkgs.lib; recursiveUpdate = nixpkgs.lib.recursiveUpdate; @@ -12,7 +11,7 @@ "aarch64-darwin" ]; - forSpecSystemsWithPkgs = supportedSystems: pkgOverlays: f: + forSystemsWithPkgs = supportedSystems: pkgOverlays: f: builtins.foldl' ( acc: system: let pkgs = import nixpkgs { @@ -28,7 +27,7 @@ ) {} supportedSystems; - forAllSystemsWithPkgs = pkgOverlays: f: forSpecSystemsWithPkgs commonSystems pkgOverlays f; + forAllSystemsWithPkgs = pkgOverlays: f: forSystemsWithPkgs commonSystems pkgOverlays f; parseEnv = import ./parse-env.nix; @@ -44,7 +43,10 @@ else {}; in { # -- For all systems -- - inherit dotEnv minorEnvironment parseEnv forAllSystemsWithPkgs forSpecSystemsWithPkgs commonSystems; + inherit dotEnv minorEnvironment parseEnv forAllSystemsWithPkgs forSystemsWithPkgs commonSystems; + + forSystems = systems: nixpkgs.lib.genAttrs systems; + forAllSystems = nixpkgs.lib.genAttrs commonSystems; shellModules.logs = '' RED='\033[0;31m' @@ -144,6 +146,8 @@ in { paths; in listToAttrs attrList; + + nixpkgs-lib = nixpkgs.lib; } // rec { /* Supplied a directory, reads it's recursive structure into NixOS modules, so that provided a `./module` dir with `module/foo/bar.nix` in it it outputs diff --git a/nixos/system/devvm|manual/default.nix b/nixos/system/devvm-hemar/default.nix similarity index 87% rename from nixos/system/devvm|manual/default.nix rename to nixos/system/devvm-hemar/default.nix index e3957b6..f2215b7 100644 --- a/nixos/system/devvm|manual/default.nix +++ b/nixos/system/devvm-hemar/default.nix @@ -5,13 +5,11 @@ system, ... }: let - inherit (self.legacyPackages."${system}") pkgs; - # Use folder name as name of this system name = builtins.baseNameOf ./.; -in pkgs.lib.nixosSystem { - inherit pkgs; +in self.lib.nixpkgs-lib.nixosSystem { + inherit (self.legacyPackages."${system}") pkgs; modules = [ { networking.hostName = name; } (import ./${name}.nix { inherit flake self inputs; }) diff --git a/nixos/system/devvm-hemar/devvm-hemar.nix b/nixos/system/devvm-hemar/devvm-hemar.nix new file mode 100644 index 0000000..1574810 --- /dev/null +++ b/nixos/system/devvm-hemar/devvm-hemar.nix @@ -0,0 +1,91 @@ +{ + inputs, + flake, + self +}: { + modulesPath, + pkgs, + lib, + ... +}: { + imports = [ + self.nixosModules.hectic + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + hectic = { + archetype.dev.enable = true; + hardware.hetzner-cloud.enable = true; + }; + + users.users.root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrbBG+U07f7OKvOxYIGYCaNvyozzxQF+I9Fb5TYZErK yukkop vm-postgres'' + ]; + + + + services.postgresql = + let + package = pkgs.postgresql_15; + in { + enable = true; + package = package; + settings = + { + port = 64317; + listen_addresses = lib.mkForce "*"; + shared_preload_libraries = ""; + }; + extensions = [ package.pkgs.hemar ]; + authentication = builtins.concatStringsSep "\n" [ + "local all all trust" + "host sameuser all 127.0.0.1/32 scram-sha-256" + "host sameuser all ::1/128 scram-sha-256" + ]; + initialScript = pkgs.writeText "init-sql-script" '' + SET log_min_messages TO DEBUG1; + SET client_min_messages TO DEBUG1; + ALTER DATABASE postgres SET log_min_messages TO DEBUG1; + ALTER DATABASE postgres SET client_min_messages TO DEBUG1; + CREATE EXTENSION "hemar"; + + \i ${flake}/package/c/hemar/test/mod.sql + ''; + }; + + environment.systemPackages = with pkgs; [ + gdb + hectic.nvim-pager + (writeScriptBin "check" '' + journalctl -u postgresql.service | grep postgresql-post-start | sed 's|psql:/nix/store/[^:]*:[0-9]*: ||' | sed 's|^[^:]*:[^:]*:[^:]*: ||' | grep -v '^\[.*\]' | ${hectic.prettify-log}/bin/prettify-log --color-output + '') + ]; + programs.zsh.shellAliases = self.lib.sharedShellAliasesForDevVm // { + conn = "sudo su postgres -c 'psql -p 64317'"; + }; + + virtualisation = { + vmVariant = { + systemd.services.fix-root-perms = { + description = "Fix root directory permissions"; + after = [ "local-fs.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.coreutils}/bin/chmod 755 /"; + }; + }; + virtualisation = { + diskSize = 1024*6; + diskImage = null; + forwardPorts = [ ]; + }; + }; + }; + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 80 + ]; + }; +} diff --git a/nixos/system/devvm-manual/default.nix b/nixos/system/devvm-manual/default.nix new file mode 100644 index 0000000..f2215b7 --- /dev/null +++ b/nixos/system/devvm-manual/default.nix @@ -0,0 +1,17 @@ +{ + flake, + self, + inputs, + system, + ... +}: let + # Use folder name as name of this system + name = builtins.baseNameOf ./.; + +in self.lib.nixpkgs-lib.nixosSystem { + inherit (self.legacyPackages."${system}") pkgs; + modules = [ + { networking.hostName = name; } + (import ./${name}.nix { inherit flake self inputs; }) + ]; +} diff --git a/nixos/system/devvm|manual/devvm|manual.nix b/nixos/system/devvm-manual/devvm-manual.nix similarity index 99% rename from nixos/system/devvm|manual/devvm|manual.nix rename to nixos/system/devvm-manual/devvm-manual.nix index 7b98441..c7d6140 100644 --- a/nixos/system/devvm|manual/devvm|manual.nix +++ b/nixos/system/devvm-manual/devvm-manual.nix @@ -7,6 +7,7 @@ pkgs, modulesPath, config, + ... }: { imports = [