matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

refactor(arion): setup options instead of importing attrsets
All checks were successful
Discord / discord commits (push) Has been skipped
Details

Browse source
This commit is contained in:
matt1432 2024-01-22 15:50:05 -05:00
parent f03165caa5
commit 2b14ecc1b8
6 changed files with 160 additions and 153 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

127
devices/servivi/modules/arion/default.nix
View file

@ -1,127 +1,20 @@
{
arion,
config,
lib,
pkgs,
self,
...
} @ inputs: let
inherit (builtins) match;
inherit
(lib)
filter
hasSuffix
filesystem
hasAttr
mapAttrs
filterAttrs
listToAttrs
elemAt
removePrefix
optionalAttrs
mkForce
;
inherit (config.vars) mainUser hostName;
{...}: let
configPath = "/var/lib/arion";
in {
imports = [arion.nixosModules.arion];
imports = [
../../../../modules/arion.nix
users.extraUsers.${mainUser}.extraGroups = ["docker"];
environment.systemPackages = with pkgs; [
nix-prefetch-docker
(writeShellScriptBin "updateImages" ''
pull() {
FILE="$1"
IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE")
TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE")
echo "$IMAGE $TAG"
PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG")
echo -e "pkgs:\npkgs.dockerTools.pullImage $PREFETCH" > "$FILE"
}
DIR="$1"
if [ -z "$DIR" ]; then
DIR="."
fi
IFS=$'\n'
for i in $(find "$DIR"/images -type f); do
pull "$i"
done
unset IFS
'')
./forgejo/compose.nix
./music/jbots/compose.nix
];
arion = {
enable = true;
rwDataDir = configPath;
};
services.borgbackup.configs.arion = {
paths = [configPath];
exclude = ["**/lineageos*"];
};
virtualisation = {
docker = {
enable = true;
storageDriver = "btrfs";
};
arion = {
backend = "docker";
projects = let
basePath = "${self}/devices/${hostName}/modules/arion";
composeFiles =
filter (n: hasSuffix "compose.nix" (toString n))
(filesystem.listFilesRecursive basePath);
projects = filterAttrs (n: v: v.enabled or true) (listToAttrs (map (p: {
name = elemAt (match ".*\/(.*)\/compose\.nix" (toString p)) 0;
value = import p (inputs
// {
importImage = file: pkgs.callPackage file pkgs;
rwPath =
configPath
+ "/"
+ removePrefix basePath "${dirOf p}";
});
})
composeFiles));
in
mapAttrs (n: v: {
# https://docs.hercules-ci.com/arion/options
settings = {
enableDefaultNetwork = v.enableDefaultNetwork or true;
networks =
optionalAttrs (hasAttr "networks" v)
v.networks;
services =
mapAttrs (n': v': {
# https://github.com/hercules-ci/arion/issues/169#issuecomment-1301370634
build.image =
optionalAttrs (hasAttr "hostImage" v')
(mkForce v'.hostImage);
image =
optionalAttrs (hasAttr "customImage" v')
v'.customImage;
service =
filterAttrs
(n: v: n != "customImage" && n != "hostImage")
v';
})
v.services;
};
})
projects;
};
};
}

25
devices/servivi/modules/arion/forgejo/compose.nix
View file

@ -1,15 +1,12 @@
{
config,
rwPath,
importImage,
...
}: let
secrets = config.sops.secrets;
{config, ...}: let
inherit (config.sops) secrets;
inherit (config.arion) rwDataDir;
rwPath = rwDataDir + "/forgejo";
in {
services = {
arion.projects."forgejo" = {
"forgejo" = {
container_name = "forgejo";
hostImage = importImage ./images/forgejo.nix;
image = ./images/forgejo.nix;
ports = [
# Redirect WAN port 22 to this port
@ -42,8 +39,7 @@ in {
};
"forgejo-db" = {
container_name = "forgejo-db";
hostImage = importImage ./images/postgres.nix;
image = ./images/postgres.nix;
restart = "always";
@ -52,9 +48,8 @@ in {
volumes = ["${rwPath}/db:/var/lib/postgresql/data"];
};
"runner" = {
container_name = "act_runner";
hostImage = importImage ./images/act_runner.nix;
"act_runner" = {
image = ./images/act_runner.nix;
privileged = true;
restart = "always";

4
devices/servivi/modules/arion/forgejo/images/act_runner.nix
View file

@ -1,8 +1,8 @@
pkgs:
pkgs.dockerTools.pullImage {
imageName = "vegardit/gitea-act-runner";
imageDigest = "sha256:3365bb367c7f45fd00a0bc229effa616bc167fd8215a558ba1123a8f05dfaf9a";
sha256 = "1q3gr55z08prf0531889sa4i6g07mlpnw7lsjb7vz3yn0jmh3jpz";
imageDigest = "sha256:10965cf2fcd3cc146f2bd54e0234d55a499f1dedc3a1f2edd7fb5736b4921904";
sha256 = "0pi09zz7agm33jbd41zi94lqfxmq7q64z2lfjlmdp9aq1q254zxw";
finalImageName = "vegardit/gitea-act-runner";
finalImageTag = "dind-latest";
}

18
devices/servivi/modules/arion/lineageos/compose.nix
View file

@ -1,16 +1,13 @@
{
config,
rwPath,
...
}: let
secrets = config.sops.secrets;
{config, ...}: let
inherit (config.sops) secrets;
inherit (config.arion) rwDataDir;
rwPath = rwDataDir + "/lineageos";
in {
# FIXME: crashes when building
# TODO: make sure it works with latest arion custom module
# This should only be ran when an update is needed
enabled = false;
services = {
arion.projects."lineageos" = {
"builder" = {
image = "lineageos4microg/docker-lineage-cicd";
container_name = "lineage_builder";
@ -54,7 +51,6 @@ in {
"caddy" = {
image = "quay.io/slothcroissant/caddy-cloudflaredns:latest";
container_name = "caddy";
ports = [
"80:80"

16
devices/servivi/modules/arion/music/jbots/compose.nix
View file

@ -1,12 +1,12 @@
{
rwPath,
importImage,
...
}: {
services = {
{config, ...}: let
inherit (config.arion) rwDataDir;
rwPath = rwDataDir + "/music/jbots";
in {
arion.projects."jbots" = {
"musicbot_be" = {
container_name = "benis";
hostImage = importImage ./images/jmusicbot.nix;
image = ./images/jmusicbot.nix;
restart = "always";
volumes = [
@ -17,7 +17,7 @@
"musicbot_br" = {
container_name = "bruh";
hostImage = importImage ./images/jmusicbot.nix;
image = ./images/jmusicbot.nix;
restart = "always";
volumes = [

123
modules/arion.nix Normal file
View file

@ -0,0 +1,123 @@
{
arion,
config,
lib,
pkgs,
...
}: let
inherit
(lib)
filterAttrs
hasAttr
mapAttrs
mkEnableOption
mkForce
mkIf
mkOption
optionalAttrs
types
;
inherit (config.vars) mainUser;
cfg = config.arion;
in {
imports = [arion.nixosModules.arion];
options.arion = {
enable = mkEnableOption (lib.mdDoc "My custom arion config layer module");
rwDataDir = mkOption {
default = "/var/lib/arion";
type = types.str;
description = lib.mdDoc ''
Directory to place persistent data in
'';
};
projects = mkOption {
default = {};
description = lib.mdDoc ''
Declarative specification of docker-compose in nix.
'';
type = types.attrs;
};
};
config = mkIf cfg.enable {
users.extraUsers.${mainUser}.extraGroups = ["docker"];
virtualisation = {
docker = {
enable = true;
storageDriver = "btrfs";
};
arion = {
backend = "docker";
projects =
mapAttrs (n: v: {
# https://docs.hercules-ci.com/arion/options
settings = {
enableDefaultNetwork = v.enableDefaultNetwork or true;
networks =
optionalAttrs (hasAttr "networks" v)
v.networks;
services =
mapAttrs (n': v': {
# https://github.com/hercules-ci/arion/issues/169#issuecomment-1301370634
build.image = let
importImage = file: pkgs.callPackage file pkgs;
in
mkForce (importImage v'.image);
service =
(filterAttrs
(attrName: _: attrName != "image")
v')
# By default set the container_name to the attrset's name
// (optionalAttrs (! hasAttr "container_name" v') {
container_name = n';
});
})
v;
};
})
cfg.projects;
};
};
# Script for updating the images of all images of a compose.nix file
environment.systemPackages = with pkgs; [
(writeShellApplication {
name = "updateImages";
runtimeInputs = [
(writeShellApplication {
name = "pullImage";
runtimeInputs = [nix-prefetch-docker];
text = ''
FILE="$1"
IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE")
TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE")
echo "$IMAGE $TAG"
PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG")
echo -e "pkgs:\npkgs.dockerTools.pullImage $PREFETCH" > "$FILE"
'';
})
];
text = ''
DIR=''${1:-"."}
find "$DIR"/images -type f -exec pullImage {} \;
'';
})
];
};
}