refactor: rename some flake attr directories

2024-12-16 15:51:41 -05:00 · 2024-12-16 15:51:41 -05:00 · 6ca0d7248b
commit 6ca0d7248b
parent 1ce40f2c1a
329 changed files with 178 additions and 139 deletions
--- a/modules/docker/.template/compose.nix
+++ b/modules/docker/.template/compose.nix
@ -0,0 +1,10 @@
+{config, ...}: let
+  inherit (config.sops) secrets;
+  inherit (config.khepri) rwDataDir;
+
+  rwPath = rwDataDir + "/projectName";
+in {
+  khepri.compositions."projectName" = {
+    services = {};
+  };
+}
--- a/modules/docker/.template/images/image.nix
+++ b/modules/docker/.template/images/image.nix
@ -0,0 +1,8 @@
+pkgs:
+pkgs.dockerTools.pullImage rec {
+  imageName = "some/image/name";
+  imageDigest = "";
+  sha256 = "";
+  finalImageName = imageName;
+  finalImageTag = "latest";
+}
--- a/modules/docker/default.nix
+++ b/modules/docker/default.nix
@ -0,0 +1,59 @@
+khepri: {
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  inherit (lib) mkIf mkOption types;
+
+  cfg = config.khepri;
+in {
+  imports = [khepri.nixosModules.default];
+
+  options.khepri = {
+    enable = mkOption {
+      default = cfg.compositions != {};
+      type = types.bool;
+      description = ''
+        Option to enable docker even without compositions.
+      '';
+    };
+
+    rwDataDir = mkOption {
+      default = "/var/lib/docker";
+      type = types.str;
+      description = ''
+        Directory to place persistent data in.
+      '';
+    };
+
+    storageDriver = mkOption {
+      default = "btrfs"; # I use BTRFS on all my servers
+      type = types.str;
+    };
+  };
+
+  config = mkIf (cfg.enable) {
+    virtualisation = {
+      docker = {
+        enable = true;
+        storageDriver = cfg.storageDriver;
+
+        package = pkgs.docker_27;
+
+        daemon.settings.dns = ["8.8.8.8" "1.1.1.1"];
+      };
+
+      # khepri uses oci-containers under the hood and it must be set to docker to work
+      oci-containers.backend = "docker";
+    };
+
+    # Script for updating the images of all images of a compose.nix file
+    environment.systemPackages = [
+      (pkgs.callPackage ./updateImage.nix {})
+    ];
+  };
+
+  # For accurate stack trace
+  _file = ./default.nix;
+}
--- a/modules/docker/updateImage.nix
+++ b/modules/docker/updateImage.nix
@ -0,0 +1,40 @@
+{
+  nix-prefetch-docker,
+  skopeo,
+  writeShellApplication,
+  ...
+}:
+writeShellApplication {
+  name = "updateImages";
+
+  runtimeInputs = [
+    (writeShellApplication {
+      name = "pullImage";
+      runtimeInputs = [nix-prefetch-docker skopeo];
+      text = ''
+        FILE="$1"
+
+        IMAGE=$(sed -n 's/.*imageName = "\([^"]*\).*/\1/p' "$FILE")
+        TAG=$(sed -n 's/.*finalImageTag = "\([^"]*\).*/\1/p' "$FILE")
+        CURRENT_DIGEST=$(sed -n 's/.*imageDigest = "\([^"]*\).*/\1/p' "$FILE")
+        NEW_DIGEST=$(skopeo inspect "docker://$IMAGE:$TAG" | jq '.Digest' -r)
+
+        output="$IMAGE $TAG"
+
+        if ! grep "Locked" "$FILE"; then
+            if [[ "$CURRENT_DIGEST" != "$NEW_DIGEST" ]]; then
+                echo -e "• $output:\n   $CURRENT_DIGEST\n → $NEW_DIGEST\n"
+                PREFETCH=$(nix-prefetch-docker "$IMAGE" "$TAG")
+                echo -e "pkgs:\npkgs.dockerTools.pullImage rec $PREFETCH" > "$FILE"
+                sed -i 's/finalImageName.*/finalImageName = imageName;/' "$FILE"
+            fi
+        fi
+      '';
+    })
+  ];
+
+  text = ''
+    DIR=''${1:-"."}
+    find "$DIR"/images -type f -exec pullImage {} \;
+  '';
+}