diff --git a/devices/servivi/default.nix b/devices/servivi/default.nix index 0e69821..185d5f1 100644 --- a/devices/servivi/default.nix +++ b/devices/servivi/default.nix @@ -6,6 +6,7 @@ ../../modules/sshd.nix ../../modules/tailscale.nix + ./modules/arion ./modules/binary-cache.nix ./modules/borgbackup.nix ./modules/minecraft.nix diff --git a/devices/servivi/modules/arion/default.nix b/devices/servivi/modules/arion/default.nix new file mode 100644 index 0000000..33e20ba --- /dev/null +++ b/devices/servivi/modules/arion/default.nix @@ -0,0 +1,54 @@ +{ + arion, + config, + lib, + ... +}: +with lib; +with builtins; let + user = config.vars.user; +in { + imports = [arion.nixosModules.arion]; + + users.extraUsers.${user}.extraGroups = ["podman"]; + home-manager.users.${user}.programs.bash.shellAliases = { + podman = "sudo podman "; + }; + + virtualisation = { + podman = { + enable = true; + dockerSocket.enable = true; + defaultNetwork.settings.dns_enabled = true; + }; + + arion = { + backend = "podman-socket"; + + projects = let + composeFiles = + filter (n: hasSuffix "compose.nix" (toString n)) + (filesystem.listFilesRecursive ./.); + + projects = listToAttrs (map (p: { + name = elemAt (match ".*\/(.*)\/compose\.nix" (toString p)) 0; + value = import p; + }) + composeFiles); + in + mapAttrs (n: v: { + # https://docs.hercules-ci.com/arion/options + settings = { + enableDefaultNetwork = v.enableDefaultNetwork or true; + networks = optionalAttrs (hasAttr "networks" v) v.networks; + + services = mapAttrs (n': v': { + image = optionalAttrs (hasAttr "customImage" v') v'.customImage; + service = filterAttrs (n: v: n != "customImage") v'; + }) v.services; + }; + }) + projects; + }; + }; +} diff --git a/flake.lock b/flake.lock index cb5b9bf..90d8c67 100644 --- a/flake.lock +++ b/flake.lock @@ -20,6 +20,29 @@ "type": "github" } }, + "arion": { + "inputs": { + "flake-parts": "flake-parts", + "haskell-flake": "haskell-flake", + "hercules-ci-effects": "hercules-ci-effects", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703950660, + "narHash": "sha256-GgynJdQ6KngwFBd4YbMYbwesyOiMTZAFymsStE0PSfM=", + "owner": "hercules-ci", + "repo": "arion", + "rev": "f295eabd25b7c894ab405be784e2a010f83fde55", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "arion", + "type": "github" + } + }, "bat-theme-src": { "flake": false, "locked": { @@ -125,6 +148,48 @@ } }, "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "arion", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1701473968, + "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "arion", + "hercules-ci-effects", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, + "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "neovim-flake", @@ -145,7 +210,7 @@ "type": "github" } }, - "flake-parts_2": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "neovim-flake", @@ -166,7 +231,7 @@ "type": "indirect" } }, - "flake-parts_3": { + "flake-parts_5": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -184,7 +249,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_6": { "inputs": { "nixpkgs-lib": [ "nixpkgs-wayland", @@ -344,6 +409,22 @@ "type": "github" } }, + "haskell-flake": { + "locked": { + "lastModified": 1675296942, + "narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=", + "owner": "srid", + "repo": "haskell-flake", + "rev": "c2cafce9d57bfca41794dc3b99c593155006c71e", + "type": "github" + }, + "original": { + "owner": "srid", + "ref": "0.1.0", + "repo": "haskell-flake", + "type": "github" + } + }, "headscale": { "inputs": { "flake-utils": "flake-utils_2", @@ -368,6 +449,28 @@ "hercules-ci-effects": { "inputs": { "flake-parts": "flake-parts_2", + "nixpkgs": [ + "arion", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1701009247, + "narHash": "sha256-GuX16rzRze2y7CsewJLTV6qXkXWyEwp6VCZXi8HLruU=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "31b6cd7569191bfcd0a548575b0e2ef953ed7d09", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, + "hercules-ci-effects_2": { + "inputs": { + "flake-parts": "flake-parts_4", "nixpkgs": [ "neovim-flake", "nixpkgs" @@ -532,8 +635,8 @@ "neovim-flake": { "inputs": { "flake-compat": "flake-compat", - "flake-parts": "flake-parts", - "hercules-ci-effects": "hercules-ci-effects", + "flake-parts": "flake-parts_3", + "hercules-ci-effects": "hercules-ci-effects_2", "neovim-flake": "neovim-flake_2", "nixpkgs": [ "nixpkgs" @@ -597,7 +700,7 @@ }, "nix-eval-jobs": { "inputs": { - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_6", "nix-github-actions": "nix-github-actions", "nixpkgs": "nixpkgs_6", "treefmt-nix": "treefmt-nix" @@ -641,7 +744,7 @@ }, "nix-gaming": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_5", "nixpkgs": "nixpkgs_3" }, "locked": { @@ -1160,6 +1263,7 @@ "root": { "inputs": { "ags": "ags", + "arion": "arion", "bat-theme-src": "bat-theme-src", "caddy-plugins": "caddy-plugins", "coc-stylelintplus-flake": "coc-stylelintplus-flake", diff --git a/flake.nix b/flake.nix index 7e72d84..f218d27 100644 --- a/flake.nix +++ b/flake.nix @@ -165,6 +165,14 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + arion = { + type = "github"; + owner = "hercules-ci"; + repo = "arion"; + + inputs.nixpkgs.follows = "nixpkgs"; + }; + # Desktop inputs hyprland = { type = "github";