Compare commits

..

7 commits

Author SHA1 Message Date
Max
765ad81d40 cluster/services/gitlab: drop 2024-11-15 00:11:25 +02:00
Max
77aff4eacc flake.lock: Update
Flake lock file updates:

• Updated input 'nix-super':
    'gitlab:max/nix-super/5ecd820c18b1aaa3c8ee257a7a9a2624c4107031?narHash=sha256-JctHGT1oa4pet4PgUKRM7pf0w%2BqGe0a/ahVij8bee3o%3D' (2024-04-22)
  → '1eb19dd804.tar.gz?narHash=sha256-HSNUAfhtG/A2hnrzPMT3asZZ2Wb3dAmedOr1VzptOCg%3D' (2024-11-10)
• Updated input 'nix-super/flake-compat':
    'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9?narHash=sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm%2B504Ch3sNKLd8%3D' (2023-01-17)
  → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33?narHash=sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U%3D' (2023-10-04)
• Updated input 'nix-super/flake-parts':
    'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d?narHash=sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm%2BGpZNw%3D' (2024-04-01)
  → 'github:hercules-ci/flake-parts/9227223f6d922fee3c7b190b2cc238a99527bbb7?narHash=sha256-pQMhCCHyQGRzdfAkdJ4cIWiw%2BJNuWsTX7f0ZYSyz0VY%3D' (2024-07-03)
• Added input 'nix-super/git-hooks-nix':
    'github:cachix/git-hooks.nix/f451c19376071a90d8c58ab1a953c6e9840527fd?narHash=sha256-6FPUl7HVtvRHCCBQne7Ylp4p%2BdpP3P/OYuzjztZ4s70%3D' (2024-07-15)
• Added input 'nix-super/git-hooks-nix/flake-compat':
    follows 'nix-super'
• Added input 'nix-super/git-hooks-nix/gitignore':
    follows 'nix-super'
• Added input 'nix-super/git-hooks-nix/nixpkgs':
    follows 'nix-super/nixpkgs'
• Added input 'nix-super/git-hooks-nix/nixpkgs-stable':
    follows 'nix-super/nixpkgs'
• Updated input 'nix-super/libgit2':
    'github:libgit2/libgit2/45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5?narHash=sha256-oX4Z3S9WtJlwvj0uH9HlYcWv%2Bx1hqp8mhXl7HsLu2f0%3D' (2023-10-18)
  → 'github:libgit2/libgit2/36f7e21ad757a3dacc58cf7944329da6bc1d6e96?narHash=sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY%3D' (2024-05-16)
• Updated input 'nix-super/nixpkgs':
    'github:NixOS/nixpkgs/b550fe4b4776908ac2a861124307045f8e717c8e?narHash=sha256-7kkJQd4rZ%2BvFrzWu8sTRtta5D1kBG0LSRYAfhtmMlSo%3D' (2024-02-28)
  → 'github:NixOS/nixpkgs/c3d4ac725177c030b1e289015989da2ad9d56af0?narHash=sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz%2BNG82pbdg%3D' (2024-08-15)
• Added input 'nix-super/nixpkgs-23-11':
    follows 'blank'
• Removed input 'nix-super/pre-commit-hooks'
• Removed input 'nix-super/pre-commit-hooks/flake-compat'
• Removed input 'nix-super/pre-commit-hooks/flake-utils'
• Removed input 'nix-super/pre-commit-hooks/gitignore'
• Removed input 'nix-super/pre-commit-hooks/nixpkgs'
• Removed input 'nix-super/pre-commit-hooks/nixpkgs-stable'
2024-11-15 00:11:25 +02:00
Max
37b8ff58cb meta: new url for nix-super 2024-11-15 00:11:25 +02:00
66788cff0c Merge pull request 'Flake Registry' () from pr-flake-registry into master
Reviewed-on: 
2024-11-13 11:57:57 +02:00
Max
0d95f7488d modules/nix-config: use new registry 2024-11-12 13:07:37 +01:00
Max
0bf8a8e97c cluster/services/flake-registry: init 2024-11-12 13:06:17 +01:00
Max
9179fa9cce cluster/services/ways: support static targets 2024-11-12 11:27:27 +01:00
5 changed files with 82 additions and 11 deletions
cluster/services
modules/nix-config

View file

@ -0,0 +1,36 @@
{ lib, ... }:
{
ways.registry.static = { depot, pkgs, ... }: pkgs.writeTextDir "flake-registry.json" (let
flakes = {
depot = {
type = "tarball";
url = "https://forge.${depot.lib.meta.domain}/${depot.lib.meta.domain}/depot/archive/master.tar.gz";
};
depot-nixpkgs = {
type = "github";
owner = "NixOS";
repo = "nixpkgs";
inherit (depot.inputs.nixpkgs.sourceInfo) rev narHash lastModified;
};
blank = {
type = "github";
owner = "divnix";
repo = "blank";
inherit (depot.inputs.blank.sourceInfo) rev narHash lastModified;
};
} // import ./extra-flakes.nix;
in builtins.toJSON {
version = 2;
flakes = lib.pipe flakes [
(lib.attrsToList)
(map (f: {
from = {
type = "indirect";
id = f.name;
};
to = f.value;
}))
];
});
}

View file

@ -0,0 +1,18 @@
let
github = owner: repo: {
type = "github";
inherit owner repo;
};
in {
# own
hyprspace = github "hyprspace" "hyprspace";
ai = github "nixified-ai" "flake";
nix-super = github "privatevoid-net" "nix-super";
nixpak = github "nixpak" "nixpak";
# other
nix = github "NixOS" "nix";
flake-parts = github "hercules-ci" "flake-parts";
home-manager = github "nix-community" "home-manager";
dream2nix = github "nix-community" "dream2nix";
}

View file

@ -1,11 +1,15 @@
{ cluster, config, lib, pkgs, ... }:
{ cluster, config, depot, lib, pkgs, ... }:
let
externalWays = lib.filterAttrs (_: cfg: !cfg.internal) cluster.config.ways;
internalWays = lib.filterAttrs (_: cfg: cfg.internal) cluster.config.ways;
consulServiceWays = lib.filterAttrs (_: cfg: cfg.useConsul) cluster.config.ways;
byMode = lib.pipe cluster.config.ways [
(lib.attrsToList)
(lib.groupBy (way: way.value.mode))
(lib.mapAttrs (n: v: lib.listToAttrs v))
];
in
{
@ -25,7 +29,13 @@ in
];
locations = lib.mkMerge [
{
"/" = if cfg.grpc then {
"/" = if cfg.mode == "static" then {
root = cfg.static {
inherit depot;
inherit pkgs;
inherit (pkgs) system;
};
} else if cfg.grpc then {
extraConfig = ''
set $nix_proxy_grpc_target ${cfg.target};
grpc_pass $nix_proxy_grpc_target;
@ -47,7 +57,7 @@ in
};
}) cluster.config.ways;
appendHttpConfig = lib.mkIf (consulServiceWays != {}) ''
appendHttpConfig = lib.mkIf (byMode.consul != {}) ''
include /run/consul-template/nginx-ways-*.conf;
'';
};
@ -67,7 +77,7 @@ in
value.distributed.enable = true;
}) externalWays;
services.consul-template.instances.ways = lib.mkIf (consulServiceWays != {}) {
services.consul-template.instances.ways = lib.mkIf (byMode.consul != {}) {
user = "nginx";
group = "nginx";
settings = {
@ -86,7 +96,7 @@ in
{{ else }}
# upstream ${cfg.nginxUpstreamName} (${cfg.consulService}): no servers available
{{ end }}
'') consulServiceWays;
'') byMode.consul;
in pkgs.writeText "ways-upstreams.ctmpl" (lib.concatStringsSep "\n" (lib.unique upstreams));
destination = "/run/consul-template/nginx-ways-upstreams.conf";
exec.command = lib.singleton (pkgs.writeShellScript "ways-reload" ''

View file

@ -58,6 +58,10 @@ with lib;
type = types.str;
};
static = mkOption {
type = with types; functionTo (coercedTo package (package: "${package.webroot or package}") str);
};
healthCheckPath = mkOption {
type = types.path;
default = "/.well-known/ways/internal-health-check";
@ -69,10 +73,10 @@ with lib;
default = "https://${name}.${config.domainSuffix}";
};
useConsul = mkOption {
type = types.bool;
mode = mkOption {
type = types.enum [ "simple" "consul" "static" ];
internal = true;
default = false;
default = "simple";
};
nginxUpstreamName = mkOption {
@ -105,12 +109,15 @@ with lib;
config = lib.mkMerge [
(lib.mkIf options.consulService.isDefined {
useConsul = true;
mode = "consul";
nginxUpstreamName = "ways_upstream_${builtins.hashString "md5" options.consulService.value}";
target = "${if config.grpc then "grpc" else "http"}://${options.nginxUpstreamName.value}";
})
(lib.mkIf options.bucket.isDefined {
consulService = "garage-web";
})
(lib.mkIf options.static.isDefined {
mode = "static";
})
];
}

View file

@ -14,7 +14,7 @@
experimental-features = nix-command flakes cgroups
use-cgroups = true
builders-use-substitutes = true
flake-registry = https://git.${depot.lib.meta.domain}/private-void/registry/-/raw/master/registry.json
flake-registry = https://registry.${depot.lib.meta.domain}/flake-registry.json
# For Hercules CI agent
narinfo-cache-negative-ttl = 0