diff options
| -rw-r--r-- | flake.lock | 17 | ||||
| -rw-r--r-- | flake.nix | 12 | ||||
| -rw-r--r-- | modules/by-name/et/etesync/module.nix (renamed from modules/nixos/vhack/etesync/default.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/et/etesync/secret_file.age (renamed from modules/nixos/vhack/etesync/secret_file.age) | 0 | ||||
| -rw-r--r-- | modules/by-name/gi/git-server/css.nix (renamed from modules/nixos/vhack/git-server/css.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/gi/git-server/module.nix (renamed from modules/nixos/vhack/git-server/default.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/ng/nginx/module.nix (renamed from modules/nixos/vhack/nginx/default.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/ng/nginx/redirects.nix (renamed from modules/nixos/vhack/nginx/redirects.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/ni/nix-sync/hosts.nix (renamed from modules/nixos/vhack/nix-sync/hosts.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/ni/nix-sync/internal_module.nix (renamed from modules/nixos/vhack/nix-sync/module.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/ni/nix-sync/module.nix (renamed from modules/nixos/vhack/nix-sync/default.nix) | 2 | ||||
| -rw-r--r-- | modules/by-name/op/openssh/module.nix (renamed from modules/nixos/vhack/openssh/default.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/pe/peertube/module.nix (renamed from modules/nixos/vhack/peertube/default.nix) | 0 | ||||
| -rw-r--r-- | modules/by-name/pe/peertube/secrets/general.age (renamed from modules/nixos/vhack/peertube/secrets/general.age) | 0 | ||||
| -rw-r--r-- | modules/by-name/pe/peertube/secrets/smtp.age (renamed from modules/nixos/vhack/peertube/secrets/smtp.age) | 0 | ||||
| -rw-r--r-- | modules/default.nix | 21 | ||||
| -rw-r--r-- | modules/nixos/default.nix | 5 | ||||
| -rw-r--r-- | modules/nixos/vhack/default.nix | 10 | ||||
| -rw-r--r-- | secrets.nix | 7 | ||||
| -rw-r--r-- | tests.nix | 28 | ||||
| -rw-r--r-- | tests/README.md | 2 | ||||
| -rw-r--r-- | tests/by-name/gi/git-server/ssh_keys.nix (renamed from tests/nixos/vhack/git-server/ssh_keys.nix) | 0 | ||||
| -rw-r--r-- | tests/by-name/gi/git-server/test.nix (renamed from tests/nixos/vhack/git-server/test.nix) | 17 | ||||
| -rw-r--r-- | tests/default.nix | 13 |
24 files changed, 74 insertions, 60 deletions
diff --git a/flake.lock b/flake.lock index a901d68..c85da85 100644 --- a/flake.lock +++ b/flake.lock @@ -170,6 +170,22 @@ "type": "github" } }, + "library": { + "locked": { + "lastModified": 1734626644, + "narHash": "sha256-p/RVC4Rp5AGN3qwlVoQJHkbEkvcilSr2lWfRgnlRXlQ=", + "ref": "prime", + "rev": "1021c1ffe1dd8dd75380dac618b93ff2cefd81f4", + "revCount": 1, + "type": "git", + "url": "https://git.vhack.eu/vhack.eu/nix-library" + }, + "original": { + "ref": "prime", + "type": "git", + "url": "https://git.vhack.eu/vhack.eu/nix-library" + } + }, "nixpkgs": { "locked": { "lastModified": 1734522913, @@ -257,6 +273,7 @@ "flake-compat": "flake-compat", "flake-utils": "flake-utils", "impermanence": "impermanence", + "library": "library", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "ragenix": "ragenix", diff --git a/flake.nix b/flake.nix index d9f02c2..ff3014f 100644 --- a/flake.nix +++ b/flake.nix @@ -5,6 +5,8 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11-small"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + library.url = "git+https://git.vhack.eu/vhack.eu/nix-library?ref=prime"; + # inputs for following systems = { url = "github:nix-systems/x86_64-linux"; # only evaluate for this system @@ -73,6 +75,7 @@ self, nixpkgs, nixpkgs-unstable, + library, # modules simple-nixos-mailserver, impermanence, @@ -90,7 +93,7 @@ specialArgs = attrs // { - inherit pkgsUnstable nixpkgs-unstable nixos-lib extraModules; + inherit pkgsUnstable nixpkgs-unstable nixos-lib extraModules nixLib; }; extraModules = [ @@ -100,8 +103,9 @@ agenix.nixosModules.default ]; - inherit (pkgs) lib; - tests = import ./tests.nix {inherit lib pkgs specialArgs;}; + tests = import ./tests {inherit pkgs specialArgs nixLib;}; + + inherit (library) nixLib; in { nixosConfigurations."server1" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; @@ -109,7 +113,7 @@ modules = extraModules ++ [ - ./modules/nixos + ./modules ./hosts/server1/configuration.nix ]; }; diff --git a/modules/nixos/vhack/etesync/default.nix b/modules/by-name/et/etesync/module.nix index 0f6c565..0f6c565 100644 --- a/modules/nixos/vhack/etesync/default.nix +++ b/modules/by-name/et/etesync/module.nix diff --git a/modules/nixos/vhack/etesync/secret_file.age b/modules/by-name/et/etesync/secret_file.age index 8d8e3c2..8d8e3c2 100644 --- a/modules/nixos/vhack/etesync/secret_file.age +++ b/modules/by-name/et/etesync/secret_file.age diff --git a/modules/nixos/vhack/git-server/css.nix b/modules/by-name/gi/git-server/css.nix index 3d73ea0..3d73ea0 100644 --- a/modules/nixos/vhack/git-server/css.nix +++ b/modules/by-name/gi/git-server/css.nix diff --git a/modules/nixos/vhack/git-server/default.nix b/modules/by-name/gi/git-server/module.nix index a374f4c..a374f4c 100644 --- a/modules/nixos/vhack/git-server/default.nix +++ b/modules/by-name/gi/git-server/module.nix diff --git a/modules/nixos/vhack/nginx/default.nix b/modules/by-name/ng/nginx/module.nix index 6a82147..6a82147 100644 --- a/modules/nixos/vhack/nginx/default.nix +++ b/modules/by-name/ng/nginx/module.nix diff --git a/modules/nixos/vhack/nginx/redirects.nix b/modules/by-name/ng/nginx/redirects.nix index a021e72..a021e72 100644 --- a/modules/nixos/vhack/nginx/redirects.nix +++ b/modules/by-name/ng/nginx/redirects.nix diff --git a/modules/nixos/vhack/nix-sync/hosts.nix b/modules/by-name/ni/nix-sync/hosts.nix index 98dbbf1..98dbbf1 100644 --- a/modules/nixos/vhack/nix-sync/hosts.nix +++ b/modules/by-name/ni/nix-sync/hosts.nix diff --git a/modules/nixos/vhack/nix-sync/module.nix b/modules/by-name/ni/nix-sync/internal_module.nix index a3ab0af..a3ab0af 100644 --- a/modules/nixos/vhack/nix-sync/module.nix +++ b/modules/by-name/ni/nix-sync/internal_module.nix diff --git a/modules/nixos/vhack/nix-sync/default.nix b/modules/by-name/ni/nix-sync/module.nix index a624e0e..0a92888 100644 --- a/modules/nixos/vhack/nix-sync/default.nix +++ b/modules/by-name/ni/nix-sync/module.nix @@ -40,7 +40,7 @@ domains = import ./hosts.nix {}; in { imports = [ - ./module.nix + ./internal_module.nix ]; options.vhack.nix-sync = { diff --git a/modules/nixos/vhack/openssh/default.nix b/modules/by-name/op/openssh/module.nix index 30d16a6..30d16a6 100644 --- a/modules/nixos/vhack/openssh/default.nix +++ b/modules/by-name/op/openssh/module.nix diff --git a/modules/nixos/vhack/peertube/default.nix b/modules/by-name/pe/peertube/module.nix index 29d1d07..29d1d07 100644 --- a/modules/nixos/vhack/peertube/default.nix +++ b/modules/by-name/pe/peertube/module.nix diff --git a/modules/nixos/vhack/peertube/secrets/general.age b/modules/by-name/pe/peertube/secrets/general.age index 854ab1a..854ab1a 100644 --- a/modules/nixos/vhack/peertube/secrets/general.age +++ b/modules/by-name/pe/peertube/secrets/general.age diff --git a/modules/nixos/vhack/peertube/secrets/smtp.age b/modules/by-name/pe/peertube/secrets/smtp.age index 1979ea7..1979ea7 100644 --- a/modules/nixos/vhack/peertube/secrets/smtp.age +++ b/modules/by-name/pe/peertube/secrets/smtp.age diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..61d259d --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,21 @@ +{nixLib, ...}: let + files = + builtins.attrValues + (nixLib.mkByName { + baseDirectory = ./by-name; + fileName = "module.nix"; + + # We only want the base paths. + finalizeFunction = name: value: value; + + # TODO: Re-activate, when/if most modules have tests. <2024-11-23> + # coImportsNameFunction = { + # shard, + # name, + # }: + # ../tests/by-name + "/${shard}" + "/${name}" + "/test.nix"; + # coImportsWarnMessageObject = "test"; + }); +in { + imports = files; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix deleted file mode 100644 index fa21596..0000000 --- a/modules/nixos/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: { - imports = [ - ./vhack - ]; -} diff --git a/modules/nixos/vhack/default.nix b/modules/nixos/vhack/default.nix deleted file mode 100644 index bed22af..0000000 --- a/modules/nixos/vhack/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{...}: { - imports = [ - ./etesync - ./git-server - ./nginx - ./nix-sync - ./openssh - ./peertube - ]; -} diff --git a/secrets.nix b/secrets.nix index 3f22872..bd5630e 100644 --- a/secrets.nix +++ b/secrets.nix @@ -10,9 +10,10 @@ let server1 ]; in { - "./modules/nixos/vhack/etesync/secret_file.age".publicKeys = allSecrets; - "./modules/nixos/vhack/peertube/secrets/general.age".publicKeys = allSecrets; - "./modules/nixos/vhack/peertube/secrets/smtp.age".publicKeys = allSecrets; + "./modules/by-name/et/etesync/secret_file.age".publicKeys = allSecrets; + "./modules/by-name/pe/peertube/secrets/general.age".publicKeys = allSecrets; + "./modules/by-name/pe/peertube/secrets/smtp.age".publicKeys = allSecrets; + "./system/secrets/backup/backuppass.age".publicKeys = allSecrets; "./system/secrets/backup/backupssh.age".publicKeys = allSecrets; "./system/secrets/invidious/hmac.age".publicKeys = allSecrets; diff --git a/tests.nix b/tests.nix deleted file mode 100644 index d91a9c9..0000000 --- a/tests.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - pkgs, - lib, - specialArgs, -}: let - # for `nix eval --file` (as it does not support args) use: - # ``` - # specialArgs = {}; - # pkgs = (builtins.getFlake "nixpkgs").legacyPackages."x86_64-linux"; - # inherit (pkgs) lib; - # ``` - # instead of the function arguments above. - importTests' = test: let - basename = builtins.baseNameOf test; - testName = builtins.baseNameOf (lib.strings.removeSuffix "/${basename}" "${builtins.toString test}"); - in { - name = "${testName}"; - value = pkgs.callPackage test specialArgs; - }; - - importTests = dir: - builtins.listToAttrs (builtins.map importTests' ( - lib.fileset.toList (lib.fileset.fileFilter (file: file.name == "test.nix") dir) - )); - - tests = importTests ./tests; -in - tests diff --git a/tests/README.md b/tests/README.md index 2613f4a..0ff5738 100644 --- a/tests/README.md +++ b/tests/README.md @@ -3,4 +3,4 @@ This directory tree mirrors the modules defined in the [modules](`../modules/`) directory. Each module should have at least one test in the mirrored directory, effectively replacing the module's -`default.nix` file. +`module.nix` file. diff --git a/tests/nixos/vhack/git-server/ssh_keys.nix b/tests/by-name/gi/git-server/ssh_keys.nix index 07f0b88..07f0b88 100644 --- a/tests/nixos/vhack/git-server/ssh_keys.nix +++ b/tests/by-name/gi/git-server/ssh_keys.nix diff --git a/tests/nixos/vhack/git-server/test.nix b/tests/by-name/gi/git-server/test.nix index 6d5edda..0cf3ee8 100644 --- a/tests/nixos/vhack/git-server/test.nix +++ b/tests/by-name/gi/git-server/test.nix @@ -4,6 +4,7 @@ nixpkgs-unstable, pkgs, extraModules, + nixLib, ... }: let sshKeys = @@ -47,7 +48,7 @@ in name = "git-server"; node = { - specialArgs = {inherit pkgsUnstable nixpkgs-unstable;}; + specialArgs = {inherit pkgsUnstable nixpkgs-unstable nixLib;}; # Use the nixpkgs as constructed by the `nixpkgs.*` options pkgs = null; @@ -58,7 +59,7 @@ in imports = extraModules ++ [ - ../../../../modules/nixos + ../../../../modules ]; system.activationScripts = { @@ -234,11 +235,11 @@ in # He can't see the readme (FIXME: find out why this does not work. <2024-08-13> ) # with subtest("Bob can see alice's README"): # client.succeed("sudo -u bob ${pkgs.writeShellScript "bob-alice-readme" '' - # set -xe - # - # curl --insecure --silent --fail --show-error 'https://server/alice/alice-project/about' > readme.html - # cat readme.html - # diff --side-by-side ${expectedHtmlReadme} readme.html - # ''}") + # set -xe + # + # curl --insecure --silent --fail --show-error 'https://server/alice/alice-project/about' > readme.html + # cat readme.html + # diff --side-by-side ${expectedHtmlReadme} readme.html + # ''}") ''; } diff --git a/tests/default.nix b/tests/default.nix new file mode 100644 index 0000000..d9b354a --- /dev/null +++ b/tests/default.nix @@ -0,0 +1,13 @@ +{ + specialArgs, + nixLib, + pkgs, +}: let + tests = nixLib.mkByName { + baseDirectory = ./by-name; + fileName = "test.nix"; + finalizeFunction = name: value: + import value (nixLib.warnMerge specialArgs {inherit pkgs;} "the test args set"); + }; +in + tests |