yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'docs: fixes in quickstart and secrets-management' (#303) from DavHau-dave into main

Browse Source
This commit is contained in:
clan-bot
2023-09-19 13:15:48 +00:00
parent 175119b72c c11f73c4d0
commit 07d5b2bf1c
11 changed files with 20 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/quickstart.md
View File

@@ -43,6 +43,7 @@ Absolutely, let's break down the migration step by step, explaining each action
```nix ```nix
inputs.clan-core = { inputs.clan-core = {
url = "git+https://git.clan.lol/clan/clan-core"; url = "git+https://git.clan.lol/clan/clan-core";
# Don't do this if your machines are on nixpkgs stable.
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
``` ```
@@ -75,7 +76,8 @@ Absolutely, let's break down the migration step by step, explaining each action
```nix ```nix
nixosConfigurations = clan-core.lib.buildClan { nixosConfigurations = clan-core.lib.buildClan {
directory = ./.; # this needs to point at the repository root
directory = self;
specialArgs = {}; specialArgs = {};
machines = { machines = {
example-desktop = { example-desktop = {

2
docs/secrets-management.md
View File

@@ -86,7 +86,7 @@ $ clan secrets machines list
For existing machines, add their keys: For existing machines, add their keys:
```console ```console
$ clan secrets machine add <machine_name> <age_key> $ clan secrets machines add <machine_name> <age_key>
``` ```
To fetch an age key from an SSH host key: To fetch an age key from an SSH host key:

2
flake.nix
View File

@@ -31,8 +31,6 @@
./formatter.nix ./formatter.nix
./templates/flake-module.nix ./templates/flake-module.nix
./flakeModules/clan-config.nix
./pkgs/flake-module.nix ./pkgs/flake-module.nix
./lib/flake-module.nix ./lib/flake-module.nix

42
flakeModules/clan-config.nix
View File

@@ -1,42 +0,0 @@
{ ... } @ clanCore: {
flake.flakeModules.clan-config = { self, inputs, ... }:
let
# take the default nixos configuration
options = self.nixosConfigurations.default.options;
# this is actually system independent as it uses toFile
docs = inputs.nixpkgs.legacyPackages.x86_64-linux.nixosOptionsDoc {
inherit options;
};
optionsJSONFile = docs.optionsJSON.options;
warnIfNoDefaultConfig = return:
if ! self ? nixosConfigurations.default
then
builtins.trace
"WARNING: .#nixosConfigurations.default could not be found. Please define it."
return
else return;
in
{
flake.clanOptions = warnIfNoDefaultConfig optionsJSONFile;
flake.clanSettings = self + /clan-settings.json;
perSystem = { pkgs, ... }: {
devShells.clan-config = pkgs.mkShell {
packages = [
clanCore.config.flake.packages.${pkgs.system}.clan-cli
];
shellHook = ''
export CLAN_OPTIONS_FILE=$(nix eval --raw .#clanOptions)
export XDG_DATA_DIRS="${clanCore.config.flake.packages.${pkgs.system}.clan-cli}/share''${XDG_DATA_DIRS:+:$XDG_DATA_DIRS}"
export fish_complete_path="${clanCore.config.flake.packages.${pkgs.system}.clan-cli}/share/fish/vendor_completions.d''${fish_complete_path:+:$fish_complete_path}"
'';
};
};
};
}

3
nixosModules/clanCore/secrets/default.nix
View File

@@ -62,7 +62,8 @@
default = "machines/${config.clanCore.machineName}/facts/${fact.config._module.args.name}"; default = "machines/${config.clanCore.machineName}/facts/${fact.config._module.args.name}";
}; };
value = lib.mkOption { value = lib.mkOption {
default = builtins.readFile "${config.clanCore.clanDir}/fact.config.path"; defaultText = lib.literalExpression "\${config.clanCore.clanDir}/\${fact.config.path}";
default = builtins.readFile "${config.clanCore.clanDir}/${fact.config.path}";
}; };
}; };
})); }));

7
pkgs/clan-cli/clan_cli/__init__.py
View File

@@ -1,5 +1,4 @@
import argparse import argparse
import os
import sys import sys
from types import ModuleType from types import ModuleType
from typing import Optional from typing import Optional
@@ -22,10 +21,8 @@ def create_parser(prog: Optional[str] = None) -> argparse.ArgumentParser:
parser_create = subparsers.add_parser("create", help="create a clan flake") parser_create = subparsers.add_parser("create", help="create a clan flake")
create.register_parser(parser_create) create.register_parser(parser_create)
# DISABLED: this currently crashes if a flake does not define .#clanOptions parser_config = subparsers.add_parser("config", help="set nixos configuration")
if os.environ.get("CLAN_OPTIONS_FILE") is not None: config.register_parser(parser_config)
parser_config = subparsers.add_parser("config", help="set nixos configuration")
config.register_parser(parser_config)
parser_ssh = subparsers.add_parser("ssh", help="ssh to a remote machine") parser_ssh = subparsers.add_parser("ssh", help="ssh to a remote machine")
ssh_cli.register_parser(parser_ssh) ssh_cli.register_parser(parser_ssh)

8
pkgs/clan-cli/clan_cli/config/__init__.py
View File

@@ -9,6 +9,7 @@ from typing import Any, Optional, Type
from clan_cli.dirs import get_clan_flake_toplevel from clan_cli.dirs import get_clan_flake_toplevel
from clan_cli.errors import ClanError from clan_cli.errors import ClanError
from clan_cli.machines.folders import machine_settings_file
from clan_cli.nix import nix_eval from clan_cli.nix import nix_eval
script_dir = Path(__file__).parent script_dir = Path(__file__).parent
@@ -166,7 +167,6 @@ def get_or_set_option(args: argparse.Namespace) -> None:
print(read_machine_option_value(args.machine, args.option)) print(read_machine_option_value(args.machine, args.option))
else: else:
# load options # load options
print(args.options_file)
if args.options_file is None: if args.options_file is None:
options = options_for_machine(machine_name=args.machine) options = options_for_machine(machine_name=args.machine)
else: else:
@@ -174,8 +174,8 @@ def get_or_set_option(args: argparse.Namespace) -> None:
options = json.load(f) options = json.load(f)
# compute settings json file location # compute settings json file location
if args.settings_file is None: if args.settings_file is None:
flake = get_clan_flake_toplevel() get_clan_flake_toplevel()
settings_file = flake / "machines" / f"{args.machine}.json" settings_file = machine_settings_file(args.machine)
else: else:
settings_file = args.settings_file settings_file = args.settings_file
# set the option with the given value # set the option with the given value
@@ -286,7 +286,7 @@ def register_parser(
# add single positional argument for the option (e.g. "foo.bar") # add single positional argument for the option (e.g. "foo.bar")
parser.add_argument( parser.add_argument(
"option", "option",
help="Option to configure", help="Option to read or set",
type=str, type=str,
) )

4
pkgs/clan-cli/clan_cli/config/machine.py
View File

@@ -12,7 +12,7 @@ from clan_cli.nix import nix_eval
def config_for_machine(machine_name: str) -> dict: def config_for_machine(machine_name: str) -> dict:
# read the config from a json file located at {flake}/machines/{machine_name}.json # read the config from a json file located at {flake}/machines/{machine_name}/settings.json
if not machine_folder(machine_name).exists(): if not machine_folder(machine_name).exists():
raise HTTPException( raise HTTPException(
status_code=404, status_code=404,
@@ -26,7 +26,7 @@ def config_for_machine(machine_name: str) -> dict:
def set_config_for_machine(machine_name: str, config: dict) -> None: def set_config_for_machine(machine_name: str, config: dict) -> None:
# write the config to a json file located at {flake}/machines/{machine_name}.json # write the config to a json file located at {flake}/machines/{machine_name}/settings.json
if not machine_folder(machine_name).exists(): if not machine_folder(machine_name).exists():
raise HTTPException( raise HTTPException(
status_code=404, status_code=404,

14
pkgs/clan-cli/default.nix
View File

@@ -22,9 +22,6 @@
, ui-assets , ui-assets
}: }:
let let
# This provides dummy options for testing clan config and prevents it from
# evaluating the flake .#
CLAN_OPTIONS_FILE = ./clan_cli/config/jsonschema/options.json;
dependencies = [ dependencies = [
argcomplete # optional dependency: if not enabled, shell completion will not work argcomplete # optional dependency: if not enabled, shell completion will not work
@@ -54,9 +51,9 @@ let
''; '';
nixpkgs = runCommand "nixpkgs" { nativeBuildInputs = [ pkgs.nix ]; } '' nixpkgs = runCommand "nixpkgs" { nativeBuildInputs = [ pkgs.nix ]; } ''
mkdir $out mkdir $out
mkdir -p $out/unfree mkdir -p $out/unfree
cat > $out/unfree/default.nix <<EOF cat > $out/unfree/default.nix <<EOF
import "${pkgs.path}" { config = { allowUnfree = true; overlays = []; }; } import "${pkgs.path}" { config = { allowUnfree = true; overlays = []; }; }
EOF EOF
cat > $out/flake.nix << EOF cat > $out/flake.nix << EOF
{ {
@@ -81,8 +78,6 @@ python3.pkgs.buildPythonPackage {
src = source; src = source;
format = "pyproject"; format = "pyproject";
inherit CLAN_OPTIONS_FILE;
nativeBuildInputs = [ nativeBuildInputs = [
setuptools setuptools
installShellFiles installShellFiles
@@ -93,12 +88,11 @@ python3.pkgs.buildPythonPackage {
{ {
nativeBuildInputs = [ age zerotierone bubblewrap sops nix openssh rsync stdenv.cc ]; nativeBuildInputs = [ age zerotierone bubblewrap sops nix openssh rsync stdenv.cc ];
} '' } ''
export CLAN_OPTIONS_FILE="${CLAN_OPTIONS_FILE}"
cp -r ${source} ./src cp -r ${source} ./src
chmod +w -R ./src chmod +w -R ./src
cd ./src cd ./src
export NIX_STATE_DIR=$TMPDIR/nix IN_NIX_SANDBOX=1 export NIX_STATE_DIR=$TMPDIR/nix IN_NIX_SANDBOX=1
${checkPython}/bin/python -m pytest -m "not impure" -s ./tests ${checkPython}/bin/python -m pytest -m "not impure" -s ./tests
touch $out touch $out
''; '';

3
pkgs/clan-cli/shell.nix
View File

@@ -20,9 +20,6 @@ mkShell {
pythonWithDeps pythonWithDeps
]; ];
# sets up an editable install and add enty points to $PATH # sets up an editable install and add enty points to $PATH
# This provides dummy options for testing clan config and prevents it from
# evaluating the flake .#
CLAN_OPTIONS_FILE = ./clan_cli/config/jsonschema/options.json;
PYTHONPATH = "${pythonWithDeps}/${pythonWithDeps.sitePackages}"; PYTHONPATH = "${pythonWithDeps}/${pythonWithDeps.sitePackages}";
PYTHONBREAKPOINT = "ipdb.set_trace"; PYTHONBREAKPOINT = "ipdb.set_trace";

4
pkgs/clan-cli/tests/test_flake/flake.nix
View File

@@ -6,8 +6,8 @@
nixosConfigurations.machine1 = inputs.nixpkgs.lib.nixosSystem { nixosConfigurations.machine1 = inputs.nixpkgs.lib.nixosSystem {
modules = [ modules = [
./nixosModules/machine1.nix ./nixosModules/machine1.nix
(if builtins.pathExists ./machines/machine1.json (if builtins.pathExists ./machines/machine1/settings.json
then builtins.fromJSON (builtins.readFile ./machines/machine1.json) then builtins.fromJSON (builtins.readFile ./machines/machine1/settings.json)
else { }) else { })
{ {
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";