Merge pull request 'docs: fixes in quickstart and secrets-management' (#303) from DavHau-dave into main

docs/quickstart.md

@@ -43,6 +43,7 @@ Absolutely, let's break down the migration step by step, explaining each action
    ```nix
    inputs.clan-core = {
      url = "git+https://git.clan.lol/clan/clan-core";
+     # Don't do this if your machines are on nixpkgs stable.
      inputs.nixpkgs.follows = "nixpkgs";
    };
    ```
@@ -75,7 +76,8 @@ Absolutely, let's break down the migration step by step, explaining each action
 
    ```nix
    nixosConfigurations = clan-core.lib.buildClan {
-       directory = ./.;
+       # this needs to point at the repository root
+       directory = self;
        specialArgs = {};
        machines = {
            example-desktop = {

docs/secrets-management.md

@@ -86,7 +86,7 @@ $ clan secrets machines list
 For existing machines, add their keys:
 
 ```console
-$ clan secrets machine add <machine_name> <age_key>
+$ clan secrets machines add <machine_name> <age_key>
 ```
 
 To fetch an age key from an SSH host key:

flake.nix

@@ -31,8 +31,6 @@
         ./formatter.nix
         ./templates/flake-module.nix
 
-        ./flakeModules/clan-config.nix
-
         ./pkgs/flake-module.nix
 
         ./lib/flake-module.nix

flakeModules/clan-config.nix

@@ -1,42 +0,0 @@
-{ ... } @ clanCore: {
-  flake.flakeModules.clan-config = { self, inputs, ... }:
-    let
-
-      # take the default nixos configuration
-      options = self.nixosConfigurations.default.options;
-
-      # this is actually system independent as it uses toFile
-      docs = inputs.nixpkgs.legacyPackages.x86_64-linux.nixosOptionsDoc {
-        inherit options;
-      };
-
-      optionsJSONFile = docs.optionsJSON.options;
-
-      warnIfNoDefaultConfig = return:
-        if ! self ? nixosConfigurations.default
-        then
-          builtins.trace
-            "WARNING: .#nixosConfigurations.default could not be found. Please define it."
-            return
-        else return;
-
-    in
-    {
-      flake.clanOptions = warnIfNoDefaultConfig optionsJSONFile;
-
-      flake.clanSettings = self + /clan-settings.json;
-
-      perSystem = { pkgs, ... }: {
-        devShells.clan-config = pkgs.mkShell {
-          packages = [
-            clanCore.config.flake.packages.${pkgs.system}.clan-cli
-          ];
-          shellHook = ''
-            export CLAN_OPTIONS_FILE=$(nix eval --raw .#clanOptions)
-            export XDG_DATA_DIRS="${clanCore.config.flake.packages.${pkgs.system}.clan-cli}/share''${XDG_DATA_DIRS:+:$XDG_DATA_DIRS}"
-            export fish_complete_path="${clanCore.config.flake.packages.${pkgs.system}.clan-cli}/share/fish/vendor_completions.d''${fish_complete_path:+:$fish_complete_path}"
-          '';
-        };
-      };
-    };
-}

nixosModules/clanCore/secrets/default.nix

@@ -62,7 +62,8 @@
                   default = "machines/${config.clanCore.machineName}/facts/${fact.config._module.args.name}";
                 };
                 value = lib.mkOption {
-                  default = builtins.readFile "${config.clanCore.clanDir}/fact.config.path";
+                  defaultText = lib.literalExpression "\${config.clanCore.clanDir}/\${fact.config.path}";
+                  default = builtins.readFile "${config.clanCore.clanDir}/${fact.config.path}";
                 };
               };
             }));

pkgs/clan-cli/clan_cli/__init__.py

@@ -1,5 +1,4 @@
 import argparse
-import os
 import sys
 from types import ModuleType
 from typing import Optional
@@ -22,8 +21,6 @@ def create_parser(prog: Optional[str] = None) -> argparse.ArgumentParser:
     parser_create = subparsers.add_parser("create", help="create a clan flake")
     create.register_parser(parser_create)
 
-    # DISABLED: this currently crashes if a flake does not define .#clanOptions
-    if os.environ.get("CLAN_OPTIONS_FILE") is not None:
     parser_config = subparsers.add_parser("config", help="set nixos configuration")
     config.register_parser(parser_config)
 

pkgs/clan-cli/clan_cli/config/__init__.py

@@ -9,6 +9,7 @@ from typing import Any, Optional, Type
 
 from clan_cli.dirs import get_clan_flake_toplevel
 from clan_cli.errors import ClanError
+from clan_cli.machines.folders import machine_settings_file
 from clan_cli.nix import nix_eval
 
 script_dir = Path(__file__).parent
@@ -166,7 +167,6 @@ def get_or_set_option(args: argparse.Namespace) -> None:
         print(read_machine_option_value(args.machine, args.option))
     else:
         # load options
-        print(args.options_file)
         if args.options_file is None:
             options = options_for_machine(machine_name=args.machine)
         else:
@@ -174,8 +174,8 @@ def get_or_set_option(args: argparse.Namespace) -> None:
                 options = json.load(f)
         # compute settings json file location
         if args.settings_file is None:
-            flake = get_clan_flake_toplevel()
-            settings_file = flake / "machines" / f"{args.machine}.json"
+            get_clan_flake_toplevel()
+            settings_file = machine_settings_file(args.machine)
         else:
             settings_file = args.settings_file
         # set the option with the given value
@@ -286,7 +286,7 @@ def register_parser(
     # add single positional argument for the option (e.g. "foo.bar")
     parser.add_argument(
         "option",
-        help="Option to configure",
+        help="Option to read or set",
         type=str,
     )
 

pkgs/clan-cli/clan_cli/config/machine.py

@@ -12,7 +12,7 @@ from clan_cli.nix import nix_eval
 
 
 def config_for_machine(machine_name: str) -> dict:
-    # read the config from a json file located at {flake}/machines/{machine_name}.json
+    # read the config from a json file located at {flake}/machines/{machine_name}/settings.json
     if not machine_folder(machine_name).exists():
         raise HTTPException(
             status_code=404,
@@ -26,7 +26,7 @@ def config_for_machine(machine_name: str) -> dict:
 
 
 def set_config_for_machine(machine_name: str, config: dict) -> None:
-    # write the config to a json file located at {flake}/machines/{machine_name}.json
+    # write the config to a json file located at {flake}/machines/{machine_name}/settings.json
     if not machine_folder(machine_name).exists():
         raise HTTPException(
             status_code=404,

pkgs/clan-cli/default.nix

@@ -22,9 +22,6 @@
 , ui-assets
 }:
 let
-  # This provides dummy options for testing clan config and prevents it from
-  # evaluating the flake .#
-  CLAN_OPTIONS_FILE = ./clan_cli/config/jsonschema/options.json;
 
   dependencies = [
     argcomplete # optional dependency: if not enabled, shell completion will not work
@@ -81,8 +78,6 @@ python3.pkgs.buildPythonPackage {
   src = source;
   format = "pyproject";
 
-  inherit CLAN_OPTIONS_FILE;
-
   nativeBuildInputs = [
     setuptools
     installShellFiles
@@ -93,7 +88,6 @@ python3.pkgs.buildPythonPackage {
     {
       nativeBuildInputs = [ age zerotierone bubblewrap sops nix openssh rsync stdenv.cc ];
     } ''
-    export CLAN_OPTIONS_FILE="${CLAN_OPTIONS_FILE}"
     cp -r ${source} ./src
     chmod +w -R ./src
     cd ./src

pkgs/clan-cli/shell.nix

@@ -20,9 +20,6 @@ mkShell {
     pythonWithDeps
   ];
   # sets up an editable install and add enty points to $PATH
-  # This provides dummy options for testing clan config and prevents it from
-  # evaluating the flake .#
-  CLAN_OPTIONS_FILE = ./clan_cli/config/jsonschema/options.json;
   PYTHONPATH = "${pythonWithDeps}/${pythonWithDeps.sitePackages}";
   PYTHONBREAKPOINT = "ipdb.set_trace";
 

pkgs/clan-cli/tests/test_flake/flake.nix

@@ -6,8 +6,8 @@
     nixosConfigurations.machine1 = inputs.nixpkgs.lib.nixosSystem {
       modules = [
         ./nixosModules/machine1.nix
-        (if builtins.pathExists ./machines/machine1.json
-        then builtins.fromJSON (builtins.readFile ./machines/machine1.json)
+        (if builtins.pathExists ./machines/machine1/settings.json
+        then builtins.fromJSON (builtins.readFile ./machines/machine1/settings.json)
         else { })
         {
           nixpkgs.hostPlatform = "x86_64-linux";