Inventory: refactor build-inventory in more independent parts

2025-02-03 08:34:21 +01:00
parent 871326fb91
commit 316e33f54a
2 changed files with 159 additions and 145 deletions
--- a/lib/build-clan/module.nix
+++ b/lib/build-clan/module.nix
@@ -76,7 +76,7 @@ let
          (machines.${name} or { })
          # Inherit the inventory assertions ?
          # { inherit (mergedInventory) assertions; }
-          { imports = serviceConfigs.${name} or [ ]; }
+          { imports = serviceConfigs.machines.${name}.machineImports or []; }
          (
            {
              # Settings
--- a/lib/inventory/build-inventory/default.nix
+++ b/lib/inventory/build-inventory/default.nix
@@ -42,175 +42,189 @@ let
    builtins.elem "inventory"
      (clan-core.lib.modules.getFrontmatter modulepath serviceName).features or [ ];
-  extendMachine =
+  compileMachine =
-    { machineConfig, inventory }:
+    { machineConfig }:
-    [
+    {
-      (lib.optionalAttrs (machineConfig.deploy.targetHost or null != null) {
+      machineImports = [
-        config.clan.core.networking.targetHost = machineConfig.deploy.targetHost;
+        (lib.optionalAttrs (machineConfig.deploy.targetHost or null != null) {
-      })
+          config.clan.core.networking.targetHost = machineConfig.deploy.targetHost;
-      {
+        })
-        assertions = lib.foldlAttrs (
+      ];
-          acc: serviceName: _serviceConfigs:
+      assertions = { };
-          acc
+    };
          ++ [
            {
              assertion = checkService inventory.modules.${serviceName} serviceName;
              message = ''
                Service ${serviceName} cannot be used in inventory. It does not declare the 'inventory' feature.
-
+  compileServicesForMachine =
                To allow it add the following to the beginning of the README.md of the module:
                  ---
                  ...
                  features = [ "inventory" ]
                  ---
                Also make sure to test the module with the 'inventory' feature enabled.
              '';
            }
          ]
        ) [ ] inventory.services;
      }
    ];
  mapMachineConfigToNixOSConfig =
    # Returns a NixOS configuration for the machine 'machineName'.
    # Return Format: { imports = [ ... ]; config = { ... }; options = { ... } }
    {
      machineName,
      machineConfig,
      inventory,
      directory,
    }:
-    lib.foldlAttrs (
+    let
-      # [ Modules ], String, { ${instance_name} :: ServiceConfig }
+      compileServiceModules = serviceName: serviceConfigs: {
-      initialServiceModules: serviceName: serviceConfigs:
+        # TODO: Add other attributes
-      initialServiceModules
+        machineImports = (
-      # Collect service config
+          lib.foldlAttrs (
-      ++ (lib.foldlAttrs (
+            # [ Modules ], String, ServiceConfig
-        # [ Modules ], String, ServiceConfig
+            acc2: instanceName: serviceConfig:
        acc2: instanceName: serviceConfig:
-        let
+            let
-          roles = clan-core.lib.modules.getRoles inventory.modules serviceName;
+              roles = clan-core.lib.modules.getRoles inventory.modules serviceName;
-          resolvedRoles = lib.genAttrs roles (
+              resolvedRoles = lib.genAttrs roles (
-            roleName:
+                roleName:
-            resolveTags {
+                resolveTags {
-              members = serviceConfig.roles.${roleName} or { };
+                  members = serviceConfig.roles.${roleName} or { };
-              inherit
+                  inherit
-                serviceName
+                    serviceName
-                instanceName
+                    instanceName
-                roleName
+                    roleName
-                inventory
+                    inventory
-                ;
+                    ;
-            }
+                }
-          );
+              );
-          isInService = builtins.any (members: builtins.elem machineName members.machines) (
+              isInService = builtins.any (members: builtins.elem machineName members.machines) (
-            builtins.attrValues resolvedRoles
+                builtins.attrValues resolvedRoles
-          );
+              );
-          # all roles where the machine is present
+              # all roles where the machine is present
-          machineRoles = builtins.attrNames (
+              machineRoles = builtins.attrNames (
-            lib.filterAttrs (_role: roleConfig: builtins.elem machineName roleConfig.machines) resolvedRoles
+                lib.filterAttrs (_role: roleConfig: builtins.elem machineName roleConfig.machines) resolvedRoles
-          );
+              );
-          machineServiceConfig = (serviceConfig.machines.${machineName} or { }).config or { };
+              machineServiceConfig = (serviceConfig.machines.${machineName} or { }).config or { };
-          globalConfig = serviceConfig.config or { };
+              globalConfig = serviceConfig.config or { };
-          globalExtraModules = serviceConfig.extraModules or [ ];
+              globalExtraModules = serviceConfig.extraModules or [ ];
-          machineExtraModules = serviceConfig.machines.${machineName}.extraModules or [ ];
+              machineExtraModules = serviceConfig.machines.${machineName}.extraModules or [ ];
-          roleServiceExtraModules = builtins.foldl' (
+              roleServiceExtraModules = builtins.foldl' (
-            acc: role: acc ++ serviceConfig.roles.${role}.extraModules or [ ]
+                acc: role: acc ++ serviceConfig.roles.${role}.extraModules or [ ]
-          ) [ ] machineRoles;
+              ) [ ] machineRoles;
-          # TODO: maybe optimize this dont lookup the role in inverse roles. Imports are not lazy
+              # TODO: maybe optimize this dont lookup the role in inverse roles. Imports are not lazy
-          roleModules = builtins.map (
+              roleModules = builtins.map (
-            role:
+                role:
-            if builtins.elem role roles && inventory.modules ? ${serviceName} then
+                if builtins.elem role roles && inventory.modules ? ${serviceName} then
-              inventory.modules.${serviceName} + "/roles/${role}.nix"
+                  inventory.modules.${serviceName} + "/roles/${role}.nix"
-            else
+                else
-              throw "Module ${serviceName} doesn't have role: '${role}'. Role: ${
+                  throw "Module ${serviceName} doesn't have role: '${role}'. Role: ${
-                inventory.modules.${serviceName}
+                    inventory.modules.${serviceName}
-              }/roles/${role}.nix not found."
+                  }/roles/${role}.nix not found."
-          ) machineRoles;
+              ) machineRoles;
-          roleServiceConfigs = builtins.filter (m: m != { }) (
+              roleServiceConfigs = builtins.filter (m: m != { }) (
-            builtins.map (role: serviceConfig.roles.${role}.config or { }) machineRoles
+                builtins.map (role: serviceConfig.roles.${role}.config or { }) machineRoles
-          );
+              );
-          extraModules = map (s: if builtins.typeOf s == "string" then "${directory}/${s}" else s) (
+              extraModules = map (s: if builtins.typeOf s == "string" then "${directory}/${s}" else s) (
-            globalExtraModules ++ machineExtraModules ++ roleServiceExtraModules
+                globalExtraModules ++ machineExtraModules ++ roleServiceExtraModules
-          );
+              );
-          nonExistingRoles = builtins.filter (role: !(builtins.elem role roles)) (
+              nonExistingRoles = builtins.filter (role: !(builtins.elem role roles)) (
-            builtins.attrNames (serviceConfig.roles or { })
+                builtins.attrNames (serviceConfig.roles or { })
-          );
+              );
-          constraintAssertions = clan-core.lib.modules.checkConstraints {
+              constraintAssertions = clan-core.lib.modules.checkConstraints {
-            moduleName = serviceName;
+                moduleName = serviceName;
-            allModules = inventory.modules;
+                allModules = inventory.modules;
-            inherit resolvedRoles instanceName;
+                inherit resolvedRoles instanceName;
          };
        in
        if (nonExistingRoles != [ ]) then
          throw "Roles ${builtins.toString nonExistingRoles} are not defined in the service ${serviceName}."
        else if !(serviceConfig.enabled or true) then
          acc2
        else if isInService then
          acc2
          ++ [
            {
              imports = roleModules ++ extraModules;
              clan.inventory.assertions = constraintAssertions;
              clan.inventory.services.${serviceName}.${instanceName} = {
                roles = resolvedRoles;
                # TODO: Add inverseRoles to the service config if needed
                # inherit inverseRoles;
              };
-            }
+            in
-            (lib.optionalAttrs (globalConfig != { } || machineServiceConfig != { } || roleServiceConfigs != [ ])
+            if (nonExistingRoles != [ ]) then
-              {
+              throw "Roles ${builtins.toString nonExistingRoles} are not defined in the service ${serviceName}."
-                clan.${serviceName} = lib.mkMerge (
+            else if !(serviceConfig.enabled or true) then
-                  [
+              acc2
-                    globalConfig
+            else if isInService then
-                    machineServiceConfig
+              acc2
-                  ]
+              ++ [
-                  ++ roleServiceConfigs
+                {
-                );
+                  imports = roleModules ++ extraModules;
-              }
+
-            )
+                  clan.inventory.assertions = constraintAssertions;
-          ]
+                  clan.inventory.services.${serviceName}.${instanceName} = {
-        else
+                    roles = resolvedRoles;
-          acc2
+                    # TODO: Add inverseRoles to the service config if needed
-      ) [ ] (serviceConfigs))
+                    # inherit inverseRoles;
-    ) [ ] inventory.services
+                  };
-    # Global extension for each machine
+                }
-    ++ (extendMachine { inherit machineConfig inventory; });
+                (lib.optionalAttrs (globalConfig != { } || machineServiceConfig != { } || roleServiceConfigs != [ ])
                  {
                    clan.${serviceName} = lib.mkMerge (
                      [
                        globalConfig
                        machineServiceConfig
                      ]
                      ++ roleServiceConfigs
                    );
                  }
                )
              ]
            else
              acc2
          ) [ ] (serviceConfigs)
        );
        assertions = lib.mapAttrs' (name: value: {
          name = "checkservice.${serviceName}.${name}";
          value = {
            assertion = checkService inventory.modules.${serviceName} serviceName;
            message = ''
              Service ${serviceName} cannot be used in inventory. It does not declare the 'inventory' feature.
              To allow it add the following to the beginning of the README.md of the module:
                ---
                ...
                features = [ "inventory" ]
                ---
              Also make sure to test the module with the 'inventory' feature enabled.
            '';
          };
        }) inventory.services;
      };
    in
    lib.mapAttrs compileServiceModules inventory.services;
  /*
-    Returns a NixOS configuration for every machine in the inventory.
+    Returns a set with NixOS configuration for every machine in the inventory.
    machinesFromInventory :: Inventory -> { ${machine_name} :: NixOSConfiguration }
  */
  buildInventory =
    { inventory, directory }:
-    # For every machine in the inventory, build a NixOS configuration
+    {
-    # For each machine generate config, forEach service, if the machine is used.
+      machines = builtins.mapAttrs (
-    builtins.mapAttrs (
+        machineName: machineConfig:
-      machineName: machineConfig:
+        let
-      mapMachineConfigToNixOSConfig {
+          compiledServices = compileServicesForMachine {
-        inherit
+            inherit
-          machineName
+              machineName
-          machineConfig
+              inventory
-          inventory
+              directory
-          directory
+              ;
-          ;
+          };
-      }
+          compiledMachine = compileMachine {
-    ) (inventory.machines or { });
+            inherit
              machineConfig
              ;
          };
          machineImports =
            compiledMachine.machineImports
            ++ builtins.foldl' (acc: service: acc ++ service.machineImports) [ ] (
              builtins.attrValues compiledServices
            );
        in
        {
          inherit machineImports compiledServices compiledMachine;
        }
      ) (inventory.machines or { });
    };
 in
 {
  inherit buildInventory;