yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'Make machine ID a option' (#4013) from machine-id-option into main

Browse Source 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/4013
This commit is contained in:
pinpox
2025-06-24 12:13:22 +00:00
parent 5b933f0dfb 7fc8776742
commit 805ae8cbf5
15 changed files with 106 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
checks/clan-core-for-checks.nix
View File

@@ -1,6 +1,6 @@
{ fetchgit }: { fetchgit }:
fetchgit { fetchgit {
url = "https://git.clan.lol/clan/clan-core.git"; url = "https://git.clan.lol/clan/clan-core.git";
rev = "13a9b1719835ef4510e4adb6941ddfe9a91d41cb"; rev = "28131afbbcd379a8ff04c79c66c670ef655ed889";
sha256 = "sha256-M+pLnpuX+vIsxTFtbBZaNA1OwGQPeSbsMbTiDl1t4vY="; sha256 = "1294cwjlnc341fl6zbggn4rgq8z33gqkcyggjfvk9cf7zdgygrf6";
} }

1
checks/flake-module.nix
View File

@@ -9,6 +9,7 @@ in
{ {
imports = filter pathExists [ imports = filter pathExists [
./backups/flake-module.nix ./backups/flake-module.nix
../nixosModules/clanCore/machine-id/tests/flake-module.nix
./devshell/flake-module.nix ./devshell/flake-module.nix
./flash/flake-module.nix ./flash/flake-module.nix
./impure/flake-module.nix ./impure/flake-module.nix

1
clanModules/flake-module.nix
View File

@@ -23,7 +23,6 @@ in
iwd = ./iwd; iwd = ./iwd;
localbackup = ./localbackup; localbackup = ./localbackup;
localsend = ./localsend; localsend = ./localsend;
machine-id = ./machine-id;
matrix-synapse = ./matrix-synapse; matrix-synapse = ./matrix-synapse;
moonlight = ./moonlight; moonlight = ./moonlight;
mumble = ./mumble; mumble = ./mumble;

4
clanModules/machine-id/README.md
View File

@@ -1,4 +0,0 @@
---
description = "Sets the /etc/machine-id and exposes it as a nix option"
features = [ "inventory" ]
---

6
clanModules/machine-id/default.nix
View File

@@ -1,6 +0,0 @@
# Dont import this file
# It is only here for backwards compatibility.
# Dont author new modules with this file.
{
imports = [ ./roles/default.nix ];
}

45
clanModules/machine-id/roles/default.nix
View File

@@ -1,45 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
var = config.clan.core.vars.generators.machine-id.files.machineId or { };
in
{
config = lib.mkMerge [
(lib.mkIf ((var.value or null) != null) {
assertions = [
{
assertion = lib.stringLength var.value == 32;
message = "machineId must be exactly 32 characters long.";
}
];
boot.kernelParams = [
''systemd.machine_id=${var.value}''
];
environment.etc."machine-id" = {
text = var.value;
};
})
{
clan.core.vars.generators.machine-id = {
files.machineId.secret = false;
runtimeInputs = [
pkgs.coreutils
pkgs.bash
];
script = ''
uuid=$(bash ${./uuid4.sh})
# Remove the hyphens from the UUID
uuid_no_hyphens=$(echo -n "$uuid" | tr -d '-')
echo -n "$uuid_no_hyphens" > "$out/machineId"
'';
};
}
];
}

1
docs/mkdocs.yml
View File

@@ -116,7 +116,6 @@ nav:
- reference/clanModules/iwd.md - reference/clanModules/iwd.md
- reference/clanModules/localbackup.md - reference/clanModules/localbackup.md
- reference/clanModules/localsend.md - reference/clanModules/localsend.md
- reference/clanModules/machine-id.md
- reference/clanModules/matrix-synapse.md - reference/clanModules/matrix-synapse.md
- reference/clanModules/moonlight.md - reference/clanModules/moonlight.md
- reference/clanModules/mumble.md - reference/clanModules/mumble.md

2
lib/clanTest/flake-module.nix
View File

@@ -87,7 +87,7 @@ in
self.packages.${hostPkgs.system}.generate-test-vars self.packages.${hostPkgs.system}.generate-test-vars
}/bin/generate-test-vars"; }/bin/generate-test-vars";
relativeDir = removePrefix ("${self}/") (toString config.clan.directory); relativeDir = removePrefix "${self}/" (toString config.clan.directory);
update-vars = hostPkgs.writeShellScriptBin "update-vars" '' update-vars = hostPkgs.writeShellScriptBin "update-vars" ''
${update-vars-script} $PRJ_ROOT/${relativeDir} ${testName} ${update-vars-script} $PRJ_ROOT/${relativeDir} ${testName}

1
nixosModules/clanCore/default.nix
View File

@@ -3,6 +3,7 @@
imports = imports =
[ [
./backups.nix ./backups.nix
./machine-id
./defaults.nix ./defaults.nix
./facts ./facts
./inventory ./inventory

53
nixosModules/clanCore/machine-id/default.nix Normal file
View File

@@ -0,0 +1,53 @@
{
lib,
config,
pkgs,
...
}:
let
var = config.clan.core.vars.generators.machine-id.files.machineId or { };
in
{
options.clan.core.settings.machine-id = {
enable = lib.mkEnableOption ''
machine ID generation. Sets the /etc/machine-id and exposes it as a nix
option. This unique ID that is not dependent on ephemeral or
variable data, such as hostnames, MAC addresses or IP addresses.
See https://www.freedesktop.org/software/systemd/man/latest/machine-id.html for details.
'';
};
config = lib.mkIf (config.clan.core.settings.machine-id.enable) {
assertions = [
{
assertion = lib.stringLength var.value == 32;
message = "machine ID must be exactly 32 characters long.";
}
];
boot.kernelParams = [
''systemd.machine_id=${var.value}''
];
environment.etc."machine-id".text = var.value;
clan.core.vars.generators.machine-id = {
files.machineId.secret = false;
runtimeInputs = [
pkgs.coreutils
pkgs.bash
];
script = ''
uuid=$(bash ${./uuid4.sh})
# Remove the hyphens from the UUID
uuid_no_hyphens=$(echo -n "$uuid" | tr -d '-')
echo -n "$uuid_no_hyphens" > "$out/machineId"
'';
};
};
}

39
nixosModules/clanCore/machine-id/tests/flake-module.nix Normal file
View File

@@ -0,0 +1,39 @@
{ ... }:
{
perSystem =
{ ... }:
{
clan.nixosTests.machine-id = {
name = "machine-id";
clan = {
directory = ./.;
# Workaround until we can use nodes.server = { };
modules."@clan/importer" = ../../../../clanServices/importer;
inventory = {
machines.server = { };
instances.importer = {
module.name = "@clan/importer";
roles.default.tags.all = { };
roles.default.extraModules = [
{
# Test machine ID generation
clan.core.settings.machine-id.enable = true;
}
];
};
};
};
# TODO: Broken. Use instead of importer after fixing.
# nodes.server = { };
# This is not an actual vm test, this is a workaround to
# generate the needed vars for the eval test.
testScript = "";
};
};
}

4
nixosModules/clanCore/machine-id/tests/sops/users/admin/key.json Normal file
View File

@@ -0,0 +1,4 @@
{
"publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"type": "age"
}

1
nixosModules/clanCore/machine-id/tests/vars/per-machine/server/machine-id/machineId/value Normal file
View File

@@ -0,0 +1 @@
5e32b25aca76401c8e3cec57a0a006f1

0
clanModules/machine-id/roles/uuid4.sh → nixosModules/clanCore/machine-id/uuid4.sh
View File

4
pkgs/clan-cli/clan_lib/flake/flake.py
View File

@@ -786,6 +786,10 @@ class Flake:
if tmp_store := nix_test_store(): if tmp_store := nix_test_store():
nix_options.append("--impure") nix_options.append("--impure")
# build_output = Path(
# run(nix_build(["--expr", nix_code, *nix_options])).stdout.strip()
# )
build_output = Path( build_output = Path(
run( run(
nix_build(["--expr", nix_code, *nix_options]), RunOpts(log=Log.NONE) nix_build(["--expr", nix_code, *nix_options]), RunOpts(log=Log.NONE)