From f0c5a8c84a00bebe9ac14c2ad255abc6788ee1d3 Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Wed, 2 Jul 2025 11:57:30 +0200 Subject: [PATCH] templates: consistent templates, remove deprecated things --- .../clan_cli/tests/test_clan_nix_attrset.py | 2 +- templates/clan/classic/flake.nix | 80 ------------------ templates/clan/classic/machines/.gitkeep | 0 templates/clan/default/.gitignore | 2 + templates/clan/default/flake.nix | 82 +++++++++++-------- templates/clan/default/machines/.gitkeep | 0 .../clan/{classic => flake-parts}/.envrc | 0 templates/clan/flake-parts/.gitignore | 2 + templates/clan/flake-parts/flake.nix | 61 ++++++++++++++ templates/clan/minimal/.gitignore | 2 +- templates/clan/minimal/flake.nix | 15 ++-- templates/clan/new-clan/modules/shared.nix | 38 --------- templates/flake.nix | 10 +-- 13 files changed, 129 insertions(+), 165 deletions(-) delete mode 100644 templates/clan/classic/flake.nix delete mode 100644 templates/clan/classic/machines/.gitkeep create mode 100644 templates/clan/default/.gitignore delete mode 100644 templates/clan/default/machines/.gitkeep rename templates/clan/{classic => flake-parts}/.envrc (100%) create mode 100644 templates/clan/flake-parts/.gitignore create mode 100644 templates/clan/flake-parts/flake.nix delete mode 100644 templates/clan/new-clan/modules/shared.nix diff --git a/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py b/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py index 74030e868..dd2d1cd2a 100644 --- a/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py +++ b/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py @@ -93,7 +93,7 @@ def test_clan_core_templates( ] clan_core_template_keys = list(clan_core_templates.keys()) - expected_templates = ["classic", "default", "minimal"] + expected_templates = ["default", "minimal", "flake-parts"] assert clan_core_template_keys == expected_templates vlist_temps = list_templates("clan", clan_dir) diff --git a/templates/clan/classic/flake.nix b/templates/clan/classic/flake.nix deleted file mode 100644 index 6cdbfbe86..000000000 --- a/templates/clan/classic/flake.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - inputs.nixpkgs.follows = "clan-core/nixpkgs"; - - outputs = - { self, clan-core, ... }: - let - # Usage see: https://docs.clan.lol - clan = clan-core.clanLib.buildClan { - inherit self; - - # Ensure this is unique among all clans you want to use. - meta.name = "__CHANGE_ME__"; - - # Information about your machines. Machines under ./machines will be auto-imported. - inventory.machines = { - somemachine.tags = [ "desktop" ]; - somemachine.deploy.targetHost = "root@somemachine"; - }; - - # Clan services to use. See https://docs.clan.lol/reference/clanServices - inventory.instances = { - - admin = { - module = { - name = "admin"; - input = "clan"; - }; - roles.default.tags.all = { }; - }; - - zerotier = { - module = { - name = "zerotier"; - input = "clan"; - }; - roles.peer.tags.all = { }; - }; - }; - - # A mapping of machine names to their nixos configuration. Allows specifying - # additional configuration. - machines = { - somemachine = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ asciinema ]; - }; - }; - }; - in - { - - # Expose clan structures as flake outputs. clanInternals is needed for - # the clan-cli. Exposing nixosConfigurations allows using `nixos-rebuild` as before. - inherit (clan) - nixosConfigurations - nixosModules - clanInternals - darwinConfigurations - darwinModules - ; - - # Add the Clan cli tool to the dev shell. - # Use "nix develop" to enter the dev shell. - devShells = - clan-core.inputs.nixpkgs.lib.genAttrs - [ - "x86_64-linux" - "aarch64-linux" - "aarch64-darwin" - "x86_64-darwin" - ] - (system: { - default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell { - packages = [ clan-core.packages.${system}.clan-cli ]; - }; - }); - }; -} diff --git a/templates/clan/classic/machines/.gitkeep b/templates/clan/classic/machines/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/templates/clan/default/.gitignore b/templates/clan/default/.gitignore new file mode 100644 index 000000000..e6a12f0ea --- /dev/null +++ b/templates/clan/default/.gitignore @@ -0,0 +1,2 @@ +result* +.direnv/ diff --git a/templates/clan/default/flake.nix b/templates/clan/default/flake.nix index c7150275b..e29d08b2d 100644 --- a/templates/clan/default/flake.nix +++ b/templates/clan/default/flake.nix @@ -1,53 +1,42 @@ { inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; inputs.nixpkgs.follows = "clan-core/nixpkgs"; - inputs.flake-parts.follows = "clan-core/flake-parts"; - inputs.flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; outputs = - inputs@{ flake-parts, ... }: - flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ - "x86_64-linux" - "aarch64-linux" - "x86_64-darwin" - "aarch64-darwin" - ]; - imports = [ inputs.clan-core.flakeModules.default ]; - # https://docs.clan.lol/guides/getting-started/flake-parts/ - clan = { + { self, clan-core, ... }: + let + # Usage see: https://docs.clan.lol + clan = clan-core.clanLib.buildClan { + inherit self; # Ensure this is unique among all clans you want to use. meta.name = "__CHANGE_ME__"; - # Information about your machines. Machines under ./machines will be auto-imported. - inventory.machines = { - somemachine.tags = [ "desktop" ]; - somemachine.deploy.targetHost = "root@somemachine"; - }; - # Clan services to use. See https://docs.clan.lol/reference/clanServices inventory.instances = { - admin = { - module = { - name = "admin"; - input = "clan"; - }; roles.default.tags.all = { }; + roles.default.settings.allowedKeys = { + # Insert the public key of all your admin machines + # All these 'admin machines' will have ssh access to "tags.all" (all machines) + # Alternatively set 'users.users.root.openssh.authorizedKeys.keys' in each machine + "admin-machine-1" = "__YOUR_PUBLIC_KEY__"; + }; }; zerotier = { - module = { - name = "zerotier"; - input = "clan"; - }; + # Replace with the name of your machine that you will use as zerotier-controller + # See: https://docs.zerotier.com/controller/ + # Deploy this machine first to create the network secrets + roles.controller.machines."__YOUR_CONTROLLER__" = { }; + # Peers of the network + # tags.all means 'all machines' will joined roles.peer.tags.all = { }; }; }; - # A mapping of machine names to their nixos configuration. Allows specifying - # additional configuration. + # A mapping of machine names to their nixos configuration. + # Allows specifying additional nixos configuration. machines = { somemachine = { pkgs, ... }: @@ -56,10 +45,33 @@ }; }; }; - perSystem = - { pkgs, inputs', ... }: - { - devShells.default = pkgs.mkShell { packages = [ inputs'.clan-core.packages.clan-cli ]; }; - }; + in + { + + # Expose clan structures as flake outputs. clanInternals is needed for + # the clan-cli. Exposing nixosConfigurations allows using `nixos-rebuild` as before. + inherit (clan) + nixosConfigurations + nixosModules + clanInternals + darwinConfigurations + darwinModules + ; + + # Add the Clan cli tool to the dev shell. + # Use "nix develop" to enter the dev shell. + devShells = + clan-core.inputs.nixpkgs.lib.genAttrs + [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + "x86_64-darwin" + ] + (system: { + default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell { + packages = [ clan-core.packages.${system}.clan-cli ]; + }; + }); }; } diff --git a/templates/clan/default/machines/.gitkeep b/templates/clan/default/machines/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/templates/clan/classic/.envrc b/templates/clan/flake-parts/.envrc similarity index 100% rename from templates/clan/classic/.envrc rename to templates/clan/flake-parts/.envrc diff --git a/templates/clan/flake-parts/.gitignore b/templates/clan/flake-parts/.gitignore new file mode 100644 index 000000000..e6a12f0ea --- /dev/null +++ b/templates/clan/flake-parts/.gitignore @@ -0,0 +1,2 @@ +result* +.direnv/ diff --git a/templates/clan/flake-parts/flake.nix b/templates/clan/flake-parts/flake.nix new file mode 100644 index 000000000..daf8d0cfa --- /dev/null +++ b/templates/clan/flake-parts/flake.nix @@ -0,0 +1,61 @@ +{ + inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + inputs.nixpkgs.follows = "clan-core/nixpkgs"; + inputs.flake-parts.follows = "clan-core/flake-parts"; + inputs.flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; + + outputs = + inputs@{ flake-parts, ... }: + flake-parts.lib.mkFlake { inherit inputs; } { + systems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + imports = [ inputs.clan-core.flakeModules.default ]; + # https://docs.clan.lol/guides/flake-parts/ + clan = { + # Ensure this is unique among all clans you want to use. + meta.name = "__CHANGE_ME__"; + + # Clan services to use. See https://docs.clan.lol/reference/clanServices + inventory.instances = { + admin = { + roles.default.tags.all = { }; + roles.default.settings.allowedKeys = { + # Insert the public key of all your admin machines + # All these 'admin machines' will have ssh access to "tags.all" (all machines) + # Alternatively set 'users.users.root.openssh.authorizedKeys.keys' in each machine + "admin-machine-1" = "__YOUR_PUBLIC_KEY__"; + }; + }; + + zerotier = { + # Replace with the name of your machine that you will use as zerotier-controller + # See: https://docs.zerotier.com/controller/ + # Deploy this machine first to create the network secrets + roles.controller.machines."__YOUR_CONTROLLER__" = { }; + # Peers of the network + # tags.all means 'all machines' will joined + roles.peer.tags.all = { }; + }; + }; + + # A mapping of machine names to their nixos configuration. + # Allows specifying additional nixos configuration. + machines = { + somemachine = + { pkgs, ... }: + { + environment.systemPackages = with pkgs; [ asciinema ]; + }; + }; + }; + perSystem = + { pkgs, inputs', ... }: + { + devShells.default = pkgs.mkShell { packages = [ inputs'.clan-core.packages.clan-cli ]; }; + }; + }; +} diff --git a/templates/clan/minimal/.gitignore b/templates/clan/minimal/.gitignore index 4812d58f9..e6a12f0ea 100644 --- a/templates/clan/minimal/.gitignore +++ b/templates/clan/minimal/.gitignore @@ -1,2 +1,2 @@ -result +result* .direnv/ diff --git a/templates/clan/minimal/flake.nix b/templates/clan/minimal/flake.nix index cef52fd5f..b0fd4caf4 100644 --- a/templates/clan/minimal/flake.nix +++ b/templates/clan/minimal/flake.nix @@ -2,16 +2,21 @@ inputs = { clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; nixpkgs.follows = "clan-core/nixpkgs"; - - flake-parts.follows = "clan-core/flake-parts"; - flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; }; outputs = - { self, clan-core, ... }: + { + self, + clan-core, + nixpkgs, + ... + }: let # Usage see: https://docs.clan.lol - clan = clan-core.lib.clan { inherit self; }; + clan = clan-core.lib.clan { + inherit self; + meta.name = nixpkgs.lib.mkDefault "new-clan"; + }; in { # all machines managed by Clan diff --git a/templates/clan/new-clan/modules/shared.nix b/templates/clan/new-clan/modules/shared.nix deleted file mode 100644 index 23f8a3fb3..000000000 --- a/templates/clan/new-clan/modules/shared.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - clan-core, - # Optional, if you want to access other flakes: - # self, - ... -}: -{ - imports = [ - # Enables the OpenSSH server for remote access - clan-core.clanModules.sshd - # Set a root password - clan-core.clanModules.root-password - clan-core.clanModules.user-password - clan-core.clanModules.state-version - - # You can access other flakes imported in your flake via `self` like this: - # self.inputs.nix-index-database.nixosModules.nix-index - ]; - - # Locale service discovery and mDNS - services.avahi.enable = true; - - # generate a random password for our user below - # can be read using `clan secrets get -user-password` command - clan.user-password.user = "user"; - users.users.user = { - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "input" - ]; - uid = 1000; - openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; - }; -} diff --git a/templates/flake.nix b/templates/flake.nix index df9045be6..84ce097d1 100644 --- a/templates/flake.nix +++ b/templates/flake.nix @@ -24,17 +24,17 @@ clan = { default = { - description = "Initialize a new clan flake"; + description = "Initialize a new clan"; path = ./clan/default; }; - classic = { - description = "Initialize a new clan flake (no flake-parts)"; - path = ./clan/classic; + flake-parts = { + description = "Initialize a new clan (flake-parts)"; + path = ./clan/flake-parts; }; minimal = { - description = "for clans managed via (G)UI"; + description = "Minimal Clan"; path = ./clan/minimal; }; };