besaid.zone / core
forked from tangled.org/core
Monorepo for Tangled
fork atom

nix: update nix modules & VM to new knot interface

Signed-off-by: oppiliappan <me@oppi.li>

authored by oppi.li and committed by Tangled 390c8947 f7d68908

options
unified split
Changed files
+41 -47
flake.nix
+41 -47
flake.nix
··· 49 49 inherit (gitignore.lib) gitignoreSource; 50 50 in { 51 51 overlays.default = final: prev: let 52 - goModHash = "sha256-H/sKps9um8vvv/WAZ1hEN+ZVhmXlddRNSVWVRBK1zEo="; 53 - buildCmdPackage = name: 54 - final.buildGoModule { 55 - pname = name; 56 - version = "0.1.0"; 57 - src = gitignoreSource ./.; 58 - subPackages = ["cmd/${name}"]; 59 - vendorHash = goModHash; 60 - env.CGO_ENABLED = 0; 61 - }; 52 + goModHash = "sha256-H2gBkkuJaZtHlvW33aWZu0pS9vsS/A2ojeEUbp6o7Go="; 62 53 in { 63 54 indigo-lexgen = final.buildGoModule { 64 55 pname = "indigo-lexgen"; ··· 92 83 stdenv = pkgsStatic.stdenv; 93 84 }; 94 85 95 - knotserver = with final; 86 + knot = with final; 96 87 final.pkgsStatic.buildGoModule { 97 - pname = "knotserver"; 88 + pname = "knot"; 98 89 version = "0.1.0"; 99 90 src = gitignoreSource ./.; 100 91 nativeBuildInputs = [final.makeWrapper]; 101 - subPackages = ["cmd/knotserver"]; 92 + subPackages = ["cmd/knot"]; 102 93 vendorHash = goModHash; 103 94 installPhase = '' 104 95 runHook preInstall 105 96 106 97 mkdir -p $out/bin 107 - cp $GOPATH/bin/knotserver $out/bin/knotserver 98 + cp $GOPATH/bin/knot $out/bin/knot 108 99 109 - wrapProgram $out/bin/knotserver \ 100 + wrapProgram $out/bin/knot \ 110 101 --prefix PATH : ${pkgs.git}/bin 111 102 112 103 runHook postInstall 113 104 ''; 114 105 env.CGO_ENABLED = 1; 115 106 }; 116 - knotserver-unwrapped = final.pkgsStatic.buildGoModule { 117 - pname = "knotserver"; 107 + knot-unwrapped = final.pkgsStatic.buildGoModule { 108 + pname = "knot"; 118 109 version = "0.1.0"; 119 110 src = gitignoreSource ./.; 120 - subPackages = ["cmd/knotserver"]; 111 + subPackages = ["cmd/knot"]; 121 112 vendorHash = goModHash; 122 113 env.CGO_ENABLED = 1; 123 114 }; 124 - repoguard = buildCmdPackage "repoguard"; 125 - keyfetch = buildCmdPackage "keyfetch"; 126 - genjwks = buildCmdPackage "genjwks"; 115 + genjwks = final.pkgsStatic.buildGoModule { 116 + pname = "genjwks"; 117 + version = "0.1.0"; 118 + src = gitignoreSource ./.; 119 + subPackages = ["cmd/genjwks"]; 120 + vendorHash = goModHash; 121 + env.CGO_ENABLED = 0; 122 + }; 127 123 }; 128 124 packages = forAllSystems (system: { 129 125 inherit 130 126 (nixpkgsFor."${system}") 131 127 indigo-lexgen 132 128 appview 133 - knotserver 134 - knotserver-unwrapped 135 - repoguard 136 - keyfetch 129 + knot 130 + knot-unwrapped 137 131 genjwks 138 132 ; 139 133 }); ··· 172 166 }); 173 167 apps = forAllSystems (system: let 174 168 pkgs = nixpkgsFor."${system}"; 175 - air-watcher = name: 169 + air-watcher = name: arg: 176 170 pkgs.writeShellScriptBin "run" 177 171 '' 178 172 ${pkgs.air}/bin/air -c /dev/null \ 179 173 -build.cmd "${pkgs.go}/bin/go build -o ./out/${name}.out ./cmd/${name}/main.go" \ 180 - -build.bin "./out/${name}.out" \ 174 + -build.bin "./out/${name}.out ${arg}" \ 181 175 -build.stop_on_error "true" \ 182 176 -build.include_ext "go" 183 177 ''; ··· 189 183 in { 190 184 watch-appview = { 191 185 type = "app"; 192 - program = ''${air-watcher "appview"}/bin/run''; 186 + program = ''${air-watcher "appview" ""}/bin/run''; 193 187 }; 194 - watch-knotserver = { 188 + watch-knot = { 195 189 type = "app"; 196 - program = ''${air-watcher "knotserver"}/bin/run''; 190 + program = ''${air-watcher "knot" "server"}/bin/run''; 197 191 }; 198 192 watch-tailwind = { 199 193 type = "app"; ··· 247 241 }; 248 242 }; 249 243 250 - nixosModules.knotserver = { 244 + nixosModules.knot = { 251 245 config, 252 246 pkgs, 253 247 lib, 254 248 ... 255 249 }: let 256 - cfg = config.services.tangled-knotserver; 250 + cfg = config.services.tangled-knot; 257 251 in 258 252 with lib; { 259 253 options = { 260 - services.tangled-knotserver = { 254 + services.tangled-knot = { 261 255 enable = mkOption { 262 256 type = types.bool; 263 257 default = false; 264 - description = "Enable a tangled knotserver"; 258 + description = "Enable a tangled knot"; 265 259 }; 266 260 267 261 appviewEndpoint = mkOption { ··· 383 377 mode = "0555"; 384 378 text = '' 385 379 #!${pkgs.stdenv.shell} 386 - ${self.packages.${pkgs.system}.keyfetch}/bin/keyfetch \ 387 - -repoguard-path ${self.packages.${pkgs.system}.repoguard}/bin/repoguard \ 380 + ${self.packages.${pkgs.system}.knot}/bin/knot keys \ 381 + -output authorized-keys \ 388 382 -internal-api "http://${cfg.server.internalListenAddr}" \ 389 383 -git-dir "${cfg.repo.scanPath}" \ 390 - -log-path /tmp/repoguard.log 384 + -log-path /tmp/knotguard.log 391 385 ''; 392 386 }; 393 387 394 - systemd.services.knotserver = { 395 - description = "knotserver service"; 388 + systemd.services.knot = { 389 + description = "knot service"; 396 390 after = ["network.target" "sshd.service"]; 397 391 wantedBy = ["multi-user.target"]; 398 392 serviceConfig = { ··· 408 402 "KNOT_SERVER_HOSTNAME=${cfg.server.hostname}" 409 403 ]; 410 404 EnvironmentFile = cfg.server.secretFile; 411 - ExecStart = "${self.packages.${pkgs.system}.knotserver}/bin/knotserver"; 405 + ExecStart = "${self.packages.${pkgs.system}.knot}/bin/knot server"; 412 406 Restart = "always"; 413 407 }; 414 408 }; ··· 420 414 nixosConfigurations.knotVM = nixpkgs.lib.nixosSystem { 421 415 system = "x86_64-linux"; 422 416 modules = [ 423 - self.nixosModules.knotserver 417 + self.nixosModules.knot 424 418 ({ 425 419 config, 426 420 pkgs, ··· 432 426 services.getty.autologinUser = "root"; 433 427 environment.systemPackages = with pkgs; [curl vim git]; 434 428 systemd.tmpfiles.rules = let 435 - u = config.services.tangled-knotserver.gitUser; 436 - g = config.services.tangled-knotserver.gitUser; 429 + u = config.services.tangled-knot.gitUser; 430 + g = config.services.tangled-knot.gitUser; 437 431 in [ 438 - "d /var/lib/knotserver 0770 ${u} ${g} - -" # Create the directory first 439 - "f+ /var/lib/knotserver/secret 0660 ${u} ${g} - KNOT_SERVER_SECRET=38a7c3237c2a585807e06a5bcfac92eb39442063f3da306b7acb15cfdc51d19d" 432 + "d /var/lib/knot 0770 ${u} ${g} - -" # Create the directory first 433 + "f+ /var/lib/knot/secret 0660 ${u} ${g} - KNOT_SERVER_SECRET=38a7c3237c2a585807e06a5bcfac92eb39442063f3da306b7acb15cfdc51d19d" 440 434 ]; 441 - services.tangled-knotserver = { 435 + services.tangled-knot = { 442 436 enable = true; 443 437 server = { 444 - secretFile = "/var/lib/knotserver/secret"; 438 + secretFile = "/var/lib/knot/secret"; 445 439 hostname = "localhost:6000"; 446 440 listenAddr = "0.0.0.0:6000"; 447 441 };