this repo has no description
starptr.andref.app
1# Everything
2
3This monorepo contains many things, including
4- Tilderef setup,
5- The Milky-Way k3s cluster manifests,
6- Pulumi infrastructure declarations,
7- NixOS modules,
8
9and more. Some advantages of using a monorepo is that
10- Dependencies between these projects are easier to manage and update (eg. a single source of truth is easily depended on by everything else),
11- Build systems can be re-used instead of duplicated for each git repository,
12
13etc.
14
15## Overview
16
17- `eight/` defines domain records using octodns.
18 - For example, the `andref.app` domain records are defined here.
19 - This is a single source of truth for all domains.
20- `experimental/` contains new projects that may or may not be abandoned.
21 - This is a safe space to play with ideas quickly as-needed.
22- `exports/` contains "built" artifacts which 1. are not nix-hermetic, or 2. is depended on by code which cannot evaluate Nix IFD.
23 - For example, `jupiter/` is not nix-hermetic (because it uses Pulumi which is not hermetic), so its output is written to `exports/jupiter/generated.json` as a single source of truth.
24 - If `eight/` was written in Jsonnet, it would not be able to evaluate Nix IFD, so `jupiter/` would still need to write to `exports/jupiter/`, even if `jupiter/` was nix-hermetic.
25- `flake-profiles/` contains all Nix flakes.
26 - Every NixOS/Darwin/Home-Manager configuration should have its own dedicated flake, because each configuration should have its own lockfile. Otherwise, updating machine-1 might unexpectedly break the configuration of machine-2.
27 - `flake-profiles/everything-devenv/` contains targets which are ok with rolling updates. This flake is updated frequently, and projects which are unlikely to fail from a new version of a dependency can use this flake.
28- `jupiter/` declares its infrastructure using Pulumi.
29 - The main Python file uses Pulumi to create Cloud resources, and also writes relevant data to `exports/jupiter/generated.json`.
30- `lib/` contains utility Nix functions.
31- `magic/` defines magic values (or "anonymous" values), and serves as a single source of truth.
32 - For example, the absolute path of this repository that's checked out in machine-1 is a magic value.
33- `milky-way/` defines the k3s cluster manifest.
34- `secrets/` contains sensitive values encrypted with sops-nix.
35- `tilderef/` contains miscellaneous files relevant to declaring the tilderef configuration.
36- `venus/` contains all NixOS/Darwin/Home-Manager modules and configurations, as well as config files for apps.
37- `whale/` specifies targets for building container images and scripts for pushing them to registries.