From 36c46f5d07799792efedf24029d1a4e97bb61e7a Mon Sep 17 00:00:00 2001 From: Gabriel Simmer Date: Sun, 8 Oct 2023 22:54:52 +0100 Subject: [PATCH] Update, use opentofu --- flake.lock | 221 ++++++++++++++++++++++++++++++++++++++++++++++++----- flake.nix | 43 +++++++++-- 2 files changed, 240 insertions(+), 24 deletions(-) diff --git a/flake.lock b/flake.lock index 632e078..e98afb2 100644 --- a/flake.lock +++ b/flake.lock @@ -7,16 +7,17 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1695339232, - "narHash": "sha256-6wQHW3uHECpGIBolTccQ6x3/9b8E1SrO+VzTABKe2xM=", + "lastModified": 1695384796, + "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=", "owner": "ryantm", "repo": "agenix", - "rev": "7f9dfa309f24dc74450ecab6e74bc3d11c7ce735", + "rev": "1f677b3e161d3bdbfd08a939e8f25de2568e0ef4", "type": "github" }, "original": { "owner": "ryantm", "repo": "agenix", + "rev": "1f677b3e161d3bdbfd08a939e8f25de2568e0ef4", "type": "github" } }, @@ -93,6 +94,43 @@ "type": "github" } }, + "flake-compat": { + "locked": { + "lastModified": 1688025799, + "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs-wayland", + "nix-eval-jobs", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1667395993, @@ -109,6 +147,24 @@ } }, "flake-utils_2": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "locked": { "lastModified": 1634851050, "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=", @@ -151,11 +207,11 @@ ] }, "locked": { - "lastModified": 1695224363, - "narHash": "sha256-+hfjJLUMck5G92RVFDZA7LWkR3kOxs5zQ7RPW9t3eM8=", + "lastModified": 1696737557, + "narHash": "sha256-YD/pjDjj/BNmisEvRdM/vspkCU3xyyeGVAUWhvVSi5Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "408ba13188ff9ce309fa2bdd2f81287d79773b00", + "rev": "3c1d8758ac3f55ab96dcaf4d271c39da4b6e836d", "type": "github" }, "original": { @@ -164,6 +220,45 @@ "type": "github" } }, + "lib-aggregate": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1696766909, + "narHash": "sha256-lU1BmCWpQ9cx64YnJKc89lMg9cx4pCokXIbh5J//2t0=", + "owner": "nix-community", + "repo": "lib-aggregate", + "rev": "9f495e4feea66426589cbb59ac8b972993b5d872", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lib-aggregate", + "type": "github" + } + }, + "nix-eval-jobs": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs_5", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1696712215, + "narHash": "sha256-znUR51gbpoqm79FKVyVl9V4va6P5bTr7tohPPW+iydU=", + "owner": "nix-community", + "repo": "nix-eval-jobs", + "rev": "26af7cabdb7ee637dc9b63f1ce609a467534713c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-eval-jobs", + "type": "github" + } + }, "nixinate": { "inputs": { "nixpkgs": "nixpkgs_3" @@ -205,11 +300,11 @@ ] }, "locked": { - "lastModified": 1693791338, - "narHash": "sha256-wHmtB5H8AJTUaeGHw+0hsQ6nU4VyvVrP2P4NeCocRzY=", + "lastModified": 1696058303, + "narHash": "sha256-eNqKWpF5zG0SrgbbtljFOrRgFgRzCc4++TMFADBMLnc=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "8ee78470029e641cddbd8721496da1316b47d3b4", + "rev": "150f38bd1e09e20987feacb1b0d5991357532fb5", "type": "github" }, "original": { @@ -234,6 +329,44 @@ "type": "github" } }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1696726172, + "narHash": "sha256-89yxFXzTA7JRyWo6hg7SD4DlS/ejYt8Y8IvGZHbSWsg=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "59da6ac0c02c48aa92dee37057f978412797db2a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-wayland": { + "inputs": { + "flake-compat": "flake-compat", + "lib-aggregate": "lib-aggregate", + "nix-eval-jobs": "nix-eval-jobs", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1696768017, + "narHash": "sha256-a3/jmm6ppT8Jtz4qq6urVCSNpcbKGsv18RMB3wXWk5w=", + "owner": "nix-community", + "repo": "nixpkgs-wayland", + "rev": "20c7e3550485ed6be55c2ce9b6c8c05bbb9a6e1b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs-wayland", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1670242877, @@ -268,11 +401,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1695132891, - "narHash": "sha256-cJR9AFHmt816cW/C9necLJyOg/gsnkvEeFAfxgeM1hc=", + "lastModified": 1696693680, + "narHash": "sha256-PH0HQTkqyj7DmdPKPwrrXwVURLBqzZs4nqnDw9q8mhg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8b5ab8341e33322e5b66fb46ce23d724050f6606", + "rev": "945559664c1dc5836173ee12896ba421d9b37181", "type": "github" }, "original": { @@ -283,6 +416,22 @@ } }, "nixpkgs_5": { + "locked": { + "lastModified": 1696466515, + "narHash": "sha256-SQJyUBoLXmPGueYTLj1yDVHolg2pnB+rUR4Z6p5AKpA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c52af267ad0c11b55f89cf6c70adb10694ad938e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { "locked": { "lastModified": 1636823747, "narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=", @@ -305,23 +454,39 @@ "nixinate": "nixinate", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_4", + "nixpkgs-wayland": "nixpkgs-wayland", "terranix": "terranix" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "terranix": { "inputs": { "bats-assert": "bats-assert", "bats-support": "bats-support", - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_5", + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_6", "terranix-examples": "terranix-examples" }, "locked": { - "lastModified": 1684906298, - "narHash": "sha256-pNuJxmVMGbBHw7pa+Bx0HY0orXIXoyyAXOKuQ1zpfus=", + "lastModified": 1695406838, + "narHash": "sha256-xiUfVD6rtsVWFotVtUW3Q1nQh4obKzgvpN1wqZuGXvM=", "owner": "terranix", "repo": "terranix", - "rev": "c0dd15076856c6cb425795b8c7d5d37d3a1e922a", + "rev": "fc9077ca02ab5681935dbf0ecd725c4d889b9275", "type": "github" }, "original": { @@ -344,6 +509,28 @@ "repo": "terranix-examples", "type": "github" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs-wayland", + "nix-eval-jobs", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1695822946, + "narHash": "sha256-IQU3fYo0H+oGlqX5YrgZU3VRhbt2Oqe6KmslQKUO4II=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "720bd006d855b08e60664e4683ccddb7a9ff614a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index faa9d75..3d994dd 100644 --- a/flake.nix +++ b/flake.nix @@ -1,10 +1,14 @@ { description = "Nix flake for my infrastructure"; inputs = { - agenix.url = "github:ryantm/agenix"; + agenix.url = "github:ryantm/agenix?rev=1f677b3e161d3bdbfd08a939e8f25de2568e0ef4"; terranix.url = "github:terranix/terranix"; nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixinate.url = "github:matthewcroughan/nixinate"; + nixpkgs-wayland = { + url = "github:nix-community/nixpkgs-wayland"; + inputs.nixpkgs.follows = "nixpkgs"; + }; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -16,7 +20,7 @@ alertmanager-ntfy.url = "github:alexbakker/alertmanager-ntfy"; }; - outputs = { self, nixpkgs, nixos-generators, nixinate, home-manager, agenix, terranix, alertmanager-ntfy }: + outputs = { self, nixpkgs, nixos-generators, nixinate, home-manager, agenix, terranix, alertmanager-ntfy, nixpkgs-wayland}: let pkgs = nixpkgs.legacyPackages.x86_64-linux; tf = terranix.lib.terranixConfiguration { @@ -32,7 +36,7 @@ set +o allexport ''; nativeBuildInputs = [ - jq terraform ansible kubectl awscli2 + jq opentofu kubectl awscli2 nodePackages.yaml-language-server k9s terraform-ls kubernetes-helm nil ]; @@ -56,8 +60,8 @@ program = toString (pkgs.writers.writeBash "plan" '' if [[ -e terraform/config.tf.json ]]; then rm -f terraform/config.tf.json; fi cp ${tf} terraform/config.tf.json \ - && ${pkgs.terraform}/bin/terraform -chdir=terraform init \ - && ${pkgs.terraform}/bin/terraform -chdir=terraform plan -out=plan.out + && ${pkgs.opentofu}/bin/tofu -chdir=terraform init \ + && ${pkgs.opentofu}/bin/tofu -chdir=terraform plan -out=plan.out ''); }; tf-apply = { @@ -65,8 +69,8 @@ program = toString (pkgs.writers.writeBash "apply" '' if [[ -e terraform/config.tf.json ]]; then rm -f terraform/config.tf.json; fi cp ${tf} terraform/config.tf.json \ - && ${pkgs.terraform}/bin/terraform -chdir=terraform init \ - && ${pkgs.terraform}/bin/terraform -chdir=terraform apply plan.out + && ${pkgs.opentofu}/bin/tofu -chdir=terraform init \ + && ${pkgs.opentofu}/bin/tofu -chdir=terraform apply plan.out ''); }; }; @@ -86,6 +90,31 @@ home-manager.useUserPackages = true; home-manager.users.gsimmer = import ./nix/london/gsimmer.nix; } + ({pkgs, config, ... }: + { + config = { + nix.settings = { + # add binary caches + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" + ]; + substituters = [ + "https://cache.nixos.org" + "https://nixpkgs-wayland.cachix.org" + ]; + }; + + # use it as an overlay + nixpkgs.overlays = [ nixpkgs-wayland.overlay ]; + + # or, pull specific packages (built against inputs.nixpkgs, usually `nixos-unstable`) + environment.systemPackages = [ + nixpkgs-wayland.packages.x86_64-linux.waybar + ]; + }; + } + ) ]; }; oracle-gitea-runner = nixpkgs.lib.nixosSystem {