From 4ba945b1d1a2c8318a2111189d11e2b5e26f57d4 Mon Sep 17 00:00:00 2001 From: paki23 Date: Sun, 19 Mar 2023 16:31:59 +0100 Subject: [PATCH] net.nix: removed nodes options, all network nodes are now defined in resources.machines --- doc/guides/deploy-without-root.rst | 2 +- doc/manual/nixops.rst | 2 +- doc/manual/overview.rst | 14 ++--- doc/overview.rst | 14 ++--- doc/release-notes/index.rst | 2 +- nix/eval-machine-info.nix | 14 ++--- nix/machine-resource.nix | 16 ------ nix/net.nix | 84 +++++++++++------------------- nix/options.nix | 21 ++------ 9 files changed, 58 insertions(+), 111 deletions(-) delete mode 100644 nix/machine-resource.nix diff --git a/doc/guides/deploy-without-root.rst b/doc/guides/deploy-without-root.rst index 73eecc554..38e710418 100644 --- a/doc/guides/deploy-without-root.rst +++ b/doc/guides/deploy-without-root.rst @@ -69,7 +69,7 @@ Edit your nixops.nix to specify the machine's { network.description = "Non-root deployment"; - nodes.hermes = + resources.machines.hermes = { resources, ... }: { deployment.targetUser = "deployer"; diff --git a/doc/manual/nixops.rst b/doc/manual/nixops.rst index caa946edc..21400d3c5 100644 --- a/doc/manual/nixops.rst +++ b/doc/manual/nixops.rst @@ -1080,7 +1080,7 @@ Consider the following deployment specification (``servers.nix``): services.httpd.adminAddr = "foo@example.org"; }); - in { nodes = listToAttrs (map makeMachine (range 1 nrMachines)); } + in { resources.machines = listToAttrs (map makeMachine (range 1 nrMachines)); } This specifies a network of nrMachines identical VirtualBox VMs that run the Apache web server if active is set. To create 10 machines without diff --git a/doc/manual/overview.rst b/doc/manual/overview.rst index 7617242c1..955e6e8be 100644 --- a/doc/manual/overview.rst +++ b/doc/manual/overview.rst @@ -18,7 +18,7 @@ and leave ``deployment.targetEnv`` undefined. See :: { - nodes.webserver = + resources.machines.webserver = { config, pkgs, ... }: { deployment.targetHost = "1.2.3.4"; }; @@ -87,12 +87,12 @@ example: imports = [ ./common.nix ]; }; - nodes.machine = { ... }: {}; + resources.machines.machine = { ... }: {}; } Each attribute is explained below: -``nodes.*`` +``resources.machines.*`` Applies the given NixOS configuration to the corresponding node. ``defaults`` @@ -121,7 +121,7 @@ Here is an example of a network with network arguments: { maintenance ? false }: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { services.httpd.enable = maintenance; ... @@ -175,7 +175,7 @@ Add a key to a machine like so. :: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -211,7 +211,7 @@ and otherwise inactive when the key is absent. See :: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -246,7 +246,7 @@ This is possible by using the extra NixOS module input ``nodes``. { network.description = "Gollum server and reverse proxy"; - nodes = { + resources.machines = { gollum = { config, pkgs, ... }: diff --git a/doc/overview.rst b/doc/overview.rst index 435503edd..26bc2d4f4 100644 --- a/doc/overview.rst +++ b/doc/overview.rst @@ -21,7 +21,7 @@ machine, and leave ``deployment.targetEnv`` undefined. See :: { - nodes.webserver = + resources.machines.webserver = { config, pkgs, ... }: { deployment.targetHost = "1.2.3.4"; }; @@ -92,7 +92,7 @@ example: imports = [ ./common.nix ]; }; - nodes.machine = { ... }: {}; + resources.machines.machine = { ... }: {}; } Each attribute is explained below: @@ -122,7 +122,7 @@ Here is an example of a network with network arguments: { maintenance ? false }: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { services.httpd.enable = maintenance; ... @@ -175,7 +175,7 @@ Add a key to a machine like so. :: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -216,7 +216,7 @@ and otherwise inactive when the key is absent. See :: { - nodes.machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -250,8 +250,8 @@ This is possible by using the extra NixOS module input ``nodes``. { network.description = "Gollum server and reverse proxy"; - - nodes = { + + resources.machines = { gollum = { config, pkgs, ... }: { diff --git a/doc/release-notes/index.rst b/doc/release-notes/index.rst index 0d3a35ba4..c2e66793c 100644 --- a/doc/release-notes/index.rst +++ b/doc/release-notes/index.rst @@ -18,7 +18,7 @@ Release 2.0 - Now the network specification is using the module system from ``nixpkgs.lib`` - Now network specification files can import other files via ``imports``. - - We have a ``nodes.*`` option where we put every NixOS configuration for the configured nodes. We suggest to use it instead of defining nodes in the top level. + - We have a ``resources.machines.*`` option where we put every NixOS configuration for the configured nodes. We suggest to use it instead of defining nodes in the top level. - Removed NixOS Options diff --git a/nix/eval-machine-info.nix b/nix/eval-machine-info.nix index 1473ca8c0..bfb13d952 100644 --- a/nix/eval-machine-info.nix +++ b/nix/eval-machine-info.nix @@ -23,7 +23,7 @@ let ./net.nix mod flakeExpr { nixpkgs = lib.mkDefault flake.inputs.nixpkgs or nixpkgsBoot; - network.nodesExtraArgs = { inherit uuid deploymentName; }; + network.nodesExtraArgs = { inherit deploymentName; }; # Make NixOps's deployment.* options available. deployment = { name = deploymentName; @@ -46,19 +46,21 @@ in rec { inherit nixpkgs; net = evalMod lib { resources.imports = pluginResourceModules; - network.resourcesDefaults._module.args = { inherit pkgs uuid; }; + network.resourcesDefaults._module.args.pkgs = lib.mkOptionDefault pkgs; }; # for backward compatibility - network = lib.mapAttrs (n: v: [v]) net.config; + network = lib.mapAttrs (n: v: [ v ]) net.config; networks = [ net.config ]; defaults = [ net.config.defaults ]; nodes = #TODO: take options and other modules outputs for each node - lib.mapAttrs (n: v: { + lib.mapAttrs + (n: v: { config = v; - options = net.options.nodes.${n}; + options = net.options.resources.machines.${n}; inherit (v.nixpkgs) pkgs; - }) net.config.nodes; + }) + net.config.resources.machines; # ./resource.nix is imported in resource opt but does not define resource types # we have to remove those entries as they do not otherwise conform to the resource schema diff --git a/nix/machine-resource.nix b/nix/machine-resource.nix deleted file mode 100644 index 1a16198d0..000000000 --- a/nix/machine-resource.nix +++ /dev/null @@ -1,16 +0,0 @@ - -# Machine resource - -{ config, lib, uuid, name, ... }: - -with lib; - -{ - # A freeformType is probably not helpful because it may traverse into a - # machine config, triggering errors in attributes that should never be accessed, - # which results in very obscure errors. - # freeformType = lib.types.raw or lib.types.unspecified; - options = { - - }; -} diff --git a/nix/net.nix b/nix/net.nix index 6a1a99129..00b6a0bb5 100644 --- a/nix/net.nix +++ b/nix/net.nix @@ -3,15 +3,6 @@ let inherit (lib) mkOption types mapAttrs warn; inherit (types) deferredModule; - nodesConfigCompat = k: n: - n // { - config = - warn - "The module parameter `nodes.${lib.strings.escapeNixIdentifier k}.config' has been renamed to `nodes.${lib.strings.escapeNixIdentifier k}'" - n; - options = throw "nodes..options is not available anymore. You can access options information by writing a node-level module that extracts the options information and assigns it to a new option of your choosing."; - }; - deploymentDefault = { imports = [ ./resource.nix ./default-deployment.nix ]; inherit (config) deployment; @@ -55,7 +46,7 @@ in lock = mkOption { # TBD type = types.raw; - default = {}; + default = { }; }; }; resources = mkOption { @@ -64,27 +55,30 @@ in specialArgs.defineResource = resName: resMod: { options.${resName} = mkOption { default = { }; - type = types.attrsOf (types.submodule ({ name, ... }: { - imports=[ + type = types.attrsOf (types.submoduleWith { + specialArgs = { + inherit (config) resources; + inherit (config.deployment) uuid; + }; + modules = [ deploymentDefault config.network.resourcesDefaults resMod - ]; - _module.args = { - inherit (config) resources; - nodes = # inherit nodes, essentially - lib.mapAttrs - (nodeName: node: - lib.mapAttrs - (key: lib.warn "Resource ${name} accesses nodes.${nodeName}.${key}, which is deprecated. Use the equivalent option instead: nodes.${nodeName}.${{ + ({ name, ... }: { + _module.args.nodes = # inherit nodes, essentially + lib.mapAttrs + (nodeName: node: + lib.mapAttrs + (key: lib.warn "Resource ${name} accesses nodes.${nodeName}.${key}, which is deprecated. Use the equivalent option instead: nodes.${nodeName}.${{ nixosRelease = "config.system.nixos.release and make sure it is set properly"; publicIPv4 = "config.networking.publicIPv4"; }.${key} or "config.deployment.${key}"}.") - config.nodes.${nodeName} - // node) - config.nodes; - }; - })); + config.resources.machines.${nodeName} + // node) + config.resources.machines; + }) + ]; + }); }; }; modules = [ @@ -93,41 +87,23 @@ in imports = [ (defineResource "sshKeyPairs" ./ssh-keypair.nix) (defineResource "commandOutput" ./command-output.nix) + (defineResource "machines" ./options.nix) ]; - options.machines = lib.mkOption { - description = '' - An alias for the `nodes`. - ''; - readOnly = true; - type = types.raw; - }; - config = { - machines = config.nodes; - _module.check = false; + options.machines = mkOption { + description = "The NixOS configurations for the nodes in the network."; + # on 1st eval nodes is not read and on 2nd lib is taken from config.nixpkgs + type = types.attrsOf (lib.nixosSystem or (import /${config.nixpkgs}/nixos/lib/eval-config.nix) { + inherit system lib; + specialArgs = config.network.nodesExtraArgs; + modules = [ config.defaults { _module.check = true; } ]; + }).type; }; + config._module.check = false; }) ]; }; }; # Compute the definitions of the machines. - nodes = mkOption { - description = "The NixOS configurations for the nodes in the network."; - default = { }; - # on 1st eval nodes is not read and on 2nd lib is taken from config.nixpkgs - type = types.attrsOf (lib.nixosSystem or (import /${config.nixpkgs}/nixos/lib/eval-config.nix) { - inherit system lib; - specialArgs = { - inherit (config) resources; - nodes = mapAttrs nodesConfigCompat config.nodes; - } // config.network.nodesExtraArgs; - modules = [ - config.defaults - # Make NixOps's deployment.* options available. - ./options.nix - deploymentDefault - ]; - }).type; - }; defaults = mkOption { type = deferredModule; default = { }; @@ -137,7 +113,7 @@ in }; }; config = { - nodes = + resources.machines = let nodes = removeAttrs config (builtins.attrNames options); in diff --git a/nix/options.nix b/nix/options.nix index b5594037a..4adfadd6d 100644 --- a/nix/options.nix +++ b/nix/options.nix @@ -1,23 +1,8 @@ { name, config, lib, ... }: - with lib; - -let - - cfg = config.deployment; - -in - { - - imports = - [ - ./keys.nix - ]; - - + imports = [ ./keys.nix ]; options = { - deployment.targetEnv = mkOption { default = "none"; example = "ec2"; @@ -74,7 +59,7 @@ in deployment.sshOptions = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; description = '' Extra options passed to the OpenSSH client verbatim, and are not executed by a shell. ''; @@ -109,7 +94,7 @@ in }; deployment.owners = mkOption { - default = []; + default = [ ]; type = types.listOf types.str; description = '' List of email addresses of the owners of the machines. Used