Nixfiles, for hacc.
Find a file
stuebinm 9dfac9818e
init keytracker on hainich.
This is a first attempt to package octycs' keytracker [1] application.

It's more a quick-and-dirty approach, so there are a couple things to note:
 - the config file is just generated by Nix as whatever the module got in
   its config option stuffed into a toml file. There are no default values,
   so all values must be set by hand – or rather, we just write the default
   values in the config.
 - I couldn't figure out how to actually make this thing work. It looks like
   it /should/ work, but gets hung up every time on loading key information
   via the web interface. Then again, it appears our current config on
   libocedrus also doesn't conform to what the readme says, so perhaps I just
   missed something that's as-yet undocumented.
 - The module just calls python instead of an actual server as backend. This
   is recommended just for development/testing, not actual deploys [2], but
   since the project is missing a setup.py which afaik are required to package
   these things more sensibly [3], that's it for now.
 - keys and corresponding tokens are currently baked into the nix store. This
   seems a bad idea, and I'll fix it as soon as I find the time.

[1] https://gitlab.infra4future.de/octycs/keytracker
[2] https://gitlab.infra4future.de/octycs/keytracker/-/blob/master/server/Readme.md
[3] https://flask.palletsprojects.com/en/1.1.x/tutorial/deploy/
2021-08-26 22:46:07 +02:00
common parsons: config nginx 2021-08-23 19:32:02 +00:00
desktop stuff 2021-08-25 16:23:34 +00:00
hosts init keytracker on hainich. 2021-08-26 22:46:07 +02:00
modules init keytracker on hainich. 2021-08-26 22:46:07 +02:00
nix maintenance: update sources, fix mattermost 2021-08-23 19:32:02 +00:00
pkgs init keytracker on hainich. 2021-08-26 22:46:07 +02:00
services init keytracker on hainich. 2021-08-26 22:46:07 +02:00
.gitignore repo: add vim swapfiles to gitignore 2020-11-29 12:53:03 +00:00
.gitlab-ci.yml services/gitlab-runner: init on parsons 2021-08-23 19:32:02 +00:00
default.nix sources: update nixpkgs to 21.05 2021-08-07 12:05:25 +00:00
README.md readme: add golden commit rule 2021-01-20 18:47:57 +00:00

hacc nixfiles

welcome to hacc nixfiles (haccfiles). this is the code describing our nix-based infrastructure.

structure

  • default.nix: Entrypoint to the config
  • common/: configuration common to all hosts
  • desktop/: desktop-relevant communication
  • modules/: home-grown modules for hacc-specific services
  • nix/: sources files, managed with niv
  • pkgs/: packages we built and don't want to upstream

working with the haccfiles

deploy:

nix build -f . deploy.$hostname && ./result switch

$hostname can be replaced with any hostname or group

committing to haccfiles

  • Golden Rule: DO NOT COMMIT TO MAIN
    • exceptions apply, if you are not sure where to commit, don't commit to main
  • split up commits, every commit is one atomic change
    • e.g. no big "did some changes" but instead "updated service x", "updated service y", "update service z"
  • follow the commit format: "$prefix$place: $change"
    • prefix: one of fixup, nothing
    • place: one of "modules/$module", "$hostname/service", "common/($place)", "pkgs/$pkgs" or "sources"
    • change: describe your change, don't go over the character limit where git starts hiding/wrapping
  • Exception: autogenerated messages (merge commits, reverts, etc)