From 795bda5daac40c65afd17393d3283813da634166 Mon Sep 17 00:00:00 2001 From: Tom Prince <tom.prince@private.storage> Date: Thu, 26 Aug 2021 22:33:11 -0600 Subject: [PATCH] stuff --- arion.nix | 26 ++++++++++++++------------ morph/grid/local/arion-compose.nix | 8 +++++--- morph/grid/local/grid.nix | 1 + morph/grid/production/grid.nix | 1 + morph/grid/testing/grid.nix | 1 + nixos/modules/issuer.nix | 4 ++-- nixos/modules/private-storage.nix | 4 ++-- 7 files changed, 26 insertions(+), 19 deletions(-) diff --git a/arion.nix b/arion.nix index 7c079a66..44ada78e 100644 --- a/arion.nix +++ b/arion.nix @@ -1,20 +1,23 @@ -{ pkgs ? import ./nixpkgs-2105.nix {} -, configuration ? ./morph/grid/local/configuration.nix +{ self ? ./. +, pkgs ? import ./nixpkgs-2105.nix {} +, lib ? pkgs.lib , includeStorePaths ? false -}: -let - inherit (pkgs) lib; - nixpkgs = import <nixpkgs> {}; - local-grid = "${./.}/morph/grid/local"; - arion-src = nixpkgs.fetchFromGitHub { +, ourpkgs ? import ./nixpkgs-ps.nix {} +, arion-src ? pkgs.fetchFromGitHub { owner = "tp-la"; repo = "arion"; rev = "hack"; sha256 = "0wv4wbzzd926qm81h78v10wyhiaayx2jggpb1ijzk118a543sz84"; - }; + } +}: rec { + inherit pkgs lib ourpkgs arion-src; + local-grid = "${self}/morph/grid/local"; arion-eval = args@{...}: import "${arion-src}/src/nix/eval-composition.nix" ({ inherit pkgs; } // args); arion = arion-eval { - modules = [ "${local-grid}/arion-compose.nix" ]; + modules = [ + "${local-grid}/arion-compose.nix" + { config._module.args = { inherit ourpkgs; } ; } + ]; }; systems = pkgs.runCommand "systems" { preferLocalBuild = true; allowSubstitutes = false; } @@ -53,5 +56,4 @@ let morph-output = morph.machines { argsFile = pkgs.writeText "" (builtins.toJSON { Names = lib.attrNames morph.nodes; }); }; -in - {inherit pkgs arion local-grid bundle arion-eval arion-src docker-yaml package pause systems morph morph-output;} +} diff --git a/morph/grid/local/arion-compose.nix b/morph/grid/local/arion-compose.nix index 9d56530b..3b17e403 100644 --- a/morph/grid/local/arion-compose.nix +++ b/morph/grid/local/arion-compose.nix @@ -1,4 +1,4 @@ -{lib, ...}: +{lib, ourpkgs, ...}: let gridlib = import ../../lib; @@ -14,12 +14,14 @@ let # Configure deployment management authorization for all systems in the grid. grid-config = { + _module.args = { inherit ourpkgs; }; + imports = [ gridlib.base ]; services.private-storage.deployment = { authorizedKey = builtins.readFile "${config.publicKeyPath}/deploy_key.pub"; gridName = "local"; }; services.private-storage.sshUsers = config.sshUsers; - deployment = { + grid = { inherit (config) publicKeyPath privateKeyPath; }; }; @@ -78,7 +80,7 @@ in environment.etc = { "secrets/payments-localdev-ssl" = { mode = "direct-symlink"; - source = "${config.deployment.privateKeyPath}/payments-localdev-ssl"; + source = "${config.grid.privateKeyPath}/payments-localdev-ssl"; }; "stripe/config.toml" = let toml = pkgs.formats.toml {}; diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix index 0bb378d4..a91d63bf 100644 --- a/morph/grid/local/grid.nix +++ b/morph/grid/local/grid.nix @@ -87,6 +87,7 @@ let in { network = { description = "PrivateStorage.io LocalDev Grid"; + inherit pkgs; }; inherit payments monitoring storage1 storage2; } diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix index 7d43a0ce..7da2ea4e 100644 --- a/morph/grid/production/grid.nix +++ b/morph/grid/production/grid.nix @@ -105,6 +105,7 @@ let in { network = { description = "PrivateStorage.io Production Grid"; + inherit pkgs; }; inherit payments; inherit monitoring; diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix index 5eeb4393..7a810435 100644 --- a/morph/grid/testing/grid.nix +++ b/morph/grid/testing/grid.nix @@ -72,6 +72,7 @@ let in { network = { description = "PrivateStorage.io Testing Grid"; + inherit pkgs; }; inherit payments monitoring storage001; } diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix index 3a8d05bf..344249a4 100644 --- a/nixos/modules/issuer.nix +++ b/nixos/modules/issuer.nix @@ -1,9 +1,9 @@ # A NixOS module which can run a Ristretto-based issuer for PrivateStorage # ZKAPs. -{ lib, pkgs, config, ... }: let +{ lib, pkgs, config, ... }@args: let cfg = config.services.private-storage-issuer; # Our own nixpkgs fork: - ourpkgs = import ../../nixpkgs-ps.nix {}; + ourpkgs = args.ourpkgs or import ../../nixpkgs-ps.nix {}; in { options = { services.private-storage-issuer.enable = lib.mkEnableOption "PrivateStorage ZKAP Issuer Service"; diff --git a/nixos/modules/private-storage.nix b/nixos/modules/private-storage.nix index d3bc9e61..a483edb7 100644 --- a/nixos/modules/private-storage.nix +++ b/nixos/modules/private-storage.nix @@ -1,6 +1,6 @@ # A NixOS module which can instantiate a Tahoe-LAFS storage server in the # preferred configuration for the Private Storage grid. -{ pkgs, lib, config, ... }: +{ pkgs, lib, config, ... }@args: let # Grab the configuration for this module for convenient access below. cfg = config.services.private-storage; @@ -9,7 +9,7 @@ let tahoe-base = "/var/db/tahoe-lafs"; # Our own nixpkgs fork: - ourpkgs = import ../../nixpkgs-ps.nix {}; + ourpkgs = args.ourpkgs or import ../../nixpkgs-ps.nix {}; # The full path to the directory where the storage server will write # incident reports. -- GitLab