ops/nixos: switch to more standard NixOS module system

Sorry tazjin.
This commit is contained in:
Luke Granger-Brown 2020-05-03 18:44:11 +01:00
parent 9a250f78df
commit f9b63a858f
5 changed files with 21 additions and 29 deletions

View file

@ -3,4 +3,5 @@ ops/secrets/
syntax: glob
*.sw?
*.pyc
*.orig
*~

View file

@ -1,10 +1,9 @@
{ depot, lib, pkgs, ... }@args:
let
inherit (builtins) foldl' mapAttrs;
systemFor = configs:
systemFor = config:
(depot.third_party.nixos {
configuration = lib.fix
(config: foldl' lib.recursiveUpdate { } (map (c: c config) configs));
configuration = config;
}).system;
systems = [ "porcorosso" "ixvm-fra01" "marukuru" ];
rebuilder = system:
@ -21,5 +20,5 @@ let
systemCfgs = lib.genAttrs systems
(name: import (./. + "/${name}") (args // { rebuilder = rebuilder name; }));
mapAttrValues = (f: set: mapAttrs (name: f) set);
systemDrvs = mapAttrValues (systemCfg: systemFor [ systemCfg ]) systemCfgs;
systemDrvs = mapAttrValues (systemCfg: systemFor systemCfg) systemCfgs;
in systemDrvs

View file

@ -1,8 +1,8 @@
{ depot, lib, pkgs, rebuilder, ... }:
config:
{ config, ... }:
let
inherit (depot.ops) secrets;
in lib.fix (self: {
in {
boot.initrd.availableKernelModules = [
"ata_piix"
"vmw_pvscsi"
@ -134,4 +134,4 @@ in lib.fix (self: {
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
system.stateVersion = "20.03";
})
}

View file

@ -1,8 +1,9 @@
{ depot, lib, pkgs, rebuilder, ... }:
config:
{ config, ... }:
let
inherit (depot.ops) secrets;
in lib.fix (self: {
myPhp = pkgs.php.withExtensions ({ enabled, all }: enabled ++ [ all.apcu all.mailparse ]);
in {
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
boot.kernelModules = [ "tcp_bbr" ];
boot.kernel.sysctl = {
@ -20,8 +21,6 @@ in lib.fix (self: {
nix.maxJobs = lib.mkDefault 2;
hardware.enableRedistributableFirmware = true;
nixpkgs.config = { allowUnfree = true; };
nix.nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ];
# Use GRUB2.
@ -68,17 +67,12 @@ in lib.fix (self: {
vim
mercurial
gitAndTools.gitFull
php phpPackages.mailparse
nodejs
rxvt_unicode.terminfo
rebuilder
];
environment.etc."php.d/mailparse.ini".text = ''
extension=${pkgs.phpPackages.mailparse}/lib/php/extensions/mailparse.so
'';
environment.etc."php.d/cache.ini".text = ''
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
opcache.validate_timestamps=0
opcache.enable_cli=1
@ -267,14 +261,13 @@ in lib.fix (self: {
services.phpfpm.phpOptions = ''
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
extension=${pkgs.phpPackages.mailparse}/lib/php/extensions/mailparse.so
opcache.validate_timestamps=0
opcache.enable_cli=1
'';
services.phpfpm.pools.phabricator = {
user = "phabricator";
phpPackage = myPhp;
settings = {
"listen.owner" = config.services.nginx.user;
"pm" = "dynamic";
@ -298,12 +291,12 @@ in lib.fix (self: {
services.mysql = {
enable = true;
package = pkgs.mariadb;
extraOptions = ''
max_allowed_packet = 128M
sql_mode = STRICT_ALL_TABLES
innodb_buffer_pool_size = 1600M
local_infile = 0
'';
settings.mysqld = {
max_allowed_packet = "128M";
sql_mode = "STRICT_ALL_TABLES";
innodb_buffer_pool_size = "1600M";
local_infile = "0";
};
};
services.postfix = {
@ -338,4 +331,4 @@ in lib.fix (self: {
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
system.stateVersion = "20.03";
})
}

View file

@ -1,5 +1,5 @@
{ depot, lib, pkgs, rebuilder, ... }:
config:
{ config, ... }:
let
inherit (depot.ops) secrets;
nvidia-offload-profile = ''
@ -12,7 +12,7 @@ let
(nvidia-offload-profile + ''
exec -a "$0" "$@"
'');
in lib.fix (self: {
in {
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
@ -221,5 +221,4 @@ in lib.fix (self: {
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.09"; # Did you read the comment?
})
}