diff --git a/checks/flake-module.nix b/checks/flake-module.nix index 3fd509a..3f653f4 100644 --- a/checks/flake-module.nix +++ b/checks/flake-module.nix @@ -5,25 +5,13 @@ perSystem = { pkgs, lib, self', ... }: { checks = let - nixosTestArgs = { - # reference to nixpkgs for the current system - inherit pkgs; - # this gives us a reference to our flake but also all flake inputs - inherit self; - }; - nixosTests = lib.optionalAttrs (pkgs.stdenv.isLinux) { - # import our test - secrets = import ./secrets nixosTestArgs; - }; - schemaTests = pkgs.callPackages ./schemas.nix { - inherit self; - }; + flakeOutputs = lib.mapAttrs' (name: config: lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations // lib.mapAttrs' (n: lib.nameValuePair "package-${n}") self'.packages // lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells // lib.mapAttrs' (name: config: lib.nameValuePair "home-manager-${name}" config.activation-script) (self'.legacyPackages.homeConfigurations or { }); in - nixosTests // schemaTests // flakeOutputs; + flakeOutputs; }; } diff --git a/checks/schema.nix b/checks/schema.nix deleted file mode 100644 index d862f8a..0000000 --- a/checks/schema.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ self, lib, inputs, ... }: -let - inherit (builtins) - mapAttrs - toJSON - toFile - ; - inherit (lib) - mapAttrs' - ; - clanLib = self.lib; - clanModules = self.clanModules; - - -in -{ - perSystem = { pkgs, ... }: - let - baseModule = { - imports = - (import (inputs.nixpkgs + "/nixos/modules/module-list.nix")) - ++ [{ - nixpkgs.hostPlatform = pkgs.system; - }]; - }; - - optionsFromModule = module: - let - evaled = lib.evalModules { - modules = [ module baseModule ]; - }; - in - evaled.options.clan.networking; - - clanModuleSchemas = - mapAttrs - (_: module: clanLib.jsonschema.parseOptions (optionsFromModule module)) - clanModules; - - mkTest = name: schema: pkgs.runCommand "schema-${name}" { } '' - ${pkgs.check-jsonschema}/bin/check-jsonschema \ - --check-metaschema ${toFile "schema-${name}" (toJSON schema)} - touch $out - ''; - in - { - checks = mapAttrs' - (name: schema: { - name = "schema-${name}"; - value = mkTest name schema; - }) - clanModuleSchemas; - }; -} diff --git a/checks/schemas.nix b/checks/schemas.nix deleted file mode 100644 index f2a9960..0000000 --- a/checks/schemas.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ self, runCommand, check-jsonschema, pkgs, lib, ... }: -let - clanModules.clanCore = self.nixosModules.clanCore; - - baseModule = { - imports = - (import (pkgs.path + "/nixos/modules/module-list.nix")) - ++ [{ - nixpkgs.hostPlatform = "x86_64-linux"; - }]; - }; - - optionsFromModule = module: - let - evaled = lib.evalModules { - modules = [ module baseModule ]; - }; - in - evaled.options.clan; - - clanModuleSchemas = lib.mapAttrs (_: module: self.lib.jsonschema.parseOptions (optionsFromModule module)) clanModules; - - mkTest = name: schema: runCommand "schema-${name}" { } '' - ${check-jsonschema}/bin/check-jsonschema \ - --check-metaschema ${builtins.toFile "schema-${name}" (builtins.toJSON schema)} - touch $out - ''; -in -lib.mapAttrs' - (name: schema: { - name = "schema-${name}"; - value = mkTest name schema; - }) - clanModuleSchemas diff --git a/checks/secrets/.clan-flake b/checks/secrets/.clan-flake deleted file mode 100644 index e69de29..0000000 diff --git a/checks/secrets/clan-secrets b/checks/secrets/clan-secrets deleted file mode 100755 index 79310e7..0000000 --- a/checks/secrets/clan-secrets +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -eux -o pipefail -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -export SOPS_AGE_KEY_FILE="${SCRIPT_DIR}/key.age" -nix run .# -- secrets "$@" diff --git a/checks/secrets/default.nix b/checks/secrets/default.nix deleted file mode 100644 index 8f050bf..0000000 --- a/checks/secrets/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -(import ../lib/test-base.nix) { - name = "secrets"; - - nodes.machine = { self, config, ... }: { - imports = [ - (self.nixosModules.clanCore) - ]; - environment.etc."secret".source = config.sops.secrets.secret.path; - environment.etc."group-secret".source = config.sops.secrets.group-secret.path; - sops.age.keyFile = ./key.age; - - clanCore.clanDir = "${./.}"; - clanCore.machineName = "machine"; - - networking.hostName = "machine"; - }; - testScript = '' - machine.succeed("cat /etc/secret >&2") - machine.succeed("cat /etc/group-secret >&2") - ''; -} diff --git a/checks/secrets/key.age b/checks/secrets/key.age deleted file mode 100644 index 1c9755a..0000000 --- a/checks/secrets/key.age +++ /dev/null @@ -1 +0,0 @@ -AGE-SECRET-KEY-1UCXEUJH6JXF8LFKWFHDM4N9AQE2CCGQZGXLUNV4TKR5KY0KC8FDQ2TY4NX diff --git a/checks/secrets/sops/groups/group/machines/machine b/checks/secrets/sops/groups/group/machines/machine deleted file mode 120000 index 4cef1e1..0000000 --- a/checks/secrets/sops/groups/group/machines/machine +++ /dev/null @@ -1 +0,0 @@ -../../../machines/machine \ No newline at end of file diff --git a/checks/secrets/sops/machines/machine/key.json b/checks/secrets/sops/machines/machine/key.json deleted file mode 100755 index 7564837..0000000 --- a/checks/secrets/sops/machines/machine/key.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "publickey": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00", - "type": "age" -} \ No newline at end of file diff --git a/checks/secrets/sops/secrets/group-secret/groups/group b/checks/secrets/sops/secrets/group-secret/groups/group deleted file mode 120000 index ad3ef6e..0000000 --- a/checks/secrets/sops/secrets/group-secret/groups/group +++ /dev/null @@ -1 +0,0 @@ -../../../groups/group \ No newline at end of file diff --git a/checks/secrets/sops/secrets/group-secret/secret b/checks/secrets/sops/secrets/group-secret/secret deleted file mode 100644 index fc575a9..0000000 --- a/checks/secrets/sops/secrets/group-secret/secret +++ /dev/null @@ -1,20 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:FgF3,iv:QBbnqZ6405qmwGKhbolPr9iobngXt8rtfUwCBOnmwRA=,tag:7gqI1zLVnTkZ0xrNn/LEkA==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": [ - { - "recipient": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArMHcxKzhUZzNHQmQrb28x\nRC9UMlZMeDN3S1l1eHdUWmV4VUVReHhhQ0RnCjAyUXVlY1FmclVmL2lEdFZuTmll\nVENpa3AwbjlDck5zdGdHUTRnNEdEOUkKLS0tIER3ZlNMSVFnRElkRDcxajZnVmFl\nZThyYzcvYUUvaWJYUmlwQ3dsSDdjSjgK+tj34yBzrsIjm6V+T9wTgz5FdNGOR7I/\nVB4fh8meW0vi/PCK/rajC8NbqmK8qq/lwsF/JwfZKDSdG0FOJUB1AA==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2023-09-03T12:44:56Z", - "mac": "ENC[AES256_GCM,data:d5a0WfE5ZRLKF1NZkBfOl+cVI8ZZHd2rC+qX/giALjyrzk09rLxBeY4lO827GFfMmVy/oC7ceH9pjv2O7ibUiQtcbGIQVBg/WP+dVn8fRMWtF0jpv9BhYTutkVk3kiddqPGhp3mpwvls2ot5jtCRczTPk3JSxN3B1JSJCmj9GfQ=,iv:YmlkTYFNUaFRWozO8+OpEVKaSQmh+N9zpatwUNMPNyw=,tag:mEGQ4tdo82qlhKWalQuufg==,type:str]", - "pgp": null, - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/checks/secrets/sops/secrets/secret/machines/machine b/checks/secrets/sops/secrets/secret/machines/machine deleted file mode 120000 index 4cef1e1..0000000 --- a/checks/secrets/sops/secrets/secret/machines/machine +++ /dev/null @@ -1 +0,0 @@ -../../../machines/machine \ No newline at end of file diff --git a/checks/secrets/sops/secrets/secret/secret b/checks/secrets/sops/secrets/secret/secret deleted file mode 100644 index 062aebd..0000000 --- a/checks/secrets/sops/secrets/secret/secret +++ /dev/null @@ -1,20 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:bhxF,iv:iNs+IfSU/7EwssZ0GVTF2raxJkVlddfQEPGIBeUYAy8=,tag:JMOKTMW3/ic3UTj9eT9YFQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": [ - { - "recipient": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxS0g4TEt4S09LQnFKdCtk\nZTlUQWhNUHZmcmZqdGtuZkhhTkMzZDVaWWdNCi9vNnZQeklNaFBBU2x0ditlUDR0\nNGJlRmFFb09WSUFGdEh5TGViTWtacFEKLS0tIE1OMWdQMHhGeFBwSlVEamtHUkcy\ndzI1VHRkZ1o4SStpekVNZmpQSnRkeUkKYmPS9sR6U0NHxd55DjRk29LNFINysOl6\nEM2MTrntLxOHFWZ1QgNx34l4rYIIXx97ONvR0SRpxN0ECL9VonQeZg==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2023-08-23T09:11:08Z", - "mac": "ENC[AES256_GCM,data:8z819mP4FJXE/ExWM1+/dhaXIXzCglhBuZwE6ikl/jNLUAnv3jYL9c9vPrPFl2by3wXSNzqB4AOiTKDQoxDx2SBQKxeWaUnOajD6hbzskoLqCCBfVx7qOHrk/BULcBvMSxBca4RnzXXoMFTwKs2A1fXqAPvSQd1X4gX6Xm9VXWM=,iv:3YxZX+gaEcRKDN0Kuf9y1oWL+sT/J5B/5CtCf4iur9Y=,tag:0dwyjpvjCqbm9vIrz6WSWQ==,type:str]", - "pgp": null, - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/checks/secrets/sops/secrets/secret/users/admin b/checks/secrets/sops/secrets/secret/users/admin deleted file mode 120000 index 9e21a99..0000000 --- a/checks/secrets/sops/secrets/secret/users/admin +++ /dev/null @@ -1 +0,0 @@ -../../../users/admin \ No newline at end of file diff --git a/checks/secrets/sops/users/admin/key.json b/checks/secrets/sops/users/admin/key.json deleted file mode 100755 index 7564837..0000000 --- a/checks/secrets/sops/users/admin/key.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "publickey": "age15x8u838dwqflr3t6csf4tlghxm4tx77y379ncqxav7y2n8qp7yzqgrwt00", - "type": "age" -} \ No newline at end of file diff --git a/pkgs/flake-module.nix b/pkgs/flake-module.nix index b5890c6..11596ae 100644 --- a/pkgs/flake-module.nix +++ b/pkgs/flake-module.nix @@ -10,6 +10,8 @@ packages = { tea-create-pr = pkgs.callPackage ./tea-create-pr { }; + #theme = pkgs.callPackage ./theme { inherit (self.inputs) floco; clanPkgs = self'.packages; }; + merge-after-ci = pkgs.callPackage ./merge-after-ci { inherit (config.packages) tea-create-pr; }; diff --git a/pkgs/ui/flake-module.nix b/pkgs/ui/flake-module.nix index 2d2d9bc..e6b1278 100644 --- a/pkgs/ui/flake-module.nix +++ b/pkgs/ui/flake-module.nix @@ -8,7 +8,7 @@ { packages = { ui = base.pkg.global; - theme = base.pkg.theme; + ui-assets = pkgs.callPackage ./nix/ui-assets.nix { }; # EXAMPLE: GITEA_TOKEN=$(rbw get -f GITEA_TOKEN git.clan.lol) nix run .#update-ui-assets update-ui-assets = pkgs.callPackage ./nix/update-ui-assets.nix { };