commit 65414a3f975e61f2621165742dadf7e98289d325 · ptr.pet/nixos-cloud-resources

+14

README.md

···

       1
       1
       +
       these are set of nixos modules for more convenient deployment of cloud resources for various providers. only implemented module is for firewalls right now, supporting hetzner.

     

       2
       2
       +
       

     

       3
       3
       +
       ## usage

     

       4
       4
       +
       

     

       5
       5
       +
       if using flakes, put `nixosModules.<resource>` and `nixosModules.<resource>-<provider>`

     

       6
       6
       +
       in your NixOS configuration. for example, `nixosModules.firewall` and

     

       7
       7
       +
       `nixosModules.firewall-hetzner`. see `nix flake show` for all available modules.

     

       8
       8
       +
       

     

       9
       9
       +
       if not using flakes, you can import `<resource>/` and `<resource>/provider/<provider>`.

     

       10
       10
       +
       

     

       11
       11
       +
       then, you can either use each module's individual `mkApp` config option to

     

       12
       12
       +
       generate an app and run it, or you can call `makeApps`:

     

       13
       13
       +
       - for flakes use the flake output `makeApps` and `makeApps {inherit pkgs self;}`. you can assign the output of this to your `outputs.apps` as it generates flake apps.

     

       14
       14
       +
       - for non-flake use `import ./makeApps.nix {inherit pkgs nixosSystem;}`, this will return an attribute set with a `run` key which is the generated app.

+2 -1

firewall/provider/hetzner/default.nix

···

       6
       6
        
       in {

     

       7
       7
        
         options = {

     

       8
       8
        
           providers.hetzner.firewall = {

     

       9
       9
       +
             enable = l.mkEnableOption "hetzner firewall";

     

       9
       10
        
             id = l.mkOption {

     

       10
       11
        
               type = t.ints.unsigned;

     

       11
       12
        
               description = "The ID of the firewall to update.";

     
···

       22
       23
        
           };

     

       23
       24
        
         };

     

       24
       25
        
       

     

       25
       25
       -
         config = {

     

       26
       26
       +
         config = l.mkIf cfg.enable {

     

       26
       27
        
           providers.hetzner.firewall.mkApp = pkgs: import ./app.nix {

     

       27
       28
        
             inherit pkgs lib taggedPorts;

     

       28
       29
        
             inherit (cfg) id;

flake.nix

···

       32
       32
        
               };

     

       33
       33
        
             })

     

       34
       34
        
             pkgsInstances;

     

       35
       35
       +
           makeApps = import ./makeApps.nix;

     

       35
       36
        
         };

     

       36
       37
        
       }

+54

makeApps.nix

···

       1
       1
       +
       {pkgs, lib ? pkgs.lib, self ? null, nixosSystem ? null}: let

     

       2
       2
       +
         l = lib;

     

       3
       3
       +
         mkProviderApp = provider:

     

       4
       4
       +
           l.concatStringsSep "\n" (l.flatten (

     

       5
       5
       +
             l.mapAttrsToList

     

       6
       6
       +
             (

     

       7
       7
       +
               name: module:

     

       8
       8
       +
               if module.enable

     

       9
       9
       +
               then ''

     

       10
       10
       +
                 log info "deploying ${name} resource(s)..."

     

       11
       11
       +
                 nu ${module.mkApp pkgs}

     

       12
       12
       +
               ''

     

       13
       13
       +
               else []

     

       14
       14
       +
             )

     

       15
       15
       +
             provider

     

       16
       16
       +
           ));

     

       17
       17
       +
         mkApp = {config, ...}: pkgs.writers.writeNu "deploy-resources" ''

     

       18
       18
       +
           use std/log

     

       19
       19
       +
           ${

     

       20
       20
       +
             l.concatStringsSep "\n\n"

     

       21
       21
       +
             (

     

       22
       22
       +
               l.mapAttrsToList

     

       23
       23
       +
               (

     

       24
       24
       +
                 name: provider: ''

     

       25
       25
       +
                   log info "deploying resources for ${name}..."

     

       26
       26
       +
                   ${mkProviderApp provider}

     

       27
       27
       +
                 ''

     

       28
       28
       +
               )

     

       29
       29
       +
               config.providers

     

       30
       30
       +
             )

     

       31
       31
       +
           }

     

       32
       32
       +
         '';

     

       33
       33
       +
       in

     

       34
       34
       +
         if self != null

     

       35
       35
       +
         then

     

       36
       36
       +
           l.mergeAttrsList (

     

       37
       37
       +
             l.mapAttrsToList

     

       38
       38
       +
             (

     

       39
       39
       +
               hostname: host: {

     

       40
       40
       +
                 "deploy-${hostname}-resources" = {

     

       41
       41
       +
                   type = "app";

     

       42
       42
       +
                   program = toString (mkApp host);

     

       43
       43
       +
                 };

     

       44
       44
       +
               }

     

       45
       45
       +
             )

     

       46
       46
       +
             self.nixosConfigurations

     

       47
       47
       +
           )

     

       48
       48
       +
         else if nixosSystem != null

     

       49
       49
       +
         then

     

       50
       50
       +
           {

     

       51
       51
       +
             run = mkApp nixosSystem;

     

       52
       52
       +
           }

     

       53
       53
       +
         else

     

       54
       54
       +
           throw "nixos-cloud-resources: neither 'self' or 'nixosSystem' was provided, aborting"