From 3fc3beb4edada8785f6349fb3963747b16d710d1 Mon Sep 17 00:00:00 2001 From: John Lancaster <32917998+jsl12@users.noreply.github.com> Date: Mon, 20 Apr 2026 22:38:31 -0500 Subject: [PATCH] test and dev wrappers --- modules/hosts/john-pc/default.nix | 21 ++++--- modules/hosts/john-pc/dev.nix | 33 +++++++++++ modules/nix-tools/rebuild.nix | 92 ++++++++++++++++++------------- modules/programs/sops.nix | 31 ++++++----- 4 files changed, 112 insertions(+), 65 deletions(-) create mode 100644 modules/hosts/john-pc/dev.nix diff --git a/modules/hosts/john-pc/default.nix b/modules/hosts/john-pc/default.nix index 7d5d6fe..f9c719f 100644 --- a/modules/hosts/john-pc/default.nix +++ b/modules/hosts/john-pc/default.nix @@ -15,23 +15,18 @@ in selfPkgs = inputs.self.packages.${pkgs.stdenv.hostPlatform.system}; resticPasswordFile = "${config.xdg.configHome}/restic/password.txt"; flakeDir = "${config.xdg.configHome}/home-manager/jsl-dendritic"; - test-push = with pkgs; writeShellApplication { - name = "test-push"; - runtimeInputs = [ nh ]; - text = ''nh os switch ${flakeDir}#${testHost} --target-host root@${testTarget} -e none''; - }; in { imports = with inputs.self.modules.homeManager; [ rebuild john - mysops - janus-ca mtls restic docker desktop - # sshCerts + step-client + mysops + # myPackage # myStepClient ]; # TODO: make this more restrictive, rather than allowing all unfree packages @@ -43,13 +38,17 @@ in home.username = "${username}"; home.homeDirectory = "/home/${username}"; home.packages = with pkgs; [ - nixos-rebuild - test-push selfPkgs.jsl-zsh selfPkgs.my-neovim - selfPkgs.step-client + selfPkgs.ssh-certs + # selfPkgs.step-bootstrap # selfPkgs.wg-platform # self'.packages.myWrappedPackage + # (inputs.self.wrappers.test-push.apply { + # inherit pkgs flakeDir; + # host = testHost; + # target = testTarget; + # }).wrapper ]; shell.program = "zsh"; diff --git a/modules/hosts/john-pc/dev.nix b/modules/hosts/john-pc/dev.nix new file mode 100644 index 0000000..770d783 --- /dev/null +++ b/modules/hosts/john-pc/dev.nix @@ -0,0 +1,33 @@ +{ self, inputs, ... }: { + flake.wrappers.test-push = inputs.wrappers.lib.wrapModule ({config, lib, wlib, ... }: { + options = { + flakeDir = lib.mkOption { + type = lib.types.str; + }; + host = lib.mkOption { + type = lib.types.str; + }; + target = lib.mkOption { + type = lib.types.str; + }; + sshUser = lib.mkOption { + type = lib.types.str; + default = "root"; + }; + elevationStrategy = lib.mkOption { + type = lib.types.str; + default = "none"; + }; + }; + + config = { + binName = "test-push"; + package = config.pkgs.nh; + args = [ + "os" "switch" "${config.flakeDir}#${config.host}" + "--target-host" "${config.sshUser}@${config.target}" + "--elevation-strategy" "${config.elevationStrategy}" + ]; + }; + }); +} \ No newline at end of file diff --git a/modules/nix-tools/rebuild.nix b/modules/nix-tools/rebuild.nix index 15e0b5d..641fc2e 100644 --- a/modules/nix-tools/rebuild.nix +++ b/modules/nix-tools/rebuild.nix @@ -40,7 +40,6 @@ { config, pkgs, lib, ... }: let flakeDir = config.homeManagerFlakeDir; - hostnameCmd = "$(${lib.getExe pkgs.hostname} -s)"; flake-parts-check = with pkgs; writeShellApplication { name = "flake-parts-check"; @@ -52,23 +51,6 @@ ''; }; - nhms = with pkgs; writeShellApplication { - name = "nhms"; - runtimeInputs = [ coreutils hostname nh ]; - text = '' - USERNAME=''${USER:-$(whoami)} - HOSTNAME=$(hostname -s) - echo "Switching to the $HOSTNAME home-manager profile" - nh home switch ${flakeDir} -c "$USERNAME@$HOSTNAME" "$@" - ''; - }; - - nhmu = with pkgs; writeShellApplication { - name = "nhmu"; - runtimeInputs = [ nhms ]; - text = ''nhms --update''; - }; - test-build = with pkgs; writeShellApplication { name = "test-build"; runtimeInputs = [ coreutils nix hostname ]; @@ -82,24 +64,6 @@ nix eval "${flakeDir}#nixosConfigurations.$HOSTNAME.config.system.build.toplevel.drvPath" ''; }; - - cleanup = with pkgs; writeShellApplication { - name = "cleanup"; - runtimeInputs = [ coreutils home-manager nix ]; - text = '' - set -e - DAYS=$1 - if [ -z "$DAYS" ]; then - echo "usage: cleanup " - exit 1 - fi - home-manager expire-generations "-$DAYS days" - nix profile wipe-history --older-than "''${DAYS}d" - nix store gc - nix store optimise - ''; - }; - in { options = { @@ -121,13 +85,63 @@ name = "build-tools"; paths = [ flake-parts-check - nhms - nhmu test-build - cleanup + (inputs.self.wrappers.home-switch.apply { + inherit pkgs flakeDir; + }).wrapper + (inputs.self.wrappers.home-switch.apply { + binName = lib.mkForce "nhmu"; + inherit pkgs flakeDir; + extraOptions = [ "--update" ]; + }).wrapper + (inputs.wrappers.lib.wrapPackage { + binName = "cleanup"; + inherit pkgs; + package = nh; + args = [ "clean" "user" "--keep-since" "3days" ]; + }) ]; }) ]; }; }; + + flake.wrappers.home-switch = inputs.wrappers.lib.wrapModule ({config, lib, wlib, ... }: { + options = { + flakeDir = lib.mkOption { + type = lib.types.str; + }; + user = lib.mkOption { + type = lib.types.str; + default = "$(whoami)"; + }; + hostname = lib.mkOption { + type = lib.types.str; + default = "$(hostname -s)"; + }; + configuration = lib.mkOption { + type = lib.types.str; + default = "${config.user}@${config.hostname}"; + }; + extraOptions = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + }; + }; + + config = { + binName = "nhms"; + extraPackages = with config.pkgs; [ coreutils hostname nh ]; + preHook = '' + CONFIG=${config.configuration} + echo "Switching to $CONFIG" + ''; + package = config.pkgs.nh; + args = [ + "home" "switch" + "--configuration" "${config.configuration}" + "${config.flakeDir}" + ] ++ config.extraOptions ++ [ "$@" ]; + }; + }); } diff --git a/modules/programs/sops.nix b/modules/programs/sops.nix index a0bb3c9..1e9e91d 100644 --- a/modules/programs/sops.nix +++ b/modules/programs/sops.nix @@ -42,6 +42,14 @@ in }).wrapper; in { + # Option definitions for the sops home-manager module: + # https://github.com/Mic92/sops-nix/blob/master/modules/home-manager/sops.nix + sops = { + defaultSopsFile = ../../keys/secrets.yaml; + defaultSopsFormat = "yaml"; + age.sshKeyPaths = [ "${config.ssh.identityFile}" ]; + }; + home.packages = with pkgs; [ my-sops (inputs.wrappers.lib.wrapPackage { @@ -53,21 +61,14 @@ in "${config.xdg.configHome}/sops-nix/secrets" ]; }) - (inputs.wrappers.lib.wrapPackage { - binName = "edit-secrets"; - inherit pkgs; - package = my-sops; - args = [ cfg.hostSecretFile ]; - }) - ]; - - # Option definitions for the sops home-manager module: - # https://github.com/Mic92/sops-nix/blob/master/modules/home-manager/sops.nix - sops = { - defaultSopsFile = ../../keys/secrets.yaml; - defaultSopsFormat = "yaml"; - age.sshKeyPaths = [ "${config.ssh.identityFile}" ]; - }; + + ] + ++ lib.optional (cfg.hostSecretFile != null) (inputs.wrappers.lib.wrapPackage { + binName = "edit-secrets"; + inherit pkgs; + package = my-sops; + args = [ cfg.hostSecretFile ]; + }); }; };