diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 000000000..44aef9f94 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "python.formatting.provider": "black" +} \ No newline at end of file diff --git a/doc/guides/deploy-without-root.rst b/doc/guides/deploy-without-root.rst index dd53fa4a8..38e710418 100644 --- a/doc/guides/deploy-without-root.rst +++ b/doc/guides/deploy-without-root.rst @@ -69,7 +69,7 @@ Edit your nixops.nix to specify the machine's { network.description = "Non-root deployment"; - hermes = + resources.machines.hermes = { resources, ... }: { deployment.targetUser = "deployer"; diff --git a/doc/manual/nixops.rst b/doc/manual/nixops.rst index 280a3808d..21400d3c5 100644 --- a/doc/manual/nixops.rst +++ b/doc/manual/nixops.rst @@ -1067,9 +1067,9 @@ Consider the following deployment specification (``servers.nix``): :: - { nrMachines, active }: + { nrMachines, active, lib }: - with import ; + with lib; let @@ -1080,7 +1080,7 @@ Consider the following deployment specification (``servers.nix``): services.httpd.adminAddr = "foo@example.org"; }); - in listToAttrs (map makeMachine (range 1 nrMachines)) + in { resources.machines = listToAttrs (map makeMachine (range 1 nrMachines)); } This specifies a network of nrMachines identical VirtualBox VMs that run the Apache web server if active is set. To create 10 machines without diff --git a/doc/manual/overview.rst b/doc/manual/overview.rst index eae9168d4..955e6e8be 100644 --- a/doc/manual/overview.rst +++ b/doc/manual/overview.rst @@ -18,7 +18,7 @@ and leave ``deployment.targetEnv`` undefined. See :: { - webserver = + resources.machines.webserver = { config, pkgs, ... }: { deployment.targetHost = "1.2.3.4"; }; @@ -87,11 +87,14 @@ example: imports = [ ./common.nix ]; }; - machine = { ... }: {}; + resources.machines.machine = { ... }: {}; } Each attribute is explained below: +``resources.machines.*`` + Applies the given NixOS configuration to the corresponding node. + ``defaults`` Applies given NixOS module to all machines defined in the network. @@ -118,7 +121,7 @@ Here is an example of a network with network arguments: { maintenance ? false }: { - machine = + resources.machines.machine = { config, pkgs, ... }: { services.httpd.enable = maintenance; ... @@ -172,7 +175,7 @@ Add a key to a machine like so. :: { - machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -181,7 +184,7 @@ Add a key to a machine like so. deployment.keys.my-secret.permissions = "0640"; }; } - + This will create a file ``/run/keys/my-secret`` with the specified contents, ownership, and permissions. @@ -208,7 +211,7 @@ and otherwise inactive when the key is absent. See :: { - machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -223,7 +226,7 @@ and otherwise inactive when the key is absent. See }; }; } - + These dependencies will ensure that the service is only started when the keys it requires are present. For example, after a reboot, the services @@ -243,33 +246,34 @@ This is possible by using the extra NixOS module input ``nodes``. { network.description = "Gollum server and reverse proxy"; + resources.machines = { + + gollum = + { config, pkgs, ... }: + { + services.gollum = { + enable = true; + port = 40273; + }; + networking.firewall.allowedTCPPorts = [ config.services.gollum.port ]; + }; + + reverseproxy = + { config, pkgs, nodes, ... }: + let + gollumPort = nodes.gollum.config.services.gollum.port; + in + { + services.nginx = { + enable = true; + virtualHosts."wiki.example.net".locations."/" = { + proxyPass = "http://gollum:${toString gollumPort}"; + }; + }; + networking.firewall.allowedTCPPorts = [ 80 ]; + };}; + }; - gollum = - { config, pkgs, ... }: - { - services.gollum = { - enable = true; - port = 40273; - }; - networking.firewall.allowedTCPPorts = [ config.services.gollum.port ]; - }; - - reverseproxy = - { config, pkgs, nodes, ... }: - let - gollumPort = nodes.gollum.config.services.gollum.port; - in - { - services.nginx = { - enable = true; - virtualHosts."wiki.example.net".locations."/" = { - proxyPass = "http://gollum:${toString gollumPort}"; - }; - }; - networking.firewall.allowedTCPPorts = [ 80 ]; - }; - } - Moving the port number to a different value is now without the risk of an inconsistent deployment. diff --git a/doc/overview.rst b/doc/overview.rst index 8a48f5a29..26bc2d4f4 100644 --- a/doc/overview.rst +++ b/doc/overview.rst @@ -21,7 +21,7 @@ machine, and leave ``deployment.targetEnv`` undefined. See :: { - webserver = + resources.machines.webserver = { config, pkgs, ... }: { deployment.targetHost = "1.2.3.4"; }; @@ -92,7 +92,7 @@ example: imports = [ ./common.nix ]; }; - machine = { ... }: {}; + resources.machines.machine = { ... }: {}; } Each attribute is explained below: @@ -122,7 +122,7 @@ Here is an example of a network with network arguments: { maintenance ? false }: { - machine = + resources.machines.machine = { config, pkgs, ... }: { services.httpd.enable = maintenance; ... @@ -175,7 +175,7 @@ Add a key to a machine like so. :: { - machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -216,7 +216,7 @@ and otherwise inactive when the key is absent. See :: { - machine = + resources.machines.machine = { config, pkgs, ... }: { deployment.keys.my-secret.text = "shhh this is a secret"; @@ -251,30 +251,32 @@ This is possible by using the extra NixOS module input ``nodes``. { network.description = "Gollum server and reverse proxy"; - gollum = - { config, pkgs, ... }: - { - services.gollum = { - enable = true; - port = 40273; + resources.machines = { + gollum = + { config, pkgs, ... }: + { + services.gollum = { + enable = true; + port = 40273; + }; + networking.firewall.allowedTCPPorts = [ config.services.gollum.port ]; }; - networking.firewall.allowedTCPPorts = [ config.services.gollum.port ]; - }; - reverseproxy = - { config, pkgs, nodes, ... }: - let - gollumPort = nodes.gollum.config.services.gollum.port; - in - { - services.nginx = { - enable = true; - virtualHosts."wiki.example.net".locations."/" = { - proxyPass = "http://gollum:${toString gollumPort}"; + reverseproxy = + { config, pkgs, nodes, ... }: + let + gollumPort = nodes.gollum.config.services.gollum.port; + in + { + services.nginx = { + enable = true; + virtualHosts."wiki.example.net".locations."/" = { + proxyPass = "http://gollum:${toString gollumPort}"; + }; }; + networking.firewall.allowedTCPPorts = [ 80 ]; }; - networking.firewall.allowedTCPPorts = [ 80 ]; - }; + }; } Moving the port number to a different value is now without the risk of diff --git a/doc/release-notes/index.rst b/doc/release-notes/index.rst index af96ee319..c2e66793c 100644 --- a/doc/release-notes/index.rst +++ b/doc/release-notes/index.rst @@ -16,6 +16,10 @@ Release 2.0 - Major code cleanups. +- Now the network specification is using the module system from ``nixpkgs.lib`` + - Now network specification files can import other files via ``imports``. + - We have a ``resources.machines.*`` option where we put every NixOS configuration for the configured nodes. We suggest to use it instead of defining nodes in the top level. + - Removed NixOS Options - ``deployment.autoLuks.*`` - moved to `nixos-modules-contrib`_. diff --git a/flake.nix b/flake.nix index 250725be1..8257ef2d3 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,7 @@ git_root=$(${pkgs.git}/bin/git rev-parse --show-toplevel) export PYTHONPATH=$git_root:$PYTHONPATH export PATH=$git_root/scripts:$PATH + export NIX_PATH="nixpkgs=${toString nixpkgs}:$NIX_PATH" ''; }; @@ -73,6 +74,10 @@ overrides ]; + postPatch = '' + substituteInPlace nix/eval-machine-info.nix --replace "" "${toString nixpkgs}" + ''; + # TODO: Re-add manual build }; diff --git a/nix/default-deployment.nix b/nix/default-deployment.nix new file mode 100644 index 000000000..732299663 --- /dev/null +++ b/nix/default-deployment.nix @@ -0,0 +1,26 @@ +{ lib, ... }: let + inherit (lib) mkOption types; +in { + options.deployment = { + + name = mkOption { + type = types.str; + description = '' + The name of the NixOps deployment. This is set by NixOps. + ''; + }; + + uuid = mkOption { + type = types.str; + description = '' + The UUID of the NixOps deployment. This is set by NixOps. + ''; + }; + + arguments = mkOption { + description = '' + Attribute set representing the NixOps arguments. This is set by NixOps. + ''; + }; + }; +} \ No newline at end of file diff --git a/nix/eval-machine-info.nix b/nix/eval-machine-info.nix index f92d34bad..bfb13d952 100644 --- a/nix/eval-machine-info.nix +++ b/nix/eval-machine-info.nix @@ -1,6 +1,7 @@ { system ? builtins.currentSystem , networkExprs , flakeUri ? null +, flake ? if flakeUri == null then null else builtins.getFlake flakeUri , checkConfigurationOptions ? true , uuid , deploymentName @@ -9,166 +10,124 @@ }: let - call = x: if builtins.isFunction x then x args else x; - - # Copied from nixpkgs to avoid import - optional = cond: elem: if cond then [elem] else []; - - zipAttrs = set: builtins.listToAttrs ( - map (name: { inherit name; value = builtins.catAttrs name set; }) (builtins.concatMap builtins.attrNames set)); - - flakeExpr = (builtins.getFlake flakeUri).outputs.nixopsConfigurations.default; - - networks = - let - getNetworkFromExpr = networkExpr: - (call (import networkExpr)) // { _file = networkExpr; }; - - exprToKey = key: { key = toString key; }; - - networkExprClosure = builtins.genericClosure { - startSet = map exprToKey networkExprs; - operator = { key }: map exprToKey ((getNetworkFromExpr key).require or []); - }; - in - map ({ key }: getNetworkFromExpr key) networkExprClosure - ++ optional (flakeUri != null) - ((call flakeExpr) // { _file = "<${flakeUri}>"; }); - - network = zipAttrs networks; - - evalConfig = - if flakeUri != null - then - if network ? nixpkgs - then (builtins.head (network.nixpkgs)).lib.nixosSystem - else throw "NixOps network must have a 'nixpkgs' attribute" - else import (pkgs.path + "/nixos/lib/eval-config.nix"); - - pkgs = if flakeUri != null - then - if network ? nixpkgs - then (builtins.head network.nixpkgs).legacyPackages.${system} - else throw "NixOps network must have a 'nixpkgs' attribute" - else (builtins.head (network.network)).nixpkgs or (import { inherit system; }); - - inherit (pkgs) lib; + importedPluginNixExprs = map import pluginNixExprs; + flakeExpr = flake.outputs.nixopsConfigurations.default or { }; + + nixpkgsBoot = ; # this will be replaced on install by nixops' nixpkgs input + libOf = nixpkgs: import /${nixpkgs}/lib; + libBoot = libOf nixpkgsBoot; + + evalMod = lib: mod: lib.evalModules { + specialArgs = args // { inherit lib system; }; + modules = networkExprs ++ [ + ./net.nix mod flakeExpr + { + nixpkgs = lib.mkDefault flake.inputs.nixpkgs or nixpkgsBoot; + network.nodesExtraArgs = { inherit deploymentName; }; + # Make NixOps's deployment.* options available. + deployment = { + name = deploymentName; + arguments = args; + inherit uuid; + }; + defaults = { + imports = lib.lists.concatMap (e: e.options) importedPluginNixExprs; + environment.checkConfigurationOptions = lib.mkOverride 900 checkConfigurationOptions; + }; + } + ]; + }; - # Expose path to imported nixpkgs (currently only used to find version suffix) - nixpkgs = builtins.unsafeDiscardStringContext pkgs.path; + inherit ((evalMod libBoot { _module.check = false; }).config) nixpkgs; + pkgs = nixpkgs.legacyPackages.${system} or (import nixpkgs { inherit system; }); + lib = nixpkgs.lib or pkgs.lib or (builtins.tryEval (libOf nixpkgs)).value or libBoot; in rec { - - inherit networks network; inherit nixpkgs; + net = evalMod lib { + resources.imports = pluginResourceModules; + network.resourcesDefaults._module.args.pkgs = lib.mkOptionDefault pkgs; + }; + + # for backward compatibility + network = lib.mapAttrs (n: v: [ v ]) net.config; + networks = [ net.config ]; + defaults = [ net.config.defaults ]; + nodes = #TODO: take options and other modules outputs for each node + lib.mapAttrs + (n: v: { + config = v; + options = net.options.resources.machines.${n}; + inherit (v.nixpkgs) pkgs; + }) + net.config.resources.machines; + + # ./resource.nix is imported in resource opt but does not define resource types + # we have to remove those entries as they do not otherwise conform to the resource schema + resources = removeAttrs net.config.resources (lib.concatMap + (e: lib.attrNames (import e { name = ""; inherit lib; }).options) + [ ./resource.nix ./default-deployment.nix ]); - importedPluginNixExprs = map - (expr: import expr) - pluginNixExprs; - pluginOptions = { imports = (lib.foldl (a: e: a ++ e.options) [] importedPluginNixExprs); }; pluginResources = map (e: e.resources) importedPluginNixExprs; - pluginDeploymentConfigExporters = (lib.foldl (a: e: a ++ (e.config_exporters { + pluginDeploymentConfigExporters = lib.lists.concatMap (e: e.config_exporters { inherit pkgs; inherit (lib) optionalAttrs; - })) [] importedPluginNixExprs); - - defaults = network.defaults or []; - - # Compute the definitions of the machines. - nodes = - lib.listToAttrs (map (machineName: - let - # Get the configuration of this machine from each network - # expression, attaching _file attributes so the NixOS module - # system can give sensible error messages. - modules = - lib.concatMap (n: lib.optional (lib.hasAttr machineName n) - { imports = [(lib.getAttr machineName n)]; inherit (n) _file; }) - networks; - in - { name = machineName; - value = evalConfig { - modules = - modules ++ - defaults ++ - [ deploymentInfoModule ] ++ - [ { key = "nixops-stuff"; - # Make NixOps's deployment.* options available. - imports = [ ./options.nix ./resource.nix pluginOptions ]; - # Provide a default hostname and deployment target equal - # to the attribute name of the machine in the model. - networking.hostName = lib.mkOverride 900 machineName; - deployment.targetHost = lib.mkOverride 900 machineName; - environment.checkConfigurationOptions = lib.mkOverride 900 checkConfigurationOptions; - - nixpkgs.system = lib.mkDefault system; - - _module.args = { inherit nodes resources uuid deploymentName; name = machineName; }; - } - ]; - }; - } - ) (lib.attrNames (removeAttrs network [ "network" "defaults" "resources" "require" "nixpkgs" "_file" ]))); + }) importedPluginNixExprs; # Compute the definitions of the non-machine resources. resourcesByType = lib.zipAttrs (network.resources or []); - deploymentInfoModule = { - deployment = { - name = deploymentName; - arguments = args; - inherit uuid; + pluginResourceModules = lib.lists.concatMap (lib.mapAttrsToList toResourceModule) pluginResourceLegacyReprs; + + toResourceModule = k: { _type, resourceModule }: + { + options.${k} = lib.mkOption { + type = lib.types.attrsOf (lib.types.submoduleWith { + specialArgs = { + inherit resources uuid nodes; + }; + modules = [ resourceModule ./resource.nix ]; + }); + default = { /* no resources configured */ }; + }; }; - }; - evalResources = mainModule: _resources: - lib.mapAttrs - (name: defs: - let - # Arguments fed to all modules - moduleArgs = { - _module.args = { - inherit pkgs uuid name resources; - - # inherit nodes, essentially - nodes = - lib.mapAttrs - (nodeName: node: - lib.mapAttrs - (key: lib.warn "Resource ${name} accesses nodes.${nodeName}.${key}, which is deprecated. Use the equivalent option instead: nodes.${nodeName}.${newOpt key}.") - info.machines.${nodeName} - // node) - nodes; + pluginResourceLegacyReprs = + (map + (f: + lib.mapAttrs + validateLegacyRepr + (f { + inherit evalResources resourcesByType lib; + inherit (lib) zipAttrs; + }) + ) + pluginResources + ); + + validateLegacyRepr = k: v: + if v._type or null == "legacyResourceRepresentation" then + v + else + throw + ''Legacy plugin resources are only supported if they follow the pattern: + + resources = { evalResources, zipAttrs, resourcesByType, ... }: { + foos = evalResources ./foo.nix (zipAttrs resourcesByType.foos or []); + # ... }; - }; - modules = [ - moduleArgs - mainModule - deploymentInfoModule - ./resource.nix - ] ++ defs; - in - builtins.removeAttrs - (lib.evalModules { inherit modules; }).config - ["_module"]) - _resources; - - newOpt = key: { - nixosRelease = "config.system.nixos.release and make sure it is set properly"; - publicIPv4 = "config.networking.publicIPv4"; - }.${key} or "config.deployment.${key}"; - - resources = lib.foldl - (a: b: a // (b { - inherit evalResources resourcesByType; - inherit (lib) zipAttrs; - })) - { - sshKeyPairs = evalResources ./ssh-keypair.nix (lib.zipAttrs resourcesByType.sshKeyPairs or []); - commandOutput = evalResources ./command-output.nix (lib.zipAttrs resourcesByType.commandOutput or []); - machines = lib.mapAttrs (n: v: v.config) nodes; - } - pluginResources; + + The resource ${k} did not follow that pattern. Please update the + corresponding plugin to declare the resource submodule directly instead. + ''; + + # NOTE: this is a legacy name. It does not invoke the module system, + # but rather preserves one argument, so that it can be turned + # into a proper submodule later. + evalResources = resourceModule: _: { + _type = "legacyResourceRepresentation"; + inherit resourceModule; + }; # check if there are duplicate elements in a sorted list noDups = l: @@ -184,7 +143,7 @@ in rec { let network' = network; resources' = resources; - in rec { + in { machines = lib.flip lib.mapAttrs nodes (n: v': let v = lib.scrubOptionValue v'; in @@ -214,34 +173,10 @@ in rec { network = builtins.removeAttrs (lib.fold (as: bs: as // bs) {} (network'.network or [])) - [ "nixpkgs" ] # Not serialisable + [ "nixpkgs" "resourcesDefaults" "nodesExtraArgs" ] # Not serialisable ; - resources = - let - resource_referenced = list: check: recurse: - lib.any lib.id (map (value: (check value) || - ((lib.isAttrs value) && (!(value ? _type) || recurse) - && (resource_referenced (lib.attrValues value) check false))) - list); - - flatten_resources = resources: lib.flatten ( map lib.attrValues (lib.attrValues resources) ); - - resource_used = res_set: resource: - resource_referenced - (flatten_resources res_set) - (value: value == resource ) - true; - - resources_without_defaults = res_class: defaults: res_set: - let - missing = lib.filter (res: !(resource_used (removeAttrs res_set [res_class]) - res_set."${res_class}"."${res}")) - (lib.attrNames defaults); - in - res_set // { "${res_class}" = ( removeAttrs res_set."${res_class}" missing ); }; - - in (removeAttrs resources' [ "machines" ]); + resources = (removeAttrs resources' [ "machines" ]); }; diff --git a/nix/net.nix b/nix/net.nix new file mode 100644 index 000000000..8c70d3bfb --- /dev/null +++ b/nix/net.nix @@ -0,0 +1,135 @@ +{ config, options, lib, system, ... }: +let + inherit (lib) mkOption types mapAttrs warn; + inherit (types) deferredModule; + + deploymentDefault = { + imports = [ ./resource.nix ./default-deployment.nix ]; + inherit (config) deployment; + }; +in +{ + imports = [ ./default-deployment.nix ]; + options = { + nixpkgs = lib.mkOption { + type = types.path; + description = "Path to the nixpkgs instance used to build the machines."; + defaultText = lib.literalDocBook "The 'nixpkgs' input to either the provided flake or nixops' own."; + }; + network = { + enableRollback = lib.mkEnableOption "network wide rollback"; + description = mkOption { + type = types.str; + description = "A description of the entire network."; + default = ""; + }; + nodesExtraArgs = mkOption { + description = "Extra inputs to be passed to every node."; + type = with types;attrsOf anything; + default = { }; + }; + storage = mkOption { + description = "Configuring how to store the network state."; + default = { }; + type = with types; submodule { + _module.freeformType = attrsOf anything; + }; + }; + resourcesDefaults = mkOption { + type = deferredModule; + internal = true; + default = { }; + description = '' + Extra configurations to add to all resources. + ''; + }; + lock = mkOption { + # TBD + type = types.raw; + default = { }; + }; + }; + resources = mkOption { + default = { }; + type = types.submoduleWith { + specialArgs.defineResource = resName: resMod: { + options.${resName} = mkOption { + default = { }; + type = types.attrsOf (types.submoduleWith { + specialArgs = { + inherit (config) resources; + inherit (config.deployment) uuid; + }; + modules = [ + deploymentDefault + config.network.resourcesDefaults + resMod + ({ name, ... }: { + _module.args.nodes = # inherit nodes, essentially + lib.mapAttrs + (nodeName: node: + lib.mapAttrs + (key: lib.warn "Resource ${name} accesses nodes.${nodeName}.${key}, which is deprecated. Use the equivalent option instead: nodes.${nodeName}.${{ + nixosRelease = "config.system.nixos.release and make sure it is set properly"; + publicIPv4 = "config.networking.publicIPv4"; + }.${key} or "config.deployment.${key}"}.") + config.resources.machines.${nodeName} + // node) + config.resources.machines; + }) + ]; + }); + }; + }; + modules = [ + deploymentDefault + ({ defineResource, ... }: { + imports = [ + (defineResource "sshKeyPairs" ./ssh-keypair.nix) + (defineResource "commandOutput" ./command-output.nix) + (defineResource "machines" ./options.nix) + ]; + # Compute the definitions of the machines. + options.machines = mkOption { + description = "The NixOS configurations for the nodes in the network."; + # on 1st eval nodes is not read and on 2nd lib is taken from config.nixpkgs + type = types.attrsOf (lib.nixosSystem or (import /${config.nixpkgs}/nixos/lib/eval-config.nix) { + inherit system lib; + specialArgs = config.network.nodesExtraArgs; + modules = [ config.defaults { _module.check = true; } ]; + }).type; + }; + config._module.check = false; + }) + ]; + }; + }; + defaults = mkOption { + type = deferredModule; + default = { }; + description = '' + Extra NixOS options to add to all nodes. + ''; + }; + }; + config = { + resources.machines = + let + nodes = removeAttrs config (builtins.attrNames options); + in + lib.mkIf ({ } != nodes) (lib.mapAttrs + (name: node: { + imports = [ node ]; + warnings = [ "Please use nodes.${name} option instead of assigning machines to the config's top level" ]; + }) + nodes); + + # Provides compatibility for old style node definitions outside in the root, + # outside the `nodes` option. + # TODO: interpreting arbitrary _mistaken_ configs as machines leads to + # obscure errors, so we should consider removing this backcompat + # solution, or perhaps eagerly throw an appropriate error as soon as + # we encounter an unknown key. The warning may not be encountered. + _module.freeformType = types.attrsOf deferredModule; + }; +} diff --git a/nix/options.nix b/nix/options.nix index 1df9b8e18..4adfadd6d 100644 --- a/nix/options.nix +++ b/nix/options.nix @@ -1,23 +1,8 @@ -{ config, lib, ... }: - +{ name, config, lib, ... }: with lib; - -let - - cfg = config.deployment; - -in - { - - imports = - [ - ./keys.nix - ]; - - + imports = [ ./keys.nix ]; options = { - deployment.targetEnv = mkOption { default = "none"; example = "ec2"; @@ -74,7 +59,7 @@ in deployment.sshOptions = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; description = '' Extra options passed to the OpenSSH client verbatim, and are not executed by a shell. ''; @@ -109,7 +94,7 @@ in }; deployment.owners = mkOption { - default = []; + default = [ ]; type = types.listOf types.str; description = '' List of email addresses of the owners of the machines. Used @@ -167,6 +152,9 @@ in _type = "machine"; + # Provide a default hostname and deployment target equal + # to the attribute name of the machine in the model. + networking.hostName = lib.mkOverride 900 name; deployment.targetHost = mkDefault config.networking.hostName; deployment.targetPort = mkDefault (head config.services.openssh.ports); diff --git a/nix/resource.nix b/nix/resource.nix index 8e04aa98a..2063899d7 100644 --- a/nix/resource.nix +++ b/nix/resource.nix @@ -1,4 +1,4 @@ -{ config, lib, name, ... }: +{ lib, name, ... }: with lib; @@ -19,27 +19,6 @@ with lib; visible = false; description = "Type of the resource."; }; - - deployment.name = mkOption { - type = types.str; - description = '' - The name of the NixOps deployment. This is set by NixOps. - ''; - }; - - deployment.uuid = mkOption { - type = types.str; - description = '' - The UUID of the NixOps deployment. This is set by NixOps. - ''; - }; - - deployment.arguments = mkOption { - description = '' - Attribute set representing the NixOps arguments. This is set by NixOps. - ''; - }; - }; }