Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge per-machine nixpkgs arguments on top of network-wide ones #67

Merged
merged 2 commits into from Sep 6, 2019

Conversation

@Shados
Copy link
Contributor

commented Aug 31, 2019

Fixes #34. Got around to looking through nixpkgs eval mechanism again, now having more experience messing with it, and this appears to work nearly perfectly. The only thing it will not handle correctly is nixpkgs.system, but as is documented in the nixpkgs manual, you should instead set nixpkgs.localSystem.system.

Test deployment to see the impact:
test.nix:

let
  pkgs = import <nixpkgs> {
    config.allowUnfree = true;
    overlays = [ (self: super: {}) ];
  };

  common = { name, config, pkgs, ... }: {
    system.activationScripts.testingOverlays = ''
      # ${builtins.trace "machine: ${name}" "nak"}
      # ${builtins.trace config.nixpkgs.overlays "nak"}
      # ${builtins.trace config.nixpkgs.localSystem.system "nak"}
      # ${builtins.trace config.nixpkgs.crossSystem.system "nak"}
      # ${pkgs.lib.traceSeq pkgs.config "nak"}
    '';
    fileSystems."/" = { label = "root"; fsType = "ext4"; };
    boot.loader.grub.device = "/dev/sda";
  };
in
{
  network = {
    inherit pkgs;
    description = "Example nixpkgs argument merging successes";
  };

  "with-config" = { config, lib, pkgs, ... }: {
    imports = [ common ];
    nixpkgs.config.allowBroken = true;
  };
  "overridden-config" = { config, lib, pkgs, ...}: {
    imports = [ common ];
    nixpkgs.config.allowUnfree = false;
  };
  "with-overlays" = { config, lib, pkgs, ...}: {
    imports = [ common ];
    nixpkgs.overlays = [
      (self: super: {
        pam_mount = super.pam_mount.overrideAttrs(oldAttrs: {
          name = "pam_mount overidden by overlay";
        });
      })
    ];
  };
  "with-localsystem" = { config, lib, pkgs, ...}: {
    imports = [ common ];
    nixpkgs.localSystem.system = "aarch64-linux";
  };
  "with-crosssystem" = { config, lib, pkgs, ...}: {
    imports = [ common ];
    nixpkgs.crossSystem.system = "aarch64-linux";
  };
  "with-pkgs" = { config, lib, pkgs, ...}: {
    imports = [ common ];
    nixpkgs.pkgs = import <nixpkgs> { };
  };
}
$ morph build --dry-run test.nix
Selected 6/6 hosts (name filter:-0, limits:-0):
          0: overridden-config (secrets: 0, health checks: 0)
          1: with-config (secrets: 0, health checks: 0)
          2: with-crosssystem (secrets: 0, health checks: 0)
          3: with-localsystem (secrets: 0, health checks: 0)
          4: with-overlays (secrets: 0, health checks: 0)
          5: with-pkgs (secrets: 0, health checks: 0)

trace: machine: overridden-config
trace: [ <LAMBDA> ]
trace: x86_64-linux
trace: x86_64-linux
trace: { allowUnfree = false; doCheckByDefault = false; warnings = [ ]; }
trace: machine: with-config
trace: [ <LAMBDA> ]
trace: x86_64-linux
trace: x86_64-linux
trace: { allowBroken = true; allowUnfree = true; doCheckByDefault = false; warnings = [ ]; }
trace: machine: with-crosssystem
trace: [ <LAMBDA> ]
trace: x86_64-linux
trace: aarch64-linux
trace: { allowUnfree = true; doCheckByDefault = false; warnings = [ ]; }
trace: machine: with-localsystem
trace: [ <LAMBDA> ]
trace: aarch64-linux
trace: x86_64-linux
trace: { allowUnfree = true; doCheckByDefault = false; warnings = [ ]; }
trace: machine: with-overlays
trace: [ <LAMBDA> ]
trace: x86_64-linux
trace: x86_64-linux
trace: { allowUnfree = true; doCheckByDefault = false; warnings = [ ]; }
trace: machine: with-pkgs
trace: [ <LAMBDA> ]
trace: x86_64-linux
trace: x86_64-linux
trace: { doCheckByDefault = false; warnings = [ ]; }
@johanot
Copy link
Contributor

left a comment

@Shados Thank you so much for this! Looks good. Especially thank you for the test-deployment covering multiple cases. That could be useful for a future morph unittest, I think.

I have tested with our existing deployments and they seem to produce the same outputs as the current release. I have no reasons not to merge this, except for my two comments in the diff (mostly out of curiosity).

data/eval-machines.nix Outdated Show resolved Hide resolved
# can be overridden from within each machine
nixpkgs.localSystem = lib.mkOverride 900 pkgs.buildPlatform;
nixpkgs.crossSystem = lib.mkOverride 900 pkgs.hostPlatform;
nixpkgs.overlays = lib.mkOverride 900 pkgs.overlays;

This comment has been minimized.

Copy link
@johanot

johanot Sep 6, 2019

Contributor

Hmm. pkgs.overlays doesn't exist in nixpkgs v19.03, but it seems to work in unstable - which makes it ok for merge by now (this close to release) then I guess :-)

This comment has been minimized.

Copy link
@Shados

Shados Sep 6, 2019

Author Contributor

Yeah, the lack of it was what prevented this approach from being viable originally.

@Shados Shados force-pushed the Shados:merge-nixpkgs-config branch from 9567106 to 87358eb Sep 6, 2019

@Shados

This comment has been minimized.

Copy link
Contributor Author

commented Sep 6, 2019

Force-pushed a version using mkDefault for the options rather than mkOverride 900, as that tested fine.

If you do end up using something like the given examples in a unit test, keep in mind the effects of the deliberate NixOS & nixpkgs impurities (e.g. ~/.config/nixpkgs/.config.nix).

@johanot

This comment has been minimized.

Copy link
Contributor

commented Sep 6, 2019

Great! Will do a final test and hopefully @kalbasit will have time at some point to re-test the aarch cross-build issue with this code as well. Would like to merge and cut a release later today in order to race the 19.09 freeze :-).

@adamtulinius adamtulinius merged commit 00d7675 into DBCDK:master Sep 6, 2019

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@johanot johanot referenced this pull request Sep 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.