Compare commits
No commits in common. "main" and "stop_grace_period" have entirely different histories.
main
...
stop_grace
12 changed files with 130 additions and 69 deletions
|
|
@ -45,21 +45,18 @@ NOTE: This deployment method does NOT use an `arion-pkgs.nix` file, but reuses
|
|||
# Pick one of:
|
||||
# - niv
|
||||
((import ./nix/sources.nix).arion + "/nixos-module.nix")
|
||||
# - or flakes (where arion is a flake input)
|
||||
# - flakes (where arion is a flake input)
|
||||
arion.nixosModules.arion
|
||||
# - or other: copy commit hash of arion and replace HASH in:
|
||||
(builtins.fetchTarball "https://github.com/hercules-ci/arion/archive/HASH.tar.gz") + "/nixos-module.nix")
|
||||
# - other
|
||||
arionPath + "/nixos-module.nix")
|
||||
];
|
||||
|
||||
virtualisation.arion = {
|
||||
backend = "podman-socket"; # or "docker"
|
||||
projects.example = {
|
||||
serviceName = "example"; # optional systemd service name, defaults to arion-example in this case
|
||||
settings = {
|
||||
# Specify you project here, or import it from a file.
|
||||
# NOTE: This does NOT use ./arion-pkgs.nix, but defaults to NixOS' pkgs.
|
||||
imports = [ ./arion-compose.nix ];
|
||||
};
|
||||
projects.example.settings = {
|
||||
# Specify you project here, or import it from a file.
|
||||
# NOTE: This does NOT use ./arion-pkgs.nix, but defaults to NixOS' pkgs.
|
||||
imports = [ ./arion-compose.nix ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -148,7 +148,7 @@ Describe containers using NixOS-style modules. There are a few options:
|
|||
project.name = "full-nixos";
|
||||
services.webserver = { pkgs, lib, ... }: {
|
||||
nixos.useSystemd = true;
|
||||
nixos.configuration.boot.tmp.useTmpfs = true;
|
||||
nixos.configuration.boot.tmpOnTmpfs = true;
|
||||
nixos.configuration.services.nginx.enable = true;
|
||||
nixos.configuration.services.nginx.virtualHosts.localhost.root = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||
nixos.configuration.services.nscd.enable = false;
|
||||
|
|
|
|||
|
|
@ -2,8 +2,7 @@
|
|||
project.name = "full-nixos";
|
||||
services.webserver = { pkgs, lib, ... }: {
|
||||
nixos.useSystemd = true;
|
||||
nixos.configuration.boot.tmp.useTmpfs = true;
|
||||
nixos.configuration.networking.useDHCP = false;
|
||||
nixos.configuration.boot.tmpOnTmpfs = true;
|
||||
nixos.configuration.services.nginx.enable = true;
|
||||
nixos.configuration.services.nginx.virtualHosts.localhost.root = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||
nixos.configuration.services.nscd.enable = false;
|
||||
|
|
|
|||
123
flake.lock
123
flake.lock
|
|
@ -7,11 +7,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"lastModified": 1675933616,
|
||||
"narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"rev": "47478a4a003e745402acf63be7f9a092d51b83d7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -22,17 +22,14 @@
|
|||
},
|
||||
"flake-parts_2": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"hercules-ci-effects",
|
||||
"nixpkgs"
|
||||
]
|
||||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1712014858,
|
||||
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
|
||||
"lastModified": 1688466019,
|
||||
"narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
|
||||
"rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -40,6 +37,28 @@
|
|||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"flake-parts_3": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"hercules-ci-effects",
|
||||
"hercules-ci-agent",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1688466019,
|
||||
"narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"haskell-flake": {
|
||||
"locked": {
|
||||
"lastModified": 1675296942,
|
||||
|
|
@ -56,19 +75,55 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"haskell-flake_2": {
|
||||
"locked": {
|
||||
"lastModified": 1684780604,
|
||||
"narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=",
|
||||
"owner": "srid",
|
||||
"repo": "haskell-flake",
|
||||
"rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "srid",
|
||||
"ref": "0.3.0",
|
||||
"repo": "haskell-flake",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hercules-ci-agent": {
|
||||
"inputs": {
|
||||
"flake-parts": "flake-parts_3",
|
||||
"haskell-flake": "haskell-flake_2",
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1688568579,
|
||||
"narHash": "sha256-ON0M56wtY/TIIGPkXDlJboAmuYwc73Hi8X9iJGtxOhM=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-agent",
|
||||
"rev": "367dd8cd649b57009a6502e878005a1e54ad78c5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "hercules-ci-agent",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"hercules-ci-effects": {
|
||||
"inputs": {
|
||||
"flake-parts": "flake-parts_2",
|
||||
"hercules-ci-agent": "hercules-ci-agent",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1719226092,
|
||||
"narHash": "sha256-YNkUMcCUCpnULp40g+svYsaH1RbSEj6s4WdZY/SHe38=",
|
||||
"lastModified": 1689397210,
|
||||
"narHash": "sha256-fVxZnqxMbsDkB4GzGAs/B41K0wt/e+B/fLxmTFF/S20=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-effects",
|
||||
"rev": "11e4b8dc112e2f485d7c97e1cee77f9958f498f5",
|
||||
"rev": "0a63bfa3f00a3775ea3a6722b247880f1ffe91ce",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -79,11 +134,45 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1722630782,
|
||||
"narHash": "sha256-hMyG9/WlUi0Ho9VkRrrez7SeNlDzLxalm9FwY7n/Noo=",
|
||||
"lastModified": 1688322751,
|
||||
"narHash": "sha256-eW62dC5f33oKZL7VWlomttbUnOTHrAbte9yNUNW8rbk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d04953086551086b44b6f3c6b7eeb26294f207da",
|
||||
"rev": "0fbe93c5a7cac99f90b60bdf5f149383daaa615f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1688049487,
|
||||
"narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"dir": "lib",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1676300157,
|
||||
"narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "545c7a31e5dedea4a6d372712a18e00ce097d462",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -98,7 +187,7 @@
|
|||
"flake-parts": "flake-parts",
|
||||
"haskell-flake": "haskell-flake",
|
||||
"hercules-ci-effects": "hercules-ci-effects",
|
||||
"nixpkgs": "nixpkgs"
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -86,6 +86,12 @@
|
|||
flake = {
|
||||
debug = { inherit inputs config lib; };
|
||||
|
||||
defaultPackage =
|
||||
lib.mapAttrs
|
||||
(ps: lib.warn "arion.defaultPackage has been removed in favor of arion.packages.\${system}.default"
|
||||
ps.default)
|
||||
config.flake.packages;
|
||||
|
||||
lib = {
|
||||
eval = import ./src/nix/eval-composition.nix;
|
||||
build = args@{ ... }:
|
||||
|
|
|
|||
|
|
@ -26,14 +26,9 @@ let
|
|||
visible = "shallow";
|
||||
};
|
||||
_systemd = mkOption { internal = true; };
|
||||
serviceName = mkOption {
|
||||
description = "The name of the Arion project's systemd service";
|
||||
type = types.str;
|
||||
default = "arion-${name}";
|
||||
};
|
||||
};
|
||||
config = {
|
||||
_systemd.services.${config.serviceName} = {
|
||||
_systemd.services."arion-${name}" = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "sockets.target" ];
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
project.name = "unit-test-data";
|
||||
services.webserver = { pkgs, ... }: {
|
||||
nixos.useSystemd = true;
|
||||
nixos.configuration.boot.tmp.useTmpfs = true;
|
||||
nixos.configuration.boot.tmpOnTmpfs = true;
|
||||
nixos.configuration.services.nginx.enable = true;
|
||||
nixos.configuration.services.nginx.virtualHosts.localhost.root = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||
service.useHostStore = true;
|
||||
|
|
|
|||
|
|
@ -3,13 +3,11 @@ let
|
|||
|
||||
link = url: text: ''[${text}](${url})'';
|
||||
|
||||
composeSpecRev = "55b450aee50799a2f33cc99e1d714518babe305e";
|
||||
|
||||
serviceRef = fragment:
|
||||
''See ${link "https://github.com/compose-spec/compose-spec/blob/${composeSpecRev}/05-services.md#${fragment}" "Compose Spec Services #${fragment}"}'';
|
||||
''See ${link "https://docs.docker.com/compose/compose-file/05-services/#${fragment}" "Docker Compose Services #${fragment}"}'';
|
||||
|
||||
networkRef = fragment:
|
||||
''See ${link "https://github.com/compose-spec/compose-spec/blob/${composeSpecRev}/06-networks.md#${fragment}" "Compose Spec Networks #${fragment}"}'';
|
||||
''See ${link "https://docs.docker.com/compose/compose-file/06-networks/#${fragment}" "Docker Compose Network #${fragment}"}'';
|
||||
|
||||
in
|
||||
{
|
||||
|
|
|
|||
|
|
@ -66,22 +66,6 @@ in
|
|||
https://docs.docker.com/compose/compose-file/build/#context
|
||||
'';
|
||||
};
|
||||
service.build.dockerfile = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
description = ''
|
||||
Sets an alternate Dockerfile. A relative path is resolved from the build context.
|
||||
https://docs.docker.com/compose/compose-file/build/#dockerfile
|
||||
'';
|
||||
};
|
||||
service.build.target = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
description = ''
|
||||
Defines the stage to build as defined inside a multi-stage Dockerfile.
|
||||
https://docs.docker.com/compose/compose-file/build/#target
|
||||
'';
|
||||
};
|
||||
service.hostname = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
|
|
@ -210,11 +194,6 @@ in
|
|||
default = [];
|
||||
description = serviceRef "external_links";
|
||||
};
|
||||
service.profiles = mkOption {
|
||||
type = listOf str;
|
||||
default = [];
|
||||
description = serviceRef "profiles";
|
||||
};
|
||||
service.extra_hosts = mkOption {
|
||||
type = listOf str;
|
||||
default = [];
|
||||
|
|
@ -358,8 +337,8 @@ in
|
|||
;
|
||||
} // lib.optionalAttrs (config.service.image != null) {
|
||||
inherit (config.service) image;
|
||||
} // lib.optionalAttrs (config.service.build.context != null ) {
|
||||
build = lib.filterAttrs (n: v: v != null) config.service.build;
|
||||
} // lib.optionalAttrs (config.service.build.context != null) {
|
||||
inherit (config.service) build;
|
||||
} // lib.optionalAttrs (cap_add != []) {
|
||||
inherit cap_add;
|
||||
} // lib.optionalAttrs (cap_drop != []) {
|
||||
|
|
@ -416,7 +395,5 @@ in
|
|||
inherit (config.service) working_dir;
|
||||
} // lib.optionalAttrs (config.service.user != null) {
|
||||
inherit (config.service) user;
|
||||
} // lib.optionalAttrs (config.service.profiles != []) {
|
||||
inherit (config.service) profiles;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ in
|
|||
service.tmpfs = [
|
||||
"/run" # noexec is fine because exes should be symlinked from elsewhere anyway
|
||||
"/run/wrappers" # noexec breaks this intentionally
|
||||
] ++ lib.optional (config.nixos.evaluatedConfig.boot.tmp.useTmpfs) "/tmp:exec,mode=777";
|
||||
] ++ lib.optional (config.nixos.evaluatedConfig.boot.tmpOnTmpfs) "/tmp:exec,mode=777";
|
||||
|
||||
service.stop_signal = "SIGRTMIN+3";
|
||||
service.tty = true;
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ in
|
|||
pkgs.stdenv
|
||||
];
|
||||
|
||||
virtualisation.memorySize = 2048;
|
||||
virtualisation.memorySize = 1024;
|
||||
virtualisation.diskSize = 8000;
|
||||
};
|
||||
testScript = ''
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ pkgs.nixosTest {
|
|||
name = "test-basic-arion-kafka";
|
||||
nodes = {
|
||||
machine = { ... }: {
|
||||
virtualisation.memorySize = 4096;
|
||||
virtualisation.memorySize = 3000;
|
||||
virtualisation.diskSize = 10000;
|
||||
imports = [
|
||||
../../nixos-module.nix
|
||||
|
|
|
|||
Loading…
Reference in a new issue