From 4d676c5453fe4b1f41a01f0f7d76fb1787421b4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 14 Sep 2024 17:30:37 +0200 Subject: [PATCH 1/4] build nix-darwin in ci --- .github/workflows/ci.yml | 11 +++++++++ flake.lock | 38 +++++++++++++++++++++++++++++++ flake.nix | 7 ++++++ macs/flake-module.nix | 17 ++++++++++++++ macs/flake.lock | 48 ---------------------------------------- macs/flake.nix | 30 ------------------------- 6 files changed, 73 insertions(+), 78 deletions(-) create mode 100644 macs/flake-module.nix delete mode 100644 macs/flake.lock delete mode 100644 macs/flake.nix diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d229745a..dd2c7eb6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,3 +34,14 @@ jobs: - uses: cachix/install-nix-action@v27 - uses: DeterminateSystems/magic-nix-cache-action@v8 - run: nix build '.#nixosConfigurations."${{ matrix.machine }}.nixos.org".config.system.build.toplevel' + nix-darwin: + runs-on: macos-latest + strategy: + matrix: + # Doesn't seem that x86_64 is still in use? + machine: [arm64] + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v27 + - uses: DeterminateSystems/magic-nix-cache-action@v8 + - run: nix build '.#darwinConfigurations."${{ matrix.machine }}".config.system.build.toplevel' diff --git a/flake.lock b/flake.lock index 579735aa..5b89f87c 100644 --- a/flake.lock +++ b/flake.lock @@ -27,6 +27,26 @@ "type": "github" } }, + "darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1726188813, + "narHash": "sha256-Vop/VRi6uCiScg/Ic+YlwsdIrLabWUJc57dNczp0eBc=", + "owner": "LnL7", + "repo": "nix-darwin", + "rev": "21fe31f26473c180390cfa81e3ea81aca0204c80", + "type": "github" + }, + "original": { + "owner": "LnL7", + "repo": "nix-darwin", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -179,6 +199,22 @@ "type": "github" } }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1726206720, + "narHash": "sha256-tI7141IHDABMNgz4iXDo8agCp0SeTLbaIZ2DRndwcmk=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "673d99f1406cb09b8eb6feab4743ebdf70046557", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1725103162, @@ -228,11 +264,13 @@ "root": { "inputs": { "colmena": "colmena", + "darwin": "darwin", "disko": "disko", "first-time-contribution-tagger": "first-time-contribution-tagger", "flake-parts": "flake-parts", "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", "srvos": "srvos", "treefmt-nix": "treefmt-nix" diff --git a/flake.nix b/flake.nix index 747e45f8..5ab0e47c 100644 --- a/flake.nix +++ b/flake.nix @@ -3,9 +3,15 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; + darwin = { + url = "github:LnL7/nix-darwin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + flake-utils.url = "github:numtide/flake-utils"; treefmt-nix.url = "github:numtide/treefmt-nix"; @@ -54,6 +60,7 @@ ./checks/flake-module.nix ./terraform/flake-module.nix ./non-critical-infra/flake-module.nix + ./macs/flake-module.nix ]; }; } diff --git a/macs/flake-module.nix b/macs/flake-module.nix new file mode 100644 index 00000000..287c452f --- /dev/null +++ b/macs/flake-module.nix @@ -0,0 +1,17 @@ +{ inputs, ... }: +{ + flake.darwinConfigurations = + let + mac = + system: + inputs.darwin.lib.darwinSystem { + inherit system; + + modules = [ ./nix-darwin.nix ]; + }; + in + { + arm64 = mac "aarch64-darwin"; + x86_64 = mac "x86_64-darwin"; + }; +} diff --git a/macs/flake.lock b/macs/flake.lock deleted file mode 100644 index 7f16e363..00000000 --- a/macs/flake.lock +++ /dev/null @@ -1,48 +0,0 @@ -{ - "nodes": { - "darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1726188813, - "narHash": "sha256-Vop/VRi6uCiScg/Ic+YlwsdIrLabWUJc57dNczp0eBc=", - "owner": "LnL7", - "repo": "nix-darwin", - "rev": "21fe31f26473c180390cfa81e3ea81aca0204c80", - "type": "github" - }, - "original": { - "owner": "LnL7", - "repo": "nix-darwin", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1726396940, - "narHash": "sha256-EpiSl9nSINTmIW6MG6CulGwNAa6sHrBt8gQdyHUXzR4=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "76d7694a3f681b0b750c01783df5d2177ef39fe7", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "darwin": "darwin", - "nixpkgs": "nixpkgs" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/macs/flake.nix b/macs/flake.nix deleted file mode 100644 index dd993a3a..00000000 --- a/macs/flake.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - description = "nixos-org-configurations macs"; - - inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; - darwin = { - url = "github:LnL7/nix-darwin"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - }; - - outputs = - { darwin, ... }: - { - darwinConfigurations = - let - mac = - system: - darwin.lib.darwinSystem { - inherit system; - - modules = [ ./nix-darwin.nix ]; - }; - in - { - arm64 = mac "aarch64-darwin"; - x86_64 = mac "x86_64-darwin"; - }; - }; -} From dc777ea748efc4376a917e91e80259b28550396b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 14 Sep 2024 17:39:11 +0200 Subject: [PATCH 2/4] add state version to darwin builder --- macs/nix-darwin.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/macs/nix-darwin.nix b/macs/nix-darwin.nix index d65042a4..99442a6e 100644 --- a/macs/nix-darwin.nix +++ b/macs/nix-darwin.nix @@ -24,6 +24,8 @@ in environment.darwinConfig = "/nix/home/darwin-config/macs/nix-darwin.nix"; environment.systemPackages = [ config.nix.package ]; + system.stateVersion = 5; + programs.zsh.enable = true; programs.zsh.enableCompletion = false; programs.bash.enable = true; From bf4d94321aa4ad4e2ce313fb43cf8eb675be787e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 14 Sep 2024 18:10:03 +0200 Subject: [PATCH 3/4] add README about macOS machines --- macs/README.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 macs/README.md diff --git a/macs/README.md b/macs/README.md new file mode 100644 index 00000000..b1f9eda6 --- /dev/null +++ b/macs/README.md @@ -0,0 +1,5 @@ +# Deploying to darwin + +We have mac-mini's are in [Grahams](https://github.com/grahamc) house, but they are not online. +All current active builders are at Hetzner online. +Currently, only [@cole-h](https://github.com/cole-h) can deploy to these machines. From 716df9f35a23425a1678d0531c14734285e19229 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 14 Sep 2024 18:19:00 +0200 Subject: [PATCH 4/4] update inventory to match reality about macOS --- docs/inventory.md | 26 +++++++++++++++++++++++--- macs/README.md | 7 ++++--- 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/docs/inventory.md b/docs/inventory.md index b531b7b0..2aaa6da9 100644 --- a/docs/inventory.md +++ b/docs/inventory.md @@ -148,13 +148,33 @@ owner: Eelco and Rob, owned by the NixOS Foundation monitoring: **DataDog, accessible by Eelco (and Rob?) (Amine?) on the Infor account** -## Mac Minis +## Mac Minis at Hetzner Cloud owner: the NixOS Foundation -access: Dan, Eelco, Rob, Graham +access: Cole-h & Hexa role: build machines -Running at the Utrechs Infor office on a shelf somewhere +Current machine names: + +- intense-heron.mac.nixos.org +- sweeping-filly.mac.nixos.org +- maximum-snail.mac.nixos.org +- growing-jennet.mac.nixos.org +- enormous-catfish.mac.nixos.org + +## Mac Minis at Graham's house + +owner: the NixOS Foundation +access: Cole-h +role: build machines + +- arm64: + - cosmic-stud + - tight-bug + - quality-ram + - becoming-hyena + +There are also x86_64 mac minis, but they are offline because they produce too much heat. ## Mac Stadium diff --git a/macs/README.md b/macs/README.md index b1f9eda6..c11b8b60 100644 --- a/macs/README.md +++ b/macs/README.md @@ -1,5 +1,6 @@ # Deploying to darwin -We have mac-mini's are in [Grahams](https://github.com/grahamc) house, but they are not online. -All current active builders are at Hetzner online. -Currently, only [@cole-h](https://github.com/cole-h) can deploy to these machines. +See [inventory](../docs/inventory.md). +We have mac-mini's are in [Grahams](https://github.com/grahamc) house, +that only [@cole-h](https://github.com/cole-h) can deploy. +Furthermore we have builders at Hetzner online.