Colmena - Public Room Timeline

	Colmena	326 Members
	A simple, stateless NixOS deployment tool - https://github.com/zhaofengli/colmena	112 Servers

Load older messages

Sender	Message	Time
29 Aug 2022
Zhaofeng Li	You can use everything that nixos-generate generated for you. A typical pattern is: `{ alpha = import ./hosts/alpha/configuration.nix; }`	15:52:29
30 Aug 2022
	@aruzeta:matrix.org joined the room.	14:41:55
	@aruzeta:matrix.org left the room.	14:56:00
2 Sep 2022
	problems changed their display name from ash (it/its) 🏳️‍⚧️ to problems.	14:04:40
	@yuka:yuka.dev joined the room.	14:32:33
@yuka:yuka.dev	heya	14:38:35
@yuka:yuka.dev	So... I'm looking at colmena for replacing my own 100 line deployment module.	14:44:43
@yuka:yuka.dev	It seems like the design is quite similar, with nodes (in my case they are called hosts) being passed in as specialArgs	14:45:00
@yuka:yuka.dev	What I don't like at all is that colmena itself is not tracked at a flake dependency	14:45:30
@yuka:yuka.dev	And that it has its own evaluation entry points	14:45:43
@yuka:yuka.dev	It would be way cooler if colmena was a flake, that provides a function `makeHive`	14:46:07
@yuka:yuka.dev	colmena could then use .# as entry point with the output of `makeHive` providing the necessary things. And the colmena package itself could be re-exported to my flake. So that I do `nix run .#colmena apply` and it uses the colmena version pinned in my flake.	14:50:02
@yuka:yuka.dev	As a bonus, it would remove the need for this wrapper flake to get pure evaluation	14:50:43
@yuka:yuka.dev	Another bonus: This could make it possible to be compatible with nixosConfigurations and nixos-rebuild and so on	15:14:47
tpw_rules	^	16:46:57
Linux Hackerman	Yeah, I've previously suggested this but it wasn't a direction Zhaofeng Li was particularly interested in :/	16:47:39
Linux Hackerman	I'm currently doing a hack like nixosConfigurations = lib.mapAttrs (name: config: let nodeNixpkgs = self.outputs.colmena.meta.nodeNixpkgs.${name} or self.outputs.colmena.meta.nixpkgs; nodeNixos = import (nodeNixpkgs.path + "/nixos/lib/eval-config.nix"); in nodeNixos { modules = [ self.outputs.colmena.defaults config inputs.colmena.nixosModules.deploymentOptions { _module.args.name = name; _module.args.nodes = self.outputs.nixosConfigurations; nixpkgs.overlays = [ nodeNixpkgs.lib.flakeOverlay (import ./overlay.nix) ]; } ]; inherit (nodeNixpkgs) system; } ) (builtins.removeAttrs self.outputs.colmena ["meta" "defaults"]); to be able to get at least an approximation of the configs (enough to be able to build it in hydra, for example)	16:48:55
Linux Hackerman	but I think sooner or later I'll be switching to another tool that actually wants to support this, possibly deploy-rs	16:49:18
Linux Hackerman	Of course now I can't find the old messages where we discussed this... I guess it was before I moved homeservers	16:53:28
Zhaofeng Li	I would be on-board if the Colmena flake is generating the `nixosConfigurations`-like structure with Colmena-specific metadata (this is similar to the evaluator idea that @blaggacao is proposing) rather than consuming an existing `nixosConfigurations`. We would need some versioning/schema contract to ensure compatibility between the flake output and the Colmena executable.	18:26:56
@yuka:yuka.dev	You could just tell the users that the colmena binary has to be from the exact same version as the hive expression	18:28:22
@yuka:yuka.dev	And the colmena package itself could be re-exported to my flake. So that I do nix run .#colmena apply and it uses the colmena version pinned in my flake.	18:28:59
@yuka:yuka.dev	And yes, the hive expression should output nixosConfigurations-like structure, the input would be similar to what `outputs.colmena` is currently	18:29:50
David Arnold (blaggacao)	So you mean something like: `mkFlake ...` -> `nixosConfigurations = ... __colmena = ...`	18:29:51
David Arnold (blaggacao)	* So you mean something like: ? ``` mkFlake ... ``` -> ``` nixosConfigurations = ... __colmena = ... ```	18:30:45
Zhaofeng Li	To further expand on that, consuming the existing `nixosConfigurations` is problematic, since Colmena needs to insert two things into the configuration: Modules (`deployment.` options and configs) as well as module arguments (`name` and `nodes` which allows you to refer to configurations of other nodes in the cluster). This is in part following the design decisions of NixOps and morph. Inserting them cannot be cleanly done in case of `nixosConfigurations` which contains complete, evaluated configurations rather than individual NixOS modules. We could remove this need and make the user specify the `deployment.` configs externally, outside the NixOS configuration. This is the approach that `deploy-rs` takes (the `deploy` output). The downside is two-fold: The level of configuration composition possible will be limited. As an example, I set `deployment.tags = [ "routers" ];` in my router module so enabling it will automatically make `colmena apply --on @routers` deploy to this node. Additionally, I use the added `nodes` argument extensively in my configuration to set up a WireGuard mesh and iBGP peerings between my nodes. The effect Colmena can have on the target node configuration will be limited. For instance, Colmena creates the `${name}-key.service` for each secret file defined in `deployment.keys`, which will no longer be possible. `deploy-rs` uses a `deploy` binary copied alongside the profile to implement activation and other features. The end result is a level of functionality noticeably different from "normal" Colmena that would necessitate a lot of documentation changes and still be confusing to users.	18:31:10
Linux Hackerman	My interpretation is `hive = { defaults = ...; meta = ...; nodeA = ...; }; nixosConfigurations = (colmena.evalHive self.outputs.hive).nixosConfigurations;`	18:31:48
David Arnold (blaggacao)	Even better!	18:32:22
@yuka:yuka.dev	In reply to @zhaofeng:zhaofeng.li To further expand on that, consuming the existing `nixosConfigurations` is problematic, since Colmena needs to insert two things into the configuration: Modules (`deployment.` options and configs) as well as module arguments (`name` and `nodes` which allows you to refer to configurations of other nodes in the cluster). This is in part following the design decisions of NixOps and morph. Inserting them cannot be cleanly done in case of `nixosConfigurations` which contains complete, evaluated configurations rather than individual NixOS modules. We could remove this need and make the user specify the `deployment.` configs externally, outside the NixOS configuration. This is the approach that `deploy-rs` takes (the `deploy` output). The downside is two-fold: The level of configuration composition possible will be limited. As an example, I set `deployment.tags = [ "routers" ];` in my router module so enabling it will automatically make `colmena apply --on @routers` deploy to this node. Additionally, I use the added `nodes` argument extensively in my configuration to set up a WireGuard mesh and iBGP peerings between my nodes. The effect Colmena can have on the target node configuration will be limited. For instance, Colmena creates the `${name}-key.service` for each secret file defined in `deployment.keys`, which will no longer be possible. `deploy-rs` uses a `deploy` binary copied alongside the profile to implement activation and other features. The end result is a level of functionality noticeably different from "normal" Colmena that would necessitate a lot of documentation changes and still be confusing to users. No no, inserting the modules is fine. Just what I don't like is that the version of those modules is not pinned in my flake, and thus my flake alone is not sufficient anymore for evaluating the config.	18:32:59
David Arnold (blaggacao)	I think it's vetter to avoid the indirection via the cli if possible.	18:33:48

Show newer messages

Back to Room ListRoom Version: 6