Compare commits
4 Commits
master
...
nixos-conf
Author | SHA1 | Date |
---|---|---|
Alexander Tomokhov | 45faf8e15b | |
Alexander Tomokhov | 5fc4648b46 | |
Alexander Tomokhov | cbfbee3123 | |
Alexander Tomokhov | d5a4b255df |
|
@ -0,0 +1,188 @@
|
|||
@startuml
|
||||
|
||||
/'
|
||||
' left to right direction
|
||||
'/
|
||||
/'
|
||||
' skin rose
|
||||
'/
|
||||
|
||||
cloud "overlay\n<i>commit @ git.selfprivacy.org" as overlay {
|
||||
node "selfprivacy graphql api" as selfprivacy_graphql_api
|
||||
}
|
||||
|
||||
cloud "selfprivacy-rest-api\n<i>commit @ git.selfprivacy.org" as selfprivacy_rest_api_commit {
|
||||
component "python app" as selfprivacy_api_app
|
||||
}
|
||||
control "client app" as client_app
|
||||
:user: .. client_app
|
||||
selfprivacy_api_app . client_app
|
||||
selfprivacy_graphql_api <<-- selfprivacy_rest_api_commit
|
||||
|
||||
|
||||
file "hardware-configuration.nix" as hardware_configuration
|
||||
card "grub.device" as hw_grub_device
|
||||
card "initrd.kernelModules" as hw_kernelModules
|
||||
card "fileSystems" as hw_fileSystems
|
||||
|
||||
hardware_configuration <-- hw_grub_device
|
||||
hardware_configuration <-- hw_kernelModules
|
||||
hardware_configuration <-- hw_fileSystems
|
||||
note top of hardware_configuration : how is it generated?
|
||||
|
||||
note bottom of hw_fileSystems : always the same?
|
||||
|
||||
note "hosting dependant" as note_hosting
|
||||
|
||||
hw_grub_device <<.. note_hosting
|
||||
hw_kernelModules <<.. note_hosting
|
||||
|
||||
file "api.nix\napi-module.nix" as api
|
||||
file files [
|
||||
files.nix
|
||||
---
|
||||
""systemd.tmpfiles.rules""
|
||||
""systemd.activationScripts""
|
||||
""/var/lib/nextcloud""
|
||||
""/var/lib/cloudflare""
|
||||
""/var/lib/pleroma""
|
||||
""/var/lib/bitwarden""
|
||||
""/root/.config/rclone""
|
||||
]
|
||||
file "volumes.nix" as volumes {
|
||||
card "fileSystems" as fileSystems_from_userdata
|
||||
}
|
||||
file "users.nix" as users {
|
||||
card "users.users" as users_from_userdata
|
||||
}
|
||||
file "variables.nix\nvariables-module.nix" as variables
|
||||
file "letsencrypt/acme.nix\nletsencrypt/resolve.nix" as acme
|
||||
/'
|
||||
' file "backup/restic.nix" as restic
|
||||
' file "gitea.nix" as gitea
|
||||
' file "mailserver/system/mailserver.nix" as mailserver
|
||||
' file "nextcloud.nix" as nextcloud
|
||||
' file "passmgr/bitwarden.nix" as bitwarden
|
||||
' file "limits.nix" as limits
|
||||
' file "pleroma.nix" as pleroma
|
||||
' file "jitsi.nix" as jitsi
|
||||
' file "vpn/ocserv.nix" as ocserv
|
||||
' file "webserver/nginx.nix" as nginx
|
||||
' file "webserver/memcached.nix" as memcached
|
||||
'/
|
||||
collections "<<some service X.nix>>" as some_service
|
||||
cloud " <b>nixpkgs\n<i>commit @ github.com (?)" as nixpkgs
|
||||
|
||||
|
||||
folder """/etc/nixos/userdata/""" as userdata_folder {
|
||||
/'
|
||||
' file "schema.json\n<i>(who uses?)" as schema
|
||||
' file "tokens_schema.json\n<i>(who uses?)" as tokens_schema
|
||||
'/
|
||||
file "tokens.json" as tokens
|
||||
file "<b>userdata.json" as userdata
|
||||
}
|
||||
selfprivacy_api_app <|.... tokens
|
||||
selfprivacy_api_app ....|> userdata_folder : writes
|
||||
|
||||
file "<b><u>configuration.nix" as configuration
|
||||
nixpkgs -->> configuration
|
||||
configuration <<-l- hardware_configuration
|
||||
/'
|
||||
' configuration <<-- overlay
|
||||
'/
|
||||
overlay -->> configuration
|
||||
configuration <<-- variables : ...\nstateVersion\n...
|
||||
|
||||
configuration <<-- files
|
||||
userdata -[dotted]->> files
|
||||
files <|-- userdata : <b>secrets\nby ""jq"" and ""sed"" in\n""activationScripts""\n!!!
|
||||
variables <<-- userdata : values extraction\nfrom JSON
|
||||
|
||||
configuration <<-- volumes
|
||||
userdata -[dotted]->> fileSystems_from_userdata : volumes
|
||||
|
||||
configuration <<-- users
|
||||
userdata -[dotted]->> users_from_userdata : users
|
||||
|
||||
configuration <<-- api
|
||||
api <<-[dotted]- userdata : Swagger,\nb2Bucket
|
||||
api <-[dotted]- selfprivacy_graphql_api
|
||||
|
||||
configuration <<-- acme
|
||||
userdata -[dotted]->> acme : username,\ndomain
|
||||
|
||||
configuration <<-- some_service
|
||||
userdata -[dotted]->> some_service : enable,\nsettings
|
||||
|
||||
/'
|
||||
' configuration <<-- mailserver
|
||||
' userdata -[dotted]->> mailserver
|
||||
'
|
||||
' configuration <<-- ocserv
|
||||
' userdata -[dotted]->> ocserv
|
||||
|
||||
' configuration <<-- pleroma
|
||||
' userdata -[dotted]->> pleroma
|
||||
'
|
||||
' configuration <<-- restic
|
||||
' userdata -[dotted]-->> restic
|
||||
'
|
||||
' configuration <<-- bitwarden
|
||||
' userdata -[dotted]-->> bitwarden
|
||||
'
|
||||
' configuration <<-- nginx
|
||||
' userdata -[dotted]->> nginx : domain
|
||||
'
|
||||
' configuration <<-- memcached
|
||||
'
|
||||
' configuration <<-- nextcloud
|
||||
' userdata -[dotted]-->> nextcloud : enable,\ndomain
|
||||
'
|
||||
' configuration <<-- jitsi
|
||||
' userdata -[dotted]-->> jitsi : enable,\ndomain
|
||||
'
|
||||
' configuration <<-- gitea
|
||||
' userdata -[dotted]-->> gitea : enable,\ndomain
|
||||
'/
|
||||
|
||||
/'
|
||||
' memcached --->> configuration
|
||||
'/
|
||||
|
||||
/'
|
||||
' folder api as api_folder
|
||||
' folder backup as backup_folder
|
||||
' folder git as git_folder
|
||||
' folder letsencrypt as letsencrypt_folder
|
||||
' folder "mailserver/system" as mailserver_folder
|
||||
' folder nextcloud as nextcloud_folder
|
||||
' folder passmgr as passmgr_folder
|
||||
' folder resources as resources_folder
|
||||
' folder social as social_folder
|
||||
' folder videomeet as videomeet_folder
|
||||
' folder vpn as vpn_folder
|
||||
' folder webserver as webserver_folder
|
||||
'/
|
||||
|
||||
/'
|
||||
' api_folder -- api_module
|
||||
' api_folder -- api
|
||||
' backup_folder -- restic
|
||||
' git_folder -- gitea
|
||||
' letsencrypt_folder -- acme
|
||||
' letsencrypt_folder -- resolve
|
||||
' mailserver_folder -- mailserver
|
||||
' nextcloud_folder -- nextcloud
|
||||
' passmgr_folder -- bitwarden
|
||||
' resources_folder -- limits
|
||||
' social_folder -- pleroma
|
||||
' videomeet_folder -- jitsi
|
||||
' vpn_folder -- ocserv
|
||||
' webserver_folder -- memcached
|
||||
' webserver_folder -- nginx
|
||||
'/
|
||||
|
||||
|
||||
|
||||
@enduml
|
|
@ -0,0 +1,204 @@
|
|||
@startuml
|
||||
|
||||
/'
|
||||
' left to right direction
|
||||
'/
|
||||
/'
|
||||
' skin rose
|
||||
'/
|
||||
|
||||
<style>
|
||||
cloud {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
folder {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
</style>
|
||||
|
||||
cloud "overlay\n<i>commit @ git.selfprivacy.org" as overlay {
|
||||
node "selfprivacy-graphql-api" as selfprivacy_graphql_api
|
||||
}
|
||||
|
||||
cloud "selfprivacy-rest-api\n<i>commit @ git.selfprivacy.org" as selfprivacy_rest_api_commit {
|
||||
component "python app" as selfprivacy_api_app
|
||||
}
|
||||
control "client app" as client_app
|
||||
:user: .. client_app
|
||||
selfprivacy_api_app . client_app
|
||||
selfprivacy_graphql_api <<-- selfprivacy_rest_api_commit
|
||||
|
||||
|
||||
file "hardware-configuration.nix" as hardware_configuration #lightcyan
|
||||
card "grub.device" as hw_grub_device
|
||||
card "initrd.kernelModules" as hw_kernelModules
|
||||
card "fileSystems" as hw_fileSystems
|
||||
|
||||
hardware_configuration <-- hw_grub_device
|
||||
hardware_configuration <-- hw_kernelModules
|
||||
hardware_configuration <-- hw_fileSystems
|
||||
note top of hardware_configuration : generated by\nnixos-infect
|
||||
|
||||
note bottom of hw_fileSystems : always the same?
|
||||
|
||||
note "hosting dependant" as note_hosting
|
||||
|
||||
hw_grub_device <<.. note_hosting
|
||||
hw_kernelModules <<.. note_hosting
|
||||
|
||||
file "api.nix\napi-module.nix" as api
|
||||
file files [
|
||||
files.nix
|
||||
---
|
||||
""systemd.tmpfiles.rules""
|
||||
""systemd.activationScripts""
|
||||
""/var/lib/nextcloud""
|
||||
""/var/lib/cloudflare""
|
||||
""/var/lib/pleroma""
|
||||
""/var/lib/bitwarden""
|
||||
""/root/.config/rclone""
|
||||
]
|
||||
file "volumes.nix" as volumes {
|
||||
card "fileSystems" as fileSystems_from_userdata
|
||||
}
|
||||
file "users.nix" as users {
|
||||
card "users.users" as users_from_userdata
|
||||
}
|
||||
file "variables.nix\nvariables-module.nix" as variables
|
||||
file "letsencrypt/acme.nix\nletsencrypt/resolve.nix" as acme
|
||||
/'
|
||||
' file "backup/restic.nix" as restic
|
||||
' file "gitea.nix" as gitea
|
||||
' file "mailserver/system/mailserver.nix" as mailserver
|
||||
' file "nextcloud.nix" as nextcloud
|
||||
' file "passmgr/bitwarden.nix" as bitwarden
|
||||
' file "limits.nix" as limits
|
||||
' file "pleroma.nix" as pleroma
|
||||
' file "jitsi.nix" as jitsi
|
||||
' file "vpn/ocserv.nix" as ocserv
|
||||
' file "webserver/nginx.nix" as nginx
|
||||
' file "webserver/memcached.nix" as memcached
|
||||
'/
|
||||
collections "<<some service X.nix>>" as some_service
|
||||
cloud " <b>nixpkgs\n<i>commit @ github.com (?)" as nixpkgs
|
||||
|
||||
|
||||
folder """/etc/nixos/userdata/""" as userdata_folder {
|
||||
/'
|
||||
' file "schema.json\n<i>(who uses?)" as schema
|
||||
' file "tokens_schema.json\n<i>(who uses?)" as tokens_schema
|
||||
'/
|
||||
file "tokens.json" as tokens
|
||||
file "<b>userdata.json" as userdata
|
||||
}
|
||||
/'
|
||||
' note left of userdata : first generated by\nnixos-infect
|
||||
'/
|
||||
selfprivacy_api_app <|.... tokens
|
||||
selfprivacy_api_app ....|> userdata_folder : writes
|
||||
|
||||
file "<b><u>configuration.nix" as configuration
|
||||
nixpkgs -->> configuration
|
||||
configuration <<-l- hardware_configuration
|
||||
/'
|
||||
' configuration <<-- overlay
|
||||
'/
|
||||
overlay -->> configuration
|
||||
configuration <<-- variables : ...\nstateVersion\n...
|
||||
|
||||
configuration <<-- files
|
||||
userdata -[dotted]->> files
|
||||
files <|-- userdata : <b>secrets\nby ""jq"" and ""sed"" in\n""activationScripts""\n!!!
|
||||
variables <<-- userdata : values extraction\nfrom JSON
|
||||
|
||||
configuration <<-- volumes
|
||||
userdata -[dotted]->> fileSystems_from_userdata : volumes
|
||||
|
||||
configuration <<-- users
|
||||
userdata -[dotted]->> users_from_userdata : users
|
||||
|
||||
configuration <<-- api
|
||||
api <<-[dotted]- userdata : Swagger,\nb2Bucket
|
||||
api <-[dotted]- selfprivacy_graphql_api
|
||||
|
||||
configuration <<-- acme
|
||||
userdata -[dotted]->> acme : username,\ndomain
|
||||
|
||||
configuration <<-- some_service
|
||||
userdata -[dotted]->> some_service : enable,\nsettings
|
||||
|
||||
/'
|
||||
' configuration <<-- mailserver
|
||||
' userdata -[dotted]->> mailserver
|
||||
'
|
||||
' configuration <<-- ocserv
|
||||
' userdata -[dotted]->> ocserv
|
||||
|
||||
' configuration <<-- pleroma
|
||||
' userdata -[dotted]->> pleroma
|
||||
'
|
||||
' configuration <<-- restic
|
||||
' userdata -[dotted]-->> restic
|
||||
'
|
||||
' configuration <<-- bitwarden
|
||||
' userdata -[dotted]-->> bitwarden
|
||||
'
|
||||
' configuration <<-- nginx
|
||||
' userdata -[dotted]->> nginx : domain
|
||||
'
|
||||
' configuration <<-- memcached
|
||||
'
|
||||
' configuration <<-- nextcloud
|
||||
' userdata -[dotted]-->> nextcloud : enable,\ndomain
|
||||
'
|
||||
' configuration <<-- jitsi
|
||||
' userdata -[dotted]-->> jitsi : enable,\ndomain
|
||||
'
|
||||
' configuration <<-- gitea
|
||||
' userdata -[dotted]-->> gitea : enable,\ndomain
|
||||
'/
|
||||
|
||||
/'
|
||||
' memcached --->> configuration
|
||||
'/
|
||||
|
||||
/'
|
||||
' folder api as api_folder
|
||||
' folder backup as backup_folder
|
||||
' folder git as git_folder
|
||||
' folder letsencrypt as letsencrypt_folder
|
||||
' folder "mailserver/system" as mailserver_folder
|
||||
' folder nextcloud as nextcloud_folder
|
||||
' folder passmgr as passmgr_folder
|
||||
' folder resources as resources_folder
|
||||
' folder social as social_folder
|
||||
' folder videomeet as videomeet_folder
|
||||
' folder vpn as vpn_folder
|
||||
' folder webserver as webserver_folder
|
||||
'/
|
||||
|
||||
/'
|
||||
' api_folder -- api_module
|
||||
' api_folder -- api
|
||||
' backup_folder -- restic
|
||||
' git_folder -- gitea
|
||||
' letsencrypt_folder -- acme
|
||||
' letsencrypt_folder -- resolve
|
||||
' mailserver_folder -- mailserver
|
||||
' nextcloud_folder -- nextcloud
|
||||
' passmgr_folder -- bitwarden
|
||||
' resources_folder -- limits
|
||||
' social_folder -- pleroma
|
||||
' videomeet_folder -- jitsi
|
||||
' vpn_folder -- ocserv
|
||||
' webserver_folder -- memcached
|
||||
' webserver_folder -- nginx
|
||||
'/
|
||||
|
||||
|
||||
|
||||
@enduml
|
|
@ -0,0 +1,95 @@
|
|||
@startuml
|
||||
|
||||
left to right direction
|
||||
|
||||
<style>
|
||||
cloud {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
folder {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
</style>
|
||||
|
||||
|
||||
node "NixOS machine" as machine {
|
||||
file "hardware-configuration.nix" as hardware_configuration #lightcyan
|
||||
folder """userdata/""" as userdata_folder {
|
||||
/'
|
||||
' file "schema.json\n<i>(who uses?)" as schema
|
||||
' file "tokens_schema.json\n<i>(who uses?)" as tokens_schema
|
||||
'/
|
||||
file "tokens.json" as tokens
|
||||
file "<b>userdata.json" as userdata
|
||||
}
|
||||
collections "/nix/store/*" as nix_store
|
||||
/'
|
||||
' file local_flake [
|
||||
' <b>flake.nix
|
||||
' ===
|
||||
' inputs = {
|
||||
' selfprivacy-nixos-config.url = ...;
|
||||
' };
|
||||
' outputs = {
|
||||
' nixosConfigurations =
|
||||
' selfprivacy-nixos-config.outputs.nixosConfigurations-fun userdata;
|
||||
' };
|
||||
' ]
|
||||
'/
|
||||
}
|
||||
|
||||
folder "configuration repo" as config_repo {
|
||||
/'
|
||||
' file "flake.nix" as flake_nix {
|
||||
' card "input: nixpkgs.url"
|
||||
' card "input: selfprivacy-overlay.url"
|
||||
' }
|
||||
'/
|
||||
file flake_nix [
|
||||
<b>flake.nix
|
||||
===
|
||||
inputs = {
|
||||
nixpkgs.url = ...;
|
||||
selfprivacy-overlay.url = ...;
|
||||
};
|
||||
]
|
||||
file flake_lock [
|
||||
<b>flake.lock
|
||||
]
|
||||
flake_lock - flake_nix
|
||||
note top of flake_lock : pinning with hashes
|
||||
|
||||
file "<b><u>configuration.nix" as configuration
|
||||
|
||||
collections "pure imports" as pure_imports
|
||||
}
|
||||
|
||||
cloud "overlay\n<i>commit @ git.selfprivacy.org" as overlay {
|
||||
node "selfprivacy-graphql-api" as selfprivacy_graphql_api
|
||||
}
|
||||
|
||||
cloud "selfprivacy-rest-api\n<i>commit @ git.selfprivacy.org" as selfprivacy_rest_api_commit {
|
||||
component "python app" as selfprivacy_api_app
|
||||
}
|
||||
|
||||
cloud " <b>nixpkgs\n<i>commit @ github.com (?)" as nixpkgs
|
||||
nixpkgs --> flake_lock
|
||||
overlay --> flake_lock
|
||||
|
||||
configuration <-- userdata : <b>impure!
|
||||
configuration <-- hardware_configuration : <b>impure!
|
||||
|
||||
|
||||
selfprivacy_rest_api_commit -->> selfprivacy_graphql_api
|
||||
flake_nix --> configuration
|
||||
flake_lock --> configuration
|
||||
|
||||
configuration -[bold]-|> nix_store : nixos-rebuild
|
||||
configuration <-l- pure_imports
|
||||
|
||||
|
||||
@enduml
|
|
@ -0,0 +1,102 @@
|
|||
@startuml
|
||||
|
||||
left to right direction
|
||||
|
||||
<style>
|
||||
cloud {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
folder {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
control {
|
||||
BackGroundColor lightpink
|
||||
}
|
||||
</style>
|
||||
|
||||
|
||||
folder "configuration repo" as config_repo {
|
||||
/'
|
||||
' file "flake.nix" as flake_nix {
|
||||
' card "input: nixpkgs.url"
|
||||
' card "input: selfprivacy-overlay.url"
|
||||
' }
|
||||
'/
|
||||
file flake_nix [
|
||||
<b>flake.nix
|
||||
===
|
||||
inputs = {
|
||||
nixpkgs.url = ...;
|
||||
selfprivacy-overlay.url = ...;
|
||||
userdata-json.flake = false;
|
||||
hardware-configuration-nix.flake = false;
|
||||
};
|
||||
outputs = { ... }: {
|
||||
nixosConfigurations = ... {
|
||||
specialArgs = { ... userdata; };
|
||||
modules = [
|
||||
{ nixpkgs.overlays = [ selfprivacy-overlay ]; }
|
||||
hardware-configuration
|
||||
./configuration.nix
|
||||
];
|
||||
};
|
||||
};
|
||||
]
|
||||
file flake_lock [
|
||||
<b>flake.lock
|
||||
]
|
||||
flake_lock - flake_nix
|
||||
note top of flake_lock : pinning with hashes
|
||||
|
||||
file "<b><u>configuration.nix" as configuration
|
||||
|
||||
collections "nix modules" as pure_imports
|
||||
}
|
||||
|
||||
node "NixOS machine" as machine {
|
||||
file "hardware-configuration.nix" as hardware_configuration #lightcyan
|
||||
folder """userdata/""" as userdata_folder {
|
||||
/'
|
||||
' file "schema.json\n<i>(who uses?)" as schema
|
||||
' file "tokens_schema.json\n<i>(who uses?)" as tokens_schema
|
||||
'/
|
||||
file "tokens.json" as tokens
|
||||
file "<b>userdata.json" as userdata
|
||||
tokens -l[hidden]- userdata
|
||||
}
|
||||
collections "/nix/store/*" as nix_store
|
||||
control "<font:monospaced><size:15>nixos-rebuild" as nixos_rebuild
|
||||
}
|
||||
|
||||
cloud "overlay\n<i>commit @ git.selfprivacy.org" as overlay {
|
||||
node "selfprivacy-graphql-api" as selfprivacy_graphql_api
|
||||
}
|
||||
|
||||
cloud "selfprivacy-rest-api\n<i>commit @ git.selfprivacy.org" as selfprivacy_rest_api_commit {
|
||||
component "python app" as selfprivacy_api_app
|
||||
}
|
||||
|
||||
cloud " <b>nixpkgs\n<i>commit @ github.com (?)" as nixpkgs
|
||||
nixpkgs --> flake_lock
|
||||
overlay --> flake_lock
|
||||
|
||||
|
||||
nixos_rebuild <- userdata : <font:monospaced>--override-input
|
||||
nixos_rebuild <-l- hardware_configuration : <font:monospaced>--override-input
|
||||
|
||||
selfprivacy_rest_api_commit ->> selfprivacy_graphql_api
|
||||
flake_nix --> configuration
|
||||
flake_lock --> configuration
|
||||
|
||||
configuration -d-> nixos_rebuild
|
||||
nixos_rebuild -[bold]-|> nix_store
|
||||
configuration <-l- pure_imports
|
||||
|
||||
|
||||
footer %date("yyyy-MM-dd'T'HH:mmZ")
|
||||
|
||||
@enduml
|
|
@ -0,0 +1,107 @@
|
|||
@startuml
|
||||
|
||||
left to right direction
|
||||
|
||||
<style>
|
||||
cloud {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
folder {
|
||||
LineThickness 3
|
||||
LineColor lightblue
|
||||
BackGroundColor lightcyan
|
||||
}
|
||||
</style>
|
||||
|
||||
|
||||
node "NixOS machine" as machine {
|
||||
file "hardware-configuration.nix" as hardware_configuration #lightcyan
|
||||
folder """userdata/""" as userdata_folder {
|
||||
/'
|
||||
' file "schema.json\n<i>(who uses?)" as schema
|
||||
' file "tokens_schema.json\n<i>(who uses?)" as tokens_schema
|
||||
'/
|
||||
file "tokens.json" as tokens
|
||||
file "<b>userdata.json" as userdata
|
||||
tokens -l[hidden]- userdata
|
||||
}
|
||||
collections "/nix/store/*" as nix_store
|
||||
file local_flake_nix [
|
||||
<b>flake.nix
|
||||
===
|
||||
inputs = {
|
||||
selfprivacy-nixos-config.url = ...;
|
||||
};
|
||||
outputs = {
|
||||
nixosConfigurations =
|
||||
selfprivacy-nixos-config.outputs.nixosConfigurations-fun
|
||||
hardware-configuration userdata;
|
||||
};
|
||||
]
|
||||
/'
|
||||
' file local_flake_lock as "flake.lock"
|
||||
' local_flake_nix -l- local_flake_lock
|
||||
'/
|
||||
}
|
||||
|
||||
folder "configuration repo" as config_repo {
|
||||
/'
|
||||
' file "flake.nix" as flake_nix {
|
||||
' card "input: nixpkgs.url"
|
||||
' card "input: selfprivacy-overlay.url"
|
||||
' }
|
||||
'/
|
||||
file flake_nix [
|
||||
<b>flake.nix
|
||||
===
|
||||
inputs = {
|
||||
nixpkgs.url = ...;
|
||||
selfprivacy-overlay.url = ...;
|
||||
};
|
||||
outputs = {
|
||||
nixosConfigurations-fun =
|
||||
hardware-configuration: userdata:
|
||||
...;
|
||||
};
|
||||
]
|
||||
file flake_lock [
|
||||
<b>flake.lock
|
||||
]
|
||||
flake_lock - flake_nix
|
||||
note top of flake_lock : pinning with hashes
|
||||
|
||||
file "<b><u>configuration.nix" as configuration
|
||||
|
||||
collections "pure imports" as pure_imports
|
||||
}
|
||||
|
||||
cloud "overlay\n<i>commit @ git.selfprivacy.org" as overlay {
|
||||
node "selfprivacy-graphql-api" as selfprivacy_graphql_api
|
||||
}
|
||||
|
||||
cloud "selfprivacy-rest-api\n<i>commit @ git.selfprivacy.org" as selfprivacy_rest_api_commit {
|
||||
component "python app" as selfprivacy_api_app
|
||||
}
|
||||
|
||||
cloud " <b>nixpkgs\n<i>commit @ github.com (?)" as nixpkgs
|
||||
nixpkgs --> flake_lock
|
||||
overlay --> flake_lock
|
||||
|
||||
local_flake_nix <-r- userdata
|
||||
local_flake_nix <-l- hardware_configuration
|
||||
|
||||
|
||||
selfprivacy_rest_api_commit -->> selfprivacy_graphql_api
|
||||
flake_nix --> configuration
|
||||
flake_lock --> configuration
|
||||
configuration --> local_flake_nix
|
||||
|
||||
local_flake_nix -[bold]-|> nix_store : nixos-rebuild
|
||||
configuration <-l- pure_imports
|
||||
|
||||
|
||||
footer %date("yyyy-MM-dd'T'HH:mmZ")
|
||||
|
||||
@enduml
|
Loading…
Reference in New Issue