technofab/coder-templates
1
0
Fork 0
mirror of https://gitlab.com/TECHNOFAB/coder-templates.git synced 2025-12-12 10:10:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: technofab:c16bc972648d07337428d93cb56daaae9eb01dde
Branches Tags
technofab:main
technofab:feat/rensa
technofab:old
technofab:jsonnet-bak
..
compare: technofab:cfcc9a221c4f37d865ddffeaf5aa9c4a7d22bfca
Branches Tags
technofab:feat/rensa
technofab:main
technofab:old
technofab:jsonnet-bak

No commits in common. "c16bc972648d07337428d93cb56daaae9eb01dde" and "cfcc9a221c4f37d865ddffeaf5aa9c4a7d22bfca" have entirely different histories.
c16bc97264 ... cfcc9a221c

23 changed files with 1298 additions and 749 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.envrc
View file

@ -1,2 +1,8 @@
source $(fetchurl https://gitlab.com/rensa-nix/direnv/-/raw/v0.3.0/direnvrc "sha256-u7+KEz684NnIZ+Vh5x5qLrt8rKdnUNexewBoeTcEVHQ=")
use ren //repo/devShells/default
if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs="
fi
if ! use flake . --impure
then
echo "devenv could not be build. The devenv environment was not loaded. Make the necessary changes to devenv.nix and hit enter to try again." >&2
fi

6
.gitignore vendored
View file

@ -1 +1,7 @@
.idea/
.devenv/
.direnv/
*.tf*
result
.pre-commit-config.yaml
.terraform*

5
.gitlab-ci.yml
View file

@ -1,5 +1,4 @@
# Generated by soonix, DO NOT EDIT
include:
- component: gitlab.com/TECHNOFAB/nix-gitlab-ci/nix-gitlab-ci@3.0.1
- component: gitlab.com/TECHNOFAB/nix-gitlab-ci/nix-gitlab-ci@2.1.0
inputs:
version: 3.0.1
version: 2.1.0

11
README.md
View file

@ -1,11 +1,16 @@
# Coder Templates
Templates for [Coder](https://coder.com), built with [Tofunix](https://tofunix.projects.tf).
Templates for [Coder](https://coder.com), built with Nix (Terranix).
Check [this Coder tutorial](https://coder.com/docs/tutorials/template-from-scratch#add-the-template-files-to-coder) for how to install the templates ("Dashboard" method recommended).
> [!NOTE]
> !1 changed how the docker image is built.
> If `nix store gc` results in `/nix/var/nix/profiles/default` being deleted
> you might have to clear the /nix persistent volume to fix it. See the
> merge request's comments for more information.
## Templates
- Nix Kubernetes ([Download tar](https://gitlab.com/TECHNOFAB/coder-templates/-/jobs/artifacts/main/raw/templates/nix-kubernetes.tar?job=build:%20%5Bnix-kubernetes%5D))
- Nix Kubernetes
> provisions a Coder workspace on Kubernetes, running a Nix-built image,
> which also contains Nix and supports Dotfiles management using home-manager.
> Nix-ception ;P

1
docs/images/logo.svg
View file

@ -1 +0,0 @@
<svg xmlns="http://www.w3.org/2000/svg" width="200" height="200" fill="none"><g filter="url(#a)"><path stroke="url(#b)" stroke-width="5" d="m183.671 75.055-20.4 85.161-83.953 24.913-63.55-60.247L36.167 39.72l83.953-24.913 63.551 60.248Z"/></g><path fill="url(#c)" stroke="url(#d)" stroke-width="5" d="m183.671 75.055-20.4 85.161-83.953 24.913-63.55-60.247L36.167 39.72l83.953-24.913 63.551 60.248Z"/><g filter="url(#e)"><path fill="#FAFAFA" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="url(#f)" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="#FAFAFA" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><path fill="url(#g)" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/></g><path fill="#FAFAFA" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="url(#h)" d="M114.372 125V75.98H156V125h-41.628Z"/><path fill="#FAFAFA" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><path fill="url(#i)" d="M104.46 95.588H88.602c0-5.882-4.956-10.784-8.92-10.784H68.778c-4.956 0-9.912 6.863-9.912 10.784v7.843c0 6.275 5.947 11.765 9.912 11.765H79.68c6.344 0 8.92-5.882 8.92-11.765h15.859c0 14.706-8.92 21.569-17.84 21.569H68.779C55.894 125 44 119.118 44 106.373V94.608C44 82.843 56.885 75 68.779 75h13.876c16.85 0 21.805 12.745 21.805 20.588Z"/><defs><linearGradient id="b" x1="13" x2="184.235" y1="99.969" y2="71.997" gradientUnits="userSpaceOnUse"><stop offset=".074" stop-color="#2F0"/><stop offset="1" stop-color="#0089FF"/></linearGradient><linearGradient id="c" x1="22.767" x2="186.365" y1="156.461" y2="64.715" gradientUnits="userSpaceOnUse"><stop stop-color="#1B1B1B"/><stop offset="1" stop-color="#1B1B1B"/></linearGradient><linearGradient id="d" x1="13" x2="184.235" y1="99.969" y2="71.997" gradientUnits="userSpaceOnUse"><stop offset=".074" stop-color="#2F0"/><stop offset="1" stop-color="#0089FF"/></linearGradient><linearGradient id="f" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="g" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="h" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><linearGradient id="i" x1="63.552" x2="147.682" y1="108.636" y2="67.642" gradientUnits="userSpaceOnUse"><stop stop-color="#1EE400"/><stop offset="1" stop-color="#008CFF"/></linearGradient><filter id="a" width="193.439" height="195.937" x="3" y="2" color-interpolation-filters="sRGB" filterUnits="userSpaceOnUse"><feFlood flood-opacity="0" result="BackgroundImageFix"/><feBlend in="SourceGraphic" in2="BackgroundImageFix" result="shape"/><feGaussianBlur result="effect1_foregroundBlur_1771_13699" stdDeviation="5"/></filter><filter id="e" width="116" height="54" x="42" y="73" color-interpolation-filters="sRGB" filterUnits="userSpaceOnUse"><feFlood flood-opacity="0" result="BackgroundImageFix"/><feBlend in="SourceGraphic" in2="BackgroundImageFix" result="shape"/><feGaussianBlur result="effect1_foregroundBlur_1771_13699" stdDeviation="1"/></filter></defs></svg>
Side by side

Before

Width:  |  Height:  |  Size: 4 KiB

11
docs/index.md
View file

@ -1,11 +0,0 @@
# Coder Templates
Templates for [Coder](https://coder.com), built with [Tofunix](https://tofunix.projects.tf).
Check [this Coder tutorial](https://coder.com/docs/tutorials/template-from-scratch#add-the-template-files-to-coder) for how to install the templates ("Dashboard" method recommended).
## Templates
- [Nix Kubernetes](./parameters/nix-kubernetes.md) ([Download tar](https://gitlab.com/TECHNOFAB/coder-templates/-/jobs/artifacts/main/raw/templates/nix-kubernetes.tar?job=build:%20%5Bnix-kubernetes%5D))
> provisions a Coder workspace on Kubernetes, running a Nix-built image,
> which also contains Nix and supports Dotfiles management using home-manager.

15
docs/style.css
View file

@ -1,15 +0,0 @@
.md-header__button.md-logo {
margin: 0;
padding-top: .2rem;
padding-bottom: .2rem;
}
[dir="ltr"] .md-header__title {
margin-left: 0;
}
.md-header__button.md-logo img,
.md-header__button.md-logo svg {
height: 2rem;
}

880
flake.lock generated
View file

@ -1,60 +1,878 @@
{
"nodes": {
"nixpkgs": {
"bats-assert": {
"flake": false,
"locked": {
"lastModified": 1762596750,
"narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e",
"lastModified": 1636059754,
"narHash": "sha256-ewME0l27ZqfmAwJO4h5biTALc9bDLv7Bl3ftBzBuZwk=",
"owner": "bats-core",
"repo": "bats-assert",
"rev": "34551b1d7f8c7b677c1a66fc0ac140d6223409e5",
"type": "github"
},
"original": {
"owner": "bats-core",
"repo": "bats-assert",
"type": "github"
}
},
"bats-support": {
"flake": false,
"locked": {
"lastModified": 1548869839,
"narHash": "sha256-Gr4ntadr42F2Ks8Pte2D4wNDbijhujuoJi4OPZnTAZU=",
"owner": "bats-core",
"repo": "bats-support",
"rev": "d140a65044b2d6810381935ae7f0c94c7023c8c3",
"type": "github"
},
"original": {
"owner": "bats-core",
"repo": "bats-support",
"type": "github"
}
},
"cachix": {
"inputs": {
"devenv": "devenv_2",
"flake-compat": [
"devenv",
"flake-compat"
],
"git-hooks": [
"devenv",
"pre-commit-hooks"
],
"nixpkgs": [
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1724232775,
"narHash": "sha256-6u2DycIEgrgNYlLxyGqdFVmBNiKIitnQKJ1pbRP5oko=",
"owner": "cachix",
"repo": "cachix",
"rev": "03b6cb3f953097bff378fb8b9ea094bd091a4ec7",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "cachix",
"type": "github"
}
},
"cachix_2": {
"inputs": {
"devenv": "devenv_3",
"flake-compat": [
"devenv",
"cachix",
"devenv",
"flake-compat"
],
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"pre-commit-hooks": [
"devenv",
"cachix",
"devenv",
"pre-commit-hooks"
]
},
"locked": {
"lastModified": 1712055811,
"narHash": "sha256-7FcfMm5A/f02yyzuavJe06zLa9hcMHsagE28ADcmQvk=",
"owner": "cachix",
"repo": "cachix",
"rev": "02e38da89851ec7fec3356a5c04bc8349cae0e30",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "cachix",
"type": "github"
}
},
"devenv": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat_2",
"nix": "nix_3",
"nixpkgs": "nixpkgs_3",
"pre-commit-hooks": "pre-commit-hooks_2"
},
"locked": {
"lastModified": 1726417371,
"narHash": "sha256-tBq8w81ZV48tyFhLz5WQjqfoEShIXkOb6Rlzidcz8yQ=",
"owner": "cachix",
"repo": "devenv",
"rev": "1f55f89ca32d617b7a7c18422e3c364cb003df3d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"devenv_2": {
"inputs": {
"cachix": "cachix_2",
"flake-compat": [
"devenv",
"cachix",
"flake-compat"
],
"nix": "nix_2",
"nixpkgs": [
"devenv",
"cachix",
"nixpkgs"
],
"pre-commit-hooks": [
"devenv",
"cachix",
"git-hooks"
]
},
"locked": {
"lastModified": 1723156315,
"narHash": "sha256-0JrfahRMJ37Rf1i0iOOn+8Z4CLvbcGNwa2ChOAVrp/8=",
"owner": "cachix",
"repo": "devenv",
"rev": "ff5eb4f2accbcda963af67f1a1159e3f6c7f5f91",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"devenv_3": {
"inputs": {
"flake-compat": [
"devenv",
"cachix",
"devenv",
"cachix",
"flake-compat"
],
"nix": "nix",
"nixpkgs": "nixpkgs",
"poetry2nix": "poetry2nix",
"pre-commit-hooks": [
"devenv",
"cachix",
"devenv",
"cachix",
"pre-commit-hooks"
]
},
"locked": {
"lastModified": 1708704632,
"narHash": "sha256-w+dOIW60FKMaHI1q5714CSibk99JfYxm0CzTinYWr+Q=",
"owner": "cachix",
"repo": "devenv",
"rev": "2ee4450b0f4b95a1b90f2eb5ffea98b90e48c196",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "python-rewrite",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1634851050,
"narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c91f3de5adaf1de973b797ef7485e441a65b8935",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"devenv",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1697646580,
"narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
"type": "github"
},
"original": {
"owner": "libgit2",
"repo": "libgit2",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1712911606,
"narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=",
"owner": "domenkozar",
"repo": "nix",
"rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.21",
"repo": "nix",
"type": "github"
}
},
"nix-devtools": {
"locked": {
"dir": "lib",
"lastModified": 1722613543,
"narHash": "sha256-P3UoMSECGwbMAWIwViPlbw2s8lIqsj3uFzO/G/5EfnI=",
"owner": "TECHNOFAB",
"repo": "nix-devtools",
"rev": "a004f97ca84673c4438a8853ba3b5b3186903752",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "nix-devtools",
"type": "gitlab"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688870561,
"narHash": "sha256-4UYkifnPEw1nAzqqPOTL2MvWtm3sNGw1UTYTalkTcGY=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "165b1650b753316aa7f1787f3005a8d2da0f5301",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-gitlab-ci": {
"locked": {
"dir": "lib",
"lastModified": 1749124633,
"narHash": "sha256-vgYHrbAFRfgNYysW74Eam/S7KruYWMLCHG4U32xgHKY=",
"owner": "TECHNOFAB",
"repo": "nix-gitlab-ci",
"rev": "f121b10dc9a7417906a886154e3065410a72462d",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"ref": "2.1.0",
"repo": "nix-gitlab-ci",
"type": "gitlab"
}
},
"nix_2": {
"inputs": {
"flake-compat": [
"devenv",
"cachix",
"devenv",
"flake-compat"
],
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression_2"
},
"locked": {
"lastModified": 1712911606,
"narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=",
"owner": "domenkozar",
"repo": "nix",
"rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.21",
"repo": "nix",
"type": "github"
}
},
"nix_3": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"flake-parts": "flake-parts",
"libgit2": "libgit2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression_3",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1725980365,
"narHash": "sha256-uDwWyizzlQ0HFzrhP6rVp2+2NNA+/TM5zT32dR8GUlg=",
"owner": "domenkozar",
"repo": "nix",
"rev": "1e61e9f40673f84c3b02573145492d8af581bec5",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.24",
"repo": "nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1692808169,
"narHash": "sha256-x9Opq06rIiwdwGeK2Ykj69dNc2IvUH1fY55Wm7atwrE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9201b5ff357e781bf014d0330d18555695df7ba8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1711703276,
"narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"nixpkgs-regression": {
"locked": {
"lastModified": 1754184128,
"narHash": "sha256-AjhoyBL4eSyXf01Bmc6DiuaMrJRNdWopmdnMY0Pa/M0=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "02e72200e6d56494f4a7c0da8118760736e41b60",
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"ren": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"nixpkgs-regression_2": {
"locked": {
"dir": "lib",
"lastModified": 1758738378,
"narHash": "sha256-NjzqdvQCDDdObEBH8x/vdhbdhrIB+N9E570uCdksGHY=",
"owner": "rensa-nix",
"repo": "core",
"rev": "abe19f9f13aff41de2b63304545c87d193d19ef4",
"type": "gitlab"
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "rensa-nix",
"repo": "core",
"type": "gitlab"
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-regression_3": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1717432640,
"narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1716977621,
"narHash": "sha256-Q1UQzYcMJH4RscmpTkjlgqQDX5yi1tZL0O345Ri6vXQ=",
"owner": "cachix",
"repo": "devenv-nixpkgs",
"rev": "4267e705586473d3e5c8d50299e71503f16a6fb6",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "rolling",
"repo": "devenv-nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1728249353,
"narHash": "sha256-7NBJm1jfMeAowE1J2oljYqWVvI9X7FyyxBY4O8uB/Os=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8a17040be4a20b29589cb4043a9e0c36af1930e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1636823747,
"narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f6a2ed2082d9a51668c86ba27d0b5496f7a2ea93",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"devenv",
"cachix",
"devenv",
"cachix",
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1692876271,
"narHash": "sha256-IXfZEkI0Mal5y1jr6IRWMqK8GW2/f28xJenZIPQqkY0=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "d5006be9c2c2417dafb2e2e5034d83fabd207ee3",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": [
"devenv",
"nix"
],
"flake-utils": "flake-utils_2",
"gitignore": [
"devenv",
"nix"
],
"nixpkgs": [
"devenv",
"nix",
"nixpkgs"
],
"nixpkgs-stable": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712897695,
"narHash": "sha256-nMirxrGteNAl9sWiOhoN5tIHyjBbVi5e2tgZUgZlK3Y=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "40e6053ecb65fcbf12863338a6dcefb3f55f1bf8",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"pre-commit-hooks_2": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1725513492,
"narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "7570de7b9b504cfe92025dd1be797bf546f66528",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs",
"ren": "ren"
"devenv": "devenv",
"flake-parts": "flake-parts_2",
"nix-devtools": "nix-devtools",
"nix-gitlab-ci": "nix-gitlab-ci",
"nixpkgs": "nixpkgs_4",
"systems": "systems_2",
"terranix": "terranix",
"treefmt-nix": "treefmt-nix"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": {
"inputs": {
"bats-assert": "bats-assert",
"bats-support": "bats-support",
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_5",
"terranix-examples": "terranix-examples"
},
"locked": {
"lastModified": 1695406838,
"narHash": "sha256-xiUfVD6rtsVWFotVtUW3Q1nQh4obKzgvpN1wqZuGXvM=",
"owner": "terranix",
"repo": "terranix",
"rev": "fc9077ca02ab5681935dbf0ecd725c4d889b9275",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix",
"type": "github"
}
},
"terranix-examples": {
"locked": {
"lastModified": 1636300201,
"narHash": "sha256-0n1je1WpiR6XfCsvi8ZK7GrpEnMl+DpwhWaO1949Vbc=",
"owner": "terranix",
"repo": "terranix-examples",
"rev": "a934aa1cf88f6bd6c6ddb4c77b77ec6e1660bd5e",
"type": "github"
},
"original": {
"owner": "terranix",
"repo": "terranix-examples",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1725271838,
"narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},

188
flake.nix
View file

@ -1,37 +1,175 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
ren.url = "gitlab:rensa-nix/core?dir=lib";
};
description = "Coder Templates";
outputs = {
ren,
self,
nixpkgs,
flake-parts,
systems,
...
} @ inputs:
ren.buildWith
{
inherit inputs;
cellsFrom = ./nix;
transformInputs = system: i:
i
// {
pkgs = import i.nixpkgs {
flake-parts.lib.mkFlake {inherit inputs;} {
imports = [
inputs.devenv.flakeModule
inputs.nix-gitlab-ci.flakeModule
inputs.nix-devtools.flakeModule
inputs.treefmt-nix.flakeModule
];
systems = import systems;
flake = {
};
perSystem = {
pkgs,
config,
system,
...
}: {
_module.args.pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
treefmt = {
projectRootFile = "flake.nix";
programs = {
alejandra.enable = true;
mdformat = {
enable = true;
package = pkgs.mdformat.withPlugins (p: [
p.mdformat-gfm-alerts
]);
};
};
cellBlocks = with ren.blocks; [
(simple "devShells")
(simple "docs")
(simple "ci")
(simple "packages")
};
devenv.shells.default = {
packages = with pkgs; [
opentofu
coder
buildah
];
}
{
packages = ren.select self [
["repo" "ci" "packages"]
["repo" "docs"]
["packages" "packages"]
pre-commit.hooks = {
treefmt = {
enable = true;
packageOverrides.treefmt = config.treefmt.build.wrapper;
};
convco.enable = true;
};
task = {
enable = true;
alias = ",";
tasks = {
"build" = {
requires.vars = ["TEMPLATE"];
cmds = [
"nix build .#{{ .TEMPLATE }}"
"install result {{ .TEMPLATE }}/template.tf.json"
];
};
"validate" = {
desc = "Validate the resulting terraform files";
deps = ["build"];
requires.vars = ["TEMPLATE"];
dir = "{{ .TEMPLATE }}";
cmds = [
"${pkgs.opentofu}/bin/tofu init"
"${pkgs.opentofu}/bin/tofu validate"
];
};
"upload-to-coder" = {
desc = "Uploads the specified template to coder";
deps = ["build" "validate"];
requires.vars = ["TEMPLATE"];
dir = "{{ .TEMPLATE }}";
interactive = true;
cmd = ''${pkgs.coder}/bin/coder templates push "{{ .TEMPLATE }}"'';
};
};
};
};
packages = {
nix-coder-image = pkgs.callPackage ./image.nix {};
nix-kubernetes = inputs.terranix.lib.terranixConfiguration {
inherit system;
modules = [./nix-kubernetes];
};
};
ci = {
stages = ["build" "upload"];
jobs = let
SYSTEMS = ["aarch64-linux" "x86_64-linux"];
in {
"build" = {
stage = "build";
parallel.matrix = [
{TEMPLATE = ["nix-kubernetes"];}
];
nix.deps = [pkgs.gnutar];
script = [
"nix build .#\${TEMPLATE}"
"install -D result templates/\${TEMPLATE}.tf.json"
"tar -cf templates/\${TEMPLATE}.tar -C templates \${TEMPLATE}.tf.json"
];
artifacts.paths = ["templates/"];
};
"build:image" = {
stage = "build";
parallel.matrix = [
{SYSTEM = SYSTEMS;}
];
script = [
"nix build .#nix-coder-image --system $SYSTEM"
"install -D result dist/nix-coder-image_\${SYSTEM}.tar.gz"
];
artifacts.paths = ["dist/"];
};
"upload" = {
stage = "upload";
nix.deps = [pkgs.buildah];
needs = ["build:image"];
before_script = [
''export REGISTRY_AUTH_FILE=''${HOME}/auth.json''
''echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY''
''
mkdir -p /etc/containers &&
echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
''
''mkdir -p /var/tmp''
];
script =
[
''buildah manifest create localhost/nix-coder-image''
]
++ (
builtins.map (sys: ''
buildah manifest add localhost/nix-coder-image docker-archive:dist/nix-coder-image_${sys}.tar.gz
'')
SYSTEMS
)
++ [
''
buildah manifest push --all localhost/nix-coder-image \
docker://''${CI_REGISTRY_IMAGE}/nix-coder-image:$CI_COMMIT_SHORT_SHA
''
];
};
};
};
};
};
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
systems.url = "github:nix-systems/default";
devenv.url = "github:cachix/devenv";
nix-gitlab-ci.url = "gitlab:TECHNOFAB/nix-gitlab-ci/2.1.0?dir=lib";
nix-devtools.url = "gitlab:TECHNOFAB/nix-devtools?dir=lib";
treefmt-nix.url = "github:numtide/treefmt-nix";
terranix.url = "github:terranix/terranix";
};
}

0
nix/packages/image.nix → image.nix
View file

42
nix-kubernetes/coder.nix
View file

@ -1,15 +1,7 @@
{
ref,
utils,
...
}: {
locals."git_repo_folder" = with utils; let
split_repo = split (quot "") ref.data.coder_parameter.git_repo.value;
in
try [
(element split_repo "${rb (length split_repo)} - 1")
(quot "")
];
{...}: {
locals."git_repo_folder" = let
split_repo = ''split("/", data.coder_parameter.git_repo.value)'';
in ''''${try(element(${split_repo}, length(${split_repo}) - 1), "")}'';
data = {
coder_external_auth."gitlab" = {
@ -22,7 +14,7 @@
resource = {
coder_agent."coder" = {
arch = ref.var.arch;
arch = "\${var.arch}";
os = "linux";
metadata = [
{
@ -42,7 +34,7 @@
{
display_name = "Home Disk";
key = "2_home_disk";
script = "coder stat disk --path $HOME";
script = "coder stat disk --path $${HOME}";
interval = 60;
timeout = 1;
}
@ -56,15 +48,13 @@
];
};
coder_script."git_clone" = {
agent_id = ref.coder_agent.coder.id;
agent_id = "\${coder_agent.coder.id}";
display_name = "Git Clone";
icon = "/icon/git.svg";
script = let
repo = ref.data.coder_parameter.git_repo.value;
repo_folder = ref.local.git_repo_folder;
in
# sh
''
repo = ''''${data.coder_parameter.git_repo.value}'';
repo_folder = ''''${local.git_repo_folder}'';
in ''
mkdir -p ~/repos
if [ ! -z "${repo}" ]; then
echo "Cloning repo \"${repo}\" if it does not exist"
@ -81,12 +71,10 @@
start_blocks_login = true;
};
coder_script."home-manager" = {
agent_id = ref.coder_agent.coder.id;
agent_id = "\${coder_agent.coder.id}";
display_name = "Home Manager";
icon = "/emojis/1f3e0.png";
script =
# sh
''
script = ''
if [ ! -z "$DOTFILES_REPO" ]; then
echo "Dotfiles present, reloading home-manager profile"
reload-dotfiles
@ -104,12 +92,10 @@
start_blocks_login = true;
};
coder_script."home-manager-shutdown" = {
agent_id = ref.coder_agent.coder.id;
agent_id = "\${coder_agent.coder.id}";
display_name = "Home Manager Shutdown";
icon = "/emojis/1f3e0.png";
script =
# sh
''
script = ''
if command -v coder_shutdown &> /dev/null; then
echo "Running shutdown tasks..."
coder_shutdown

18
nix-kubernetes/default.nix
View file

@ -1,8 +1,24 @@
{
{...}: {
imports = [
./parameters.nix
./variables.nix
./coder.nix
./kubernetes.nix
];
terraform.required_providers = {
coder = {
source = "coder/coder";
version = "2.8.0";
};
kubernetes = {
source = "hashicorp/kubernetes";
version = "2.29.0";
};
};
provider = {
coder = {};
kubernetes = {};
};
}

132
nix-kubernetes/kubernetes.nix
View file

@ -1,34 +1,25 @@
{
ref,
utils,
...
}: let
identifier = with utils; "${lower ref.data.coder_workspace_owner.me.name}-${lower ref.data.coder_workspace.me.name}";
in {
{...}: {
resource = {
kubernetes_pod."workspace" = {
count = ref.data.coder_workspace.me.start_count;
metadata = [
{
name = "coder-${identifier}";
namespace = ref.var.namespace;
annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
count = "\${data.coder_workspace.me.start_count}";
metadata = {
name = "coder-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
namespace = "\${var.namespace}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}";
labels = {
"app.kubernetes.io/instance" = "coder-workspace-${identifier}";
"app.kubernetes.io/instance" = "coder-workspace-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
"app.kubernetes.io/name" = "coder-workspace";
"app.kubernetes.io/part-of" = "coder";
"com.coder.resource" = "true";
"com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.id" = ref.data.coder_workspace.me.id;
"com.coder.workspace.name" = ref.data.coder_workspace.me.name;
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}";
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}";
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}";
};
};
}
];
# give the shutdown tasks enough time to run
timeouts.delete = "31m";
spec = [
{
spec = {
termination_grace_period_seconds = 1800;
affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution = {
weight = 1;
@ -67,7 +58,7 @@ in {
}
{
name = "copy-nix-store";
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:${ref.data.coder_parameter.image_tag.value}";
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:\${data.coder_parameter.image_tag.value}";
command = ["cp" "-nR" "/nix/." "/pv_nix"];
security_context.run_as_user = "1000";
volume_mount = [
@ -82,39 +73,39 @@ in {
container = [
{
name = "workspace";
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:${ref.data.coder_parameter.image_tag.value}";
command = ["/bin/sh" "-c" "${ref.coder_agent.coder.init_script}"];
image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:\${data.coder_parameter.image_tag.value}";
command = ["/bin/sh" "-c" "\${resource.coder_agent.coder.init_script}"];
env = [
{
name = "CODER_AGENT_TOKEN";
value = ref.coder_agent.coder.token;
value = "\${resource.coder_agent.coder.token}";
}
{
name = "DOTFILES_REPO";
value = ref.data.coder_parameter.dotfiles_repo.value;
value = "\${data.coder_parameter.dotfiles_repo.value}";
}
{
name = "TZ";
value = ref.data.coder_parameter.timezone.value;
value = "\${data.coder_parameter.timezone.value}";
}
{
name = "NIX_CONFIG";
value = ref.data.coder_parameter.nix_config.value;
value = "\${data.coder_parameter.nix_config.value}";
}
];
resources = {
requests = {
cpu = ref.var.cpu_request;
memory = ref.var.memory_request;
cpu = "\${var.cpu_request}";
memory = "\${var.memory_request}";
};
limits = {
cpu = ref.data.coder_parameter.cpu.value;
memory = ref.data.coder_parameter.memory.value;
cpu = "\${data.coder_parameter.cpu.value}";
memory = "\${data.coder_parameter.memory.value}";
};
};
security_context = {
run_as_user = "1000";
run_as_group = "1000";
run_as_user = 1000;
run_as_group = 1000;
};
volume_mount = [
{
@ -136,17 +127,17 @@ in {
}
];
security_context = {
run_as_user = "1000";
run_as_group = "1000";
run_as_user = 1000;
run_as_group = 1000;
};
volume = [
{
name = "home";
persistent_volume_claim.claim_name = ref.kubernetes_persistent_volume_claim.home.metadata ".0.name";
persistent_volume_claim.claim_name = "\${resource.kubernetes_persistent_volume_claim.home.metadata.0.name}";
}
{
name = "nix-store";
persistent_volume_claim.claim_name = ref.kubernetes_persistent_volume_claim.nix-store.metadata ".0.name";
persistent_volume_claim.claim_name = "\${resource.kubernetes_persistent_volume_claim.nix-store.metadata.0.name}";
}
{
name = "tmp";
@ -157,59 +148,50 @@ in {
};
}
];
}
];
};
};
kubernetes_persistent_volume_claim."home" = {
metadata = [
{
name = "coder-home-${identifier}";
namespace = ref.var.namespace;
annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
metadata = {
name = "coder-home-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
namespace = "\${var.namespace}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}";
labels = {
"app.kubernetes.io/instance" = "coder-pvc-home-${identifier}";
"app.kubernetes.io/instance" = "coder-pvc-home-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
"app.kubernetes.io/name" = "coder-pvc";
"app.kubernetes.io/part-of" = "coder";
"com.coder.resource" = "true";
"com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.id" = ref.data.coder_workspace.me.id;
"com.coder.workspace.name" = ref.data.coder_workspace.me.name;
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}";
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}";
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}";
};
}
];
spec = [
{
};
spec = {
access_modes = ["ReadWriteOnce"];
resources.requests.storage = "${ref.data.coder_parameter.home_disk_size.value}Gi";
}
];
resources.requests.storage = "\${data.coder_parameter.home_disk_size.value}Gi";
};
wait_until_bound = false;
};
kubernetes_persistent_volume_claim."nix-store" = {
metadata = [
{
name = "coder-nix-store-${identifier}";
namespace = ref.var.namespace;
annotations."com.coder.user.email" = ref.data.coder_workspace_owner.me.email;
metadata = {
name = "coder-nix-store-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
namespace = "\${var.namespace}";
annotations."com.coder.user.email" = "\${data.coder_workspace_owner.me.email}";
labels = {
"app.kubernetes.io/instance" = "coder-pvc-nix-store-${identifier}";
"app.kubernetes.io/instance" = "coder-pvc-nix-store-\${lower(data.coder_workspace_owner.me.name)}-\${lower(data.coder_workspace.me.name)}";
"app.kubernetes.io/name" = "coder-pvc";
"app.kubernetes.io/part-of" = "coder";
"com.coder.resource" = "true";
"com.coder.user.id" = ref.data.coder_workspace_owner.me.id;
"com.coder.user.name" = ref.data.coder_workspace_owner.me.name;
"com.coder.workspace.id" = ref.data.coder_workspace.me.id;
"com.coder.workspace.name" = ref.data.coder_workspace.me.name;
"com.coder.user.id" = "\${data.coder_workspace_owner.me.id}";
"com.coder.user.name" = "\${data.coder_workspace_owner.me.name}";
"com.coder.workspace.id" = "\${data.coder_workspace.me.id}";
"com.coder.workspace.name" = "\${data.coder_workspace.me.name}";
};
}
];
spec = [
{
};
spec = {
access_modes = ["ReadWriteOnce"];
resources.requests.storage = "${ref.data.coder_parameter.nix_store_disk_size.value}Gi";
}
];
resources.requests.storage = "\${data.coder_parameter.nix_store_disk_size.value}Gi";
};
wait_until_bound = false;
};
};

24
nix-kubernetes/parameters.nix
View file

@ -1,6 +1,6 @@
{
{...}: {
data.coder_parameter = {
"dotfiles_repo" = {
dotfiles_repo = {
name = "Dotfiles Repository (passed to home-manager)";
description = ''
Nix flake URI to your dotfiles repository, eg.
@ -13,7 +13,7 @@
type = "string";
mutable = true;
};
"git_repo" = {
git_repo = {
name = "Git Repository";
description = ''
URI for a git repository which should automatically be cloned to ~/repos/<name>
@ -23,7 +23,7 @@
type = "string";
mutable = true;
};
"image_tag" = {
image_tag = {
name = "Image Tag";
description = ''
Which container image tag should be used.
@ -33,7 +33,7 @@
type = "string";
mutable = true;
};
"cpu" = {
cpu = {
name = "CPU";
description = ''
CPU Limit for Kubernetes Pod. Kubernetes Notation (eg. 500m)
@ -43,7 +43,7 @@
type = "string";
mutable = true;
};
"memory" = {
memory = {
name = "Memory";
description = ''
Memory Limit for Kubernetes Pod. Kubernetes Notation (eg. 1Gi)
@ -53,12 +53,12 @@
type = "string";
mutable = true;
};
"home_disk_size" = {
home_disk_size = {
name = "Home Disk Size";
description = ''
Size for the /home PV in GB
'';
default = "5";
default = 5;
order = 6;
type = "number";
mutable = true;
@ -70,12 +70,12 @@
}
];
};
"nix_store_disk_size" = {
nix_store_disk_size = {
name = "Nix Store Disk Size";
description = ''
Size for the /nix PV in GB. This might grow pretty big.
'';
default = "5";
default = 5;
order = 7;
type = "number";
mutable = true;
@ -87,7 +87,7 @@
}
];
};
"timezone" = {
timezone = {
name = "Timezone";
description = ''
Content of the TZ environment variable.
@ -97,7 +97,7 @@
type = "string";
mutable = true;
};
"nix_config" = {
nix_config = {
name = "Nix Config";
description = ''
Nix config, will be put into $NIX_CONFIG

10
nix-kubernetes/variables.nix
View file

@ -1,10 +1,10 @@
{
{...}: {
variable = {
"namespace" = {
namespace = {
type = "string";
description = "Kubernetes namespace (must exist prior to creating workspaces)";
};
"arch" = {
arch = {
type = "string";
description = "Architecture of the host";
validation = {
@ -12,12 +12,12 @@
error_message = "Invalid architecture selected";
};
};
"cpu_request" = {
cpu_request = {
type = "string";
description = "CPU request to apply to workspaces. Kubernetes Notation (eg. 500m)";
default = "0";
};
"memory_request" = {
memory_request = {
type = "string";
description = "Memory request to apply to workspaces. Kubernetes Notation (eg. 1Gi)";
default = "0";

28
nix/packages/flake.lock generated
View file

@ -1,28 +0,0 @@
{
"nodes": {
"root": {
"inputs": {
"tofunix-lib": "tofunix-lib"
}
},
"tofunix-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763484138,
"narHash": "sha256-4WuyFH0OxRD1urqKQR62LioYRStit63s4sFo18CDJOA=",
"owner": "TECHNOFAB",
"repo": "tofunix",
"rev": "cb0605cf53f61286407345d1ee32395e54ba42d1",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "tofunix",
"type": "gitlab"
}
}
},
"root": "root",
"version": 7
}

10
nix/packages/flake.nix
View file

@ -1,10 +0,0 @@
{
inputs = {
tofunix-lib.url = "gitlab:TECHNOFAB/tofunix?dir=lib";
};
outputs = i:
i
// {
tofulib = i.tofunix-lib.lib {inherit (i.parent) pkgs;};
};
}

23
nix/packages/packages.nix
View file

@ -1,23 +0,0 @@
{inputs, ...}: let
inherit (inputs) self pkgs tofulib;
in rec {
nix-coder-image = pkgs.callPackage ./image.nix {};
nix-kubernetes = nix-kubernetes-cli.tfjson;
nix-kubernetes-cli = tofulib.mkCliAio {
plugins = [
(tofulib.mkOpentofuProvider {
owner = "coder";
repo = "coder";
version = "2.8.0";
hash = "sha256-wnjgnD1c6U42ceizqfBG6SE4YXm7rZ7kyYkAdtE8t0k=";
})
(tofulib.mkOpentofuProvider {
owner = "hashicorp";
repo = "kubernetes";
version = "2.29.0";
hash = "sha256-r8DomSe+gUAbHuc8ciiuVl/6IeeIjJK6HFVaqAsnze8=";
})
];
moduleConfig = "${self}/nix-kubernetes";
};
}

95
nix/repo/ci.nix
View file

@ -1,95 +0,0 @@
{inputs, ...}: let
inherit (inputs) pkgs cilib;
inherit (pkgs.lib) concatStringsSep;
in
cilib.mkCI {
pipelines."default" = {
stages = ["build" "upload"];
jobs = let
SYSTEMS = ["aarch64-linux" "x86_64-linux"];
TEMPLATES = ["nix-kubernetes"];
in {
"build" = {
stage = "build";
parallel.matrix = [
{TEMPLATE = TEMPLATES;}
];
nix.deps = [pkgs.gnutar];
script = [
# sh
''
nix build .#''${TEMPLATE}
install -D result templates/''${TEMPLATE}.tf.json
tar -cf templates/''${TEMPLATE}.tar -C templates ''${TEMPLATE}.tf.json
''
];
artifacts.paths = ["templates/"];
};
"build:image" = {
stage = "build";
parallel.matrix = [
{SYSTEM = SYSTEMS;}
];
script = [
# sh
''
nix build .#nix-coder-image --system $SYSTEM
install -D result dist/nix-coder-image_''${SYSTEM}.tar.gz
''
];
artifacts.paths = ["dist/"];
};
"docs" = {
stage = "build";
script = [
# sh
''
nix build .#docs:default
mkdir -p public
cp -r result/. public/
''
];
artifacts.paths = ["public"];
};
"pages" = {
nix.enable = false;
image = "alpine:latest";
stage = "upload";
script = ["true"];
artifacts.paths = ["public"];
rules = [
{
"if" = "$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH";
}
];
};
"upload" = {
stage = "upload";
nix.deps = [pkgs.buildah];
needs = ["build:image"];
before_script = [
# sh
''
export REGISTRY_AUTH_FILE=''${HOME}/auth.json
echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
mkdir -p /etc/containers
echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json
mkdir -p /var/tmp
''
];
script = [
# sh
''
buildah manifest create localhost/nix-coder-image
${concatStringsSep "\n" (map (
sys: "buildah manifest add localhost/nix-coder-image docker-archive:dist/nix-coder-image_${sys}.tar.gz"
)
SYSTEMS)}
buildah manifest push --all localhost/nix-coder-image \
docker://''${CI_REGISTRY_IMAGE}/nix-coder-image:$CI_COMMIT_SHORT_SHA
''
];
};
};
};
}

23
nix/repo/devShells.nix
View file

@ -1,23 +0,0 @@
{
inputs,
cell,
...
}: let
inherit (inputs) pkgs devshell treefmt soonix;
inherit (cell) ci;
in {
default = devshell.mkShell {
imports = [
soonix.devshellModule
];
packages = [
(treefmt.mkWrapper pkgs {
programs = {
alejandra.enable = true;
mdformat.enable = true;
};
})
];
soonix.hooks.ci = ci.soonix;
};
}

80
nix/repo/docs.nix
View file

@ -1,80 +0,0 @@
{inputs, ...}: let
inherit (inputs) cells doclib pkgs;
inherit (pkgs.lib) concatMapStringsSep;
in
(doclib.mkDocs {
docs."default" = {
base = "${inputs.self}";
path = "${inputs.self}/docs";
material = {
enable = true;
colors = {
primary = "green";
accent = "light blue";
};
umami = {
enable = true;
src = "https://analytics.tf/umami";
siteId = "dc8d1f6c-50f6-4019-9b0d-9b924dedb111";
domains = ["coder-templates.projects.tf"];
};
};
dynamic-nav = {
enable = true;
files."Parameters" = map (template: {
${template} =
builtins.toFile "${template}.md"
# md
''
# ${template} Parameters
${
concatMapStringsSep "\n" (param: ''
## ${param.name}
${param.description}
Type: `${param.type}` <br>
Mutable: `${
if param.mutable
then "true"
else "false"
}` <br>
${
if param.default != ""
then "Default: `${param.default}` <br>"
else ""
}
'')
(builtins.attrValues cells.packages.packages."${template}-cli".module.config.data.coder_parameter)
}
'';
}) ["nix-kubernetes"];
};
config = {
site_name = "Coder Templates";
site_url = "https://coder-templates.projects.tf";
repo_name = "TECHNOFAB/coder-templates";
repo_url = "https://gitlab.com/TECHNOFAB/coder-templates";
extra_css = ["style.css"];
theme = {
logo = "images/logo.svg";
icon.repo = "simple/gitlab";
favicon = "images/logo.svg";
};
nav = [
{"Introduction" = "index.md";}
];
markdown_extensions = [
{
"pymdownx.highlight".pygments_lang_class = true;
}
"pymdownx.inlinehilite"
"pymdownx.snippets"
"pymdownx.superfences"
"pymdownx.escapeall"
"fenced_code"
];
};
};
}).packages

100
nix/repo/flake.lock generated
View file

@ -1,100 +0,0 @@
{
"nodes": {
"devshell-lib": {
"locked": {
"dir": "lib",
"lastModified": 1758204313,
"narHash": "sha256-ainbY0Oajb1HMdvy+A8QxF/P5qwcbEzJGEY5pzKdDdc=",
"owner": "rensa-nix",
"repo": "devshell",
"rev": "7d0c4bc78d9f017a739b0c7eb2f4e563118353e6",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "rensa-nix",
"repo": "devshell",
"type": "gitlab"
}
},
"nix-gitlab-ci-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763066668,
"narHash": "sha256-mcNiuWf5R0qS7Be4EFAxPStl3SSYPhg4PSPAXgjKJj0=",
"owner": "TECHNOFAB",
"repo": "nix-gitlab-ci",
"rev": "524bdf9cdcfb8008c08d7e54a95992ebf05331d5",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"ref": "3.0.1",
"repo": "nix-gitlab-ci",
"type": "gitlab"
}
},
"nixmkdocs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1763481845,
"narHash": "sha256-Bp0+9rDmlPWMcnKqGx+BG4+o5KO8FuDAOvXRnXrm3Fo=",
"owner": "TECHNOFAB",
"repo": "nixmkdocs",
"rev": "73d59093df94a894d25bc4bf71880b6f00faa62f",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "nixmkdocs",
"type": "gitlab"
}
},
"root": {
"inputs": {
"devshell-lib": "devshell-lib",
"nix-gitlab-ci-lib": "nix-gitlab-ci-lib",
"nixmkdocs-lib": "nixmkdocs-lib",
"soonix-lib": "soonix-lib",
"treefmt-nix": "treefmt-nix"
}
},
"soonix-lib": {
"locked": {
"dir": "lib",
"lastModified": 1758615778,
"narHash": "sha256-tggru+siXlLcLUjHtMojkJJWTS/8I3gm8nhnlz+qrTo=",
"owner": "TECHNOFAB",
"repo": "soonix",
"rev": "e04b71c07413251dcb52036b4a51c6c7c0dca2ad",
"type": "gitlab"
},
"original": {
"dir": "lib",
"owner": "TECHNOFAB",
"repo": "soonix",
"type": "gitlab"
}
},
"treefmt-nix": {
"flake": false,
"locked": {
"lastModified": 1762410071,
"narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "97a30861b13c3731a84e09405414398fbf3e109f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

21
nix/repo/flake.nix
View file

@ -1,21 +0,0 @@
{
inputs = {
devshell-lib.url = "gitlab:rensa-nix/devshell?dir=lib";
soonix-lib.url = "gitlab:TECHNOFAB/soonix?dir=lib";
nixmkdocs-lib.url = "gitlab:TECHNOFAB/nixmkdocs?dir=lib";
nix-gitlab-ci-lib.url = "gitlab:TECHNOFAB/nix-gitlab-ci/3.0.1?dir=lib";
treefmt-nix = {
url = "github:numtide/treefmt-nix";
flake = false;
};
};
outputs = i:
i
// {
devshell = i.devshell-lib.lib {inherit (i.parent) pkgs;};
soonix = i.soonix-lib.lib {inherit (i.parent) pkgs;};
doclib = i.nixmkdocs-lib.lib {inherit (i.parent) pkgs;};
cilib = i.nix-gitlab-ci-lib.lib {inherit (i.parent) pkgs;};
treefmt = import i.treefmt-nix;
};
}