Add lint checks and a pipeline to check using Nix

author: EuAndreh <eu@euandre.org> 2019-05-25 13:33:19 -0300
committer: EuAndreh <eu@euandre.org> 2019-05-25 13:33:19 -0300
commit: f1792cb9e6e5557f0983997a011defaa1f19e639 (patch)
tree: f0751cf27e3c1cc19f2b1ac89703767a4c2ab597
parent: Format vps.tf (diff)
download: toph-f1792cb9e6e5557f0983997a011defaa1f19e639.tar.gz
toph-f1792cb9e6e5557f0983997a011defaa1f19e639.tar.xz
4 files changed, 114 insertions, 6 deletions
diff --git a/.build.yml b/.build.yml
new file mode 100644
index 0000000..c8e51f2
--- /dev/null
+++ b/.build.yml
@@ -0,0 +1,13 @@
+image: nixos/unstable
+repositories:
+  nixpkgs: https://nixos.org/channels/nixpkgs-unstable
+triggers:
+  - condition: failure
+    action: email
+    to: EuAndreh <ci@euandre.org>
+sources:
+  - https://git.sr.ht/~euandreh/vps
+tasks:
+  - tests: |
+      cd vps/
+      nix-build -A test
diff --git a/TODOs.org b/TODOs.org
index 9c2ad46..f5895d8 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -1,8 +1,11 @@
 * Tasks
-** Provision DigitalOcean's droplet from Terraform
-** Configure DNS from Terraform
-** Automate deployment of updates
-** Automate recreation from backup
+** DONE Provision DigitalOcean's droplet from Terraform
+CLOSED: [2019-05-25 Sat 13:29]
+** TODO Properly provision Ubuntu droplet
+** TODO Configure DNS from Terraform
+** TODO Automate deployment of updates
+** TODO Automate recreation from backup
+** TODO Use Volumes for extended storage
 * Must
 ** Fully deployable from code
 Use NixOps and Terraform to fully automate all of the configuration.
@@ -13,7 +16,7 @@ Use NixOps and Terraform to fully automate all of the configuration.
 ** =euandreh.org=: Static webhosting
 ** =annex.euandreh.org=: Public content from Git Annex repositories
 Only an static file server, with folders for individual assets.
-** =wallabag.euandreh.org=: Wallabag
+** DOING =wallabag.euandreh.org=: Wallabag
 ** =pi-hole.euandreh.org=: Pi-hole
 ** =pwk.euandreh.org=: Piwik
 ** =git.euandreh.org=: CGit
diff --git a/default.nix b/default.nix
new file mode 100644
index 0000000..d43e113
--- /dev/null
+++ b/default.nix
@@ -0,0 +1,93 @@
+let
+  pkgsUnstable = import <nixpkgs> { };
+  pkgsPinned = import (pkgsUnstable.fetchzip {
+    url = "https://github.com/NixOS/nixpkgs/archive/18.03.zip";
+    sha256 = "0hk4y2vkgm1qadpsm4b0q1vxq889jhxzjx3ragybrlwwg54mzp4f";
+  }) { };
+  pkgs = pkgsUnstable;
+
+  rootSrc = pkgs.nix-gitignore.gitignoreSource [] ./.;
+  nixfmt = import (builtins.fetchTarball
+  "https://github.com/serokell/nixfmt/archive/master.tar.gz") { };
+
+  baseTask = pkgs.stdenv.mkDerivation {
+    name = "vps-task";
+    src = rootSrc;
+    phases = "unpackPhase buildPhase";
+    buildInputs = [];
+    buildPhase = ''
+      echo "ERROR: base task buildPhase not overriden."
+      exit 1
+    '';
+  };
+in with pkgs;
+with pkgs.stdenv; rec {
+  subtasks = rec {
+    shellCheck = baseTask.overrideAttrs(baseAttrs: {
+      name = "${baseAttrs.name}-shellcheck";
+      buildInputs = [ shellcheck ];
+      buildPhase = ''
+        find . -type f -name '*.sh' | xargs shellcheck
+        touch $out
+      '';
+    });
+    fixme = baseTask.overrideAttrs (baseAttrs: {
+      name = "${baseAttrs.name}-fixme";
+      buildInputs = [ag];
+      buildPhase = ''
+        ag FIXME --ignore default.nix|| {
+          touch $out
+        }
+      '';
+    });
+    # docker lint
+    formatTerraform = baseTask.overrideAttrs (baseAttrs: {
+      name = "${baseAttrs.name}-format-terraform";
+      buildInputs = baseAttrs.buildInputs ++ [nixfmt];
+      buildPhase = ''
+        terraform fmt -check=true -diff=true || {
+          echo "Terraform files are unformatted. To fix it, run:"
+          echo "  terraform fmt"
+          exit 1
+        }
+        touch $out
+      '';
+    });
+    formatNix = baseTask.overrideAttrs (baseAttrs: {
+      name = "${baseAttrs.name}-nixfmt";
+      buildInputs = baseAttrs.buildInputs ++ [nixfmt];
+      buildPhase = ''
+        diff <(nixfmt < default.nix) default.nix || {
+          echo "The default.nix is unformatted. To fix it, run:"
+          echo "  nixfmt default.nix"
+          exit 1
+        }
+        touch $out
+      '';
+    });
+  };
+  test = baseTask.overrideAttrs (baseAttrs: rec {
+    name = "${baseAttrs.name}-test";
+    buildInputs = [
+      subtasks.shellcheck
+      subtasks.fixme
+      subtasks.formatTerraform
+      subtasks.formatNix
+    ];
+    buildPhase = ''
+      echo "Ran tests for:"
+      for d in ${builtins.toString buildInputs}; do
+        echo "  $d"
+      done
+      echo "All tests passed!"
+      touch $out
+    '';
+  });
+  shell = mkShell rec {
+    name = "vps-shell";
+    buildInputs = [
+      nixfmt
+      terraform-full
+    ];
+  };
+}
diff --git a/vps.tf b/vps.tf
index 31d247e..fd76a6e 100644
--- a/vps.tf
+++ b/vps.tf
@@ -26,7 +26,6 @@ resource "digitalocean_droplet" "vps" {
     timeout     = "2m"
   }
 
-  # FIXME
   provisioner "remote-exec" {
     inline = [
       "export PATH=$PATH:/usr/bin",
author	EuAndreh <eu@euandre.org>	2019-05-25 13:33:19 -0300
committer	EuAndreh <eu@euandre.org>	2019-05-25 13:33:19 -0300
commit	f1792cb9e6e5557f0983997a011defaa1f19e639 (patch)
tree	f0751cf27e3c1cc19f2b1ac89703767a4c2ab597
parent	Format vps.tf (diff)
download	toph-f1792cb9e6e5557f0983997a011defaa1f19e639.tar.gz toph-f1792cb9e6e5557f0983997a011defaa1f19e639.tar.xz