UGA-Innovation-Factory/athenix
3
1
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity
Files
36dcf08e32e6bcb331892ae24bbd44571ae4402f
athenix/docs/DEVELOPMENT.md
copilot-swe-agent[bot] 8cdedae4db Add GitHub Actions runner configuration to nix-builder 
Co-authored-by: Jyumpp <11142390+Jyumpp@users.noreply.github.com>
2025-12-17 15:19:05 +00:00

466 lines
11 KiB
Markdown
Raw Blame History

# Development Guide
This guide covers development workflows for maintaining and extending the nixos-systems repository.
## Table of Contents
- [Prerequisites](#prerequisites)
- [Testing Changes](#testing-changes)
- [Continuous Integration](#continuous-integration)
- [System Rebuilds](#system-rebuilds)
- [Updating Dependencies](#updating-dependencies)
- [Adding Packages](#adding-packages)
- [Python Development](#python-development)
- [Contributing](#contributing)
## Prerequisites
Install Nix with flakes support:
```bash
# Recommended: Determinate Systems installer (includes flakes)
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Alternative: Official installer (requires enabling flakes manually)
sh <(curl -L https://nixos.org/nix/install) --daemon
```
## Testing Changes
Always test configuration changes before committing.
### Validate All Configurations
```bash
# Check all configurations build correctly
nix flake check
# Check with verbose error traces
nix flake check --show-trace
```
### Test Specific Host Build
```bash
# Build a specific host's configuration
nix build .#nixosConfigurations.nix-laptop1.config.system.build.toplevel
# Build installer for specific host
nix build .#installer-iso-nix-laptop1
```
### Test Local Changes
If you're on a NixOS system managed by this flake:
```bash
# Test changes without committing (temporary, doesn't survive reboot)
sudo nixos-rebuild test --flake .
# Apply and switch to new configuration
sudo nixos-rebuild switch --flake .
# Build without switching
sudo nixos-rebuild build --flake .
```
## Continuous Integration
The repository uses GitHub Actions for automated testing and validation. CI jobs run on the self-hosted `nix-builder` machine via SSH.
### CI Workflow
All pull requests and pushes to main trigger the CI pipeline, which includes:
1. **Flake Check** - Validates all NixOS configurations
- Runs `nix flake check` to ensure all systems build correctly
- Catches configuration errors early
2. **Format Check** - Ensures code formatting consistency
- Verifies code is formatted with `nix fmt`
- Automatically fails if formatting is incorrect
3. **Build Key Configurations** - Tests critical system builds
- Builds: `nix-builder`, `nix-laptop1`, `nix-desktop1`
- Ensures core configurations compile successfully
4. **Build Artifacts** - Validates installer and container builds
- Builds: `lxc-nix-builder`, `installer-iso-nix-laptop1`
- Verifies deployment artifacts are buildable
### Viewing CI Status
Check the CI status badge at the top of the README or view detailed logs:
```bash
# View workflow status
https://github.com/UGA-Innovation-Factory/nixos-systems/actions
```
### Running CI Checks Locally
Before pushing changes, run the same checks that CI performs:
```bash
# Run all checks
nix flake check --show-trace
# Check formatting
nix fmt
git diff --exit-code # Should return no changes
# Build specific configuration
nix build .#nixosConfigurations.nix-builder.config.system.build.toplevel
# Build artifacts
nix build .#lxc-nix-builder
```
### Self-Hosted Runner
CI jobs run on the `nix-builder` host as a self-hosted GitHub Actions runner. This provides:
- Native Nix environment without installation overhead
- Access to local Nix store for faster builds
- Consistent build environment matching deployment targets
- Direct access to build caching infrastructure
#### Setting Up the GitHub Actions Runner
The nix-builder host is configured with a GitHub Actions self-hosted runner in `inventory.nix`. To complete the setup:
1. **Generate a GitHub Personal Access Token (PAT)**:
- Go to https://github.com/settings/tokens
- Create a new token with `repo` scope
- Copy the token value
2. **Create the token file on nix-builder**:
```bash
ssh engr-ugaif@nix-builder
echo "YOUR_TOKEN_HERE" | sudo tee /var/lib/github-runner-token > /dev/null
sudo chmod 600 /var/lib/github-runner-token
```
3. **Rebuild the system** to start the runner:
```bash
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems#nix-builder
```
4. **Verify the runner is registered**:
- Check https://github.com/UGA-Innovation-Factory/nixos-systems/settings/actions/runners
- The runner should appear with the `nix-builder` label
The runner service is configured in the nix-builder device configuration and will automatically:
- Register with the repository on first start
- Use the `nix-builder` label for workflow targeting
- Run as the `engr-ugaif` user
- Store work in `/var/lib/github-runner`
### Troubleshooting CI Failures
If CI fails:
1. **Check the error logs** in the GitHub Actions tab
2. **Run the same command locally** to reproduce the issue
3. **Use `--show-trace`** for detailed error information
4. **Verify formatting** with `nix fmt` if format check fails
5. **Check for external dependencies** that might be unavailable
Common CI issues:
- **Flake check fails**: Configuration error in a host definition
- **Format check fails**: Run `nix fmt` locally and commit changes
- **Build fails**: Missing dependency or syntax error in Nix expressions
- **Cache issues**: Usually self-resolving; can retry the workflow
## System Rebuilds
### From Local Directory
```bash
# Rebuild current host from local directory
sudo nixos-rebuild switch --flake .
# Rebuild specific host
sudo nixos-rebuild switch --flake .#nix-laptop1
# Test without switching (temporary, doesn't persist reboot)
sudo nixos-rebuild test --flake .#nix-laptop1
# Build a new generation without activating it
sudo nixos-rebuild build --flake .
```
### From GitHub
```bash
# Rebuild from GitHub main branch
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems
# Use --impure for external user configurations with fetchGit
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems --impure
# Rebuild specific host from GitHub
sudo nixos-rebuild switch --flake github:UGA-Innovation-Factory/nixos-systems#nix-laptop1
```
### Boot into Previous Generation
If something breaks:
```bash
# List generations
sudo nixos-rebuild list-generations
# Rollback to previous generation
sudo nixos-rebuild switch --rollback
# Or select specific generation at boot (GRUB menu)
# Reboot and select "NixOS - Configuration X" from boot menu
```
## Updating Dependencies
### Update All Inputs
```bash
# Update all flake inputs (nixpkgs, home-manager, etc.)
nix flake update
# Review changes
git diff flake.lock
# Test the updates
nix flake check
# Commit if successful
git add flake.lock
git commit -m "Update flake inputs"
git push
```
### Update Specific Input
```bash
# Update only nixpkgs
nix flake lock --update-input nixpkgs
# Update home-manager
nix flake lock --update-input home-manager
# Update multiple specific inputs
nix flake lock --update-input nixpkgs --update-input home-manager
```
### Check for Security Updates
```bash
# After updating, check for known vulnerabilities
nix flake check
# Review nixpkgs changelog
git log HEAD..nixpkgs/nixos-25.11 --oneline | head -20
```
## Adding Packages
### System-Wide Packages by Type
Add packages based on system type:
**Desktop systems:**
```bash
# Edit sw/desktop/programs.nix
vim sw/desktop/programs.nix
```
**Tablet kiosks:**
```bash
# Edit sw/tablet-kiosk/programs.nix
vim sw/tablet-kiosk/programs.nix
```
**Headless systems:**
```bash
# Edit sw/headless/programs.nix
vim sw/headless/programs.nix
```
### Packages for Specific Hosts
Add to `ugaif.sw.extraPackages` in `inventory.nix`:
```nix
nix-laptop = {
devices = 2;
overrides = {
ugaif.sw.extraPackages = with pkgs; [
vim
docker
kubernetes-helm
];
};
};
```
### User-Specific Packages
Add to user's home-manager configuration in `users.nix` or external dotfiles:
```nix
myuser = {
homePackages = with pkgs; [
ripgrep
fd
bat
];
};
```
### Search for Packages
```bash
# Search nixpkgs
nix search nixpkgs firefox
nix search nixpkgs python3
# Show package details
nix eval nixpkgs#firefox.meta.description
```
## Python Development
All systems include modern Python tools: `pixi` and `uv`.
### Pixi (Recommended for Projects)
```bash
# Initialize new project
pixi init my-project
cd my-project
# Add dependencies
pixi add pandas numpy matplotlib jupyter
# Run Python
pixi run python
# Run Jupyter
pixi run jupyter notebook
# Run scripts
pixi run python script.py
# Shell with dependencies
pixi shell
```
### uv (Quick Virtual Environments)
```bash
# Create virtual environment
uv venv
# Activate
source .venv/bin/activate
# Install packages
uv pip install requests pandas
# Freeze requirements
uv pip freeze > requirements.txt
# Install from requirements
uv pip install -r requirements.txt
```
### System Python
Python development tools are configured in `sw/python.nix` and can be controlled via:
```nix
ugaif.sw.python.enable = true; # Default: enabled
```
## Contributing
### Code Style
- Run formatter before committing: `nix fmt`
- Follow existing code structure and conventions
- Add comments for complex logic
- Use the `ugaif.*` namespace for all custom options
### Testing Workflow
1. Make changes
2. Run formatter: `nix fmt`
3. Test locally: `nix flake check`
4. Test specific builds if needed
5. Commit changes
6. Push to GitHub
```bash
# Full workflow
nix fmt
nix flake check
git add .
git commit -m "Description of changes"
git push
```
### Documentation
Update relevant documentation when making changes:
- `README.md` - Overview and quick start
- `docs/INVENTORY.md` - Inventory configuration
- `docs/NAMESPACE.md` - Configuration options
- `USER_CONFIGURATION.md` - User management
- `EXTERNAL_MODULES.md` - External modules
### Creating Issues
When reporting bugs or requesting features:
1. Check existing issues first
2. Provide clear description
3. Include error messages and traces
4. Specify which hosts are affected
5. Include `flake.lock` info if relevant
## Useful Commands
```bash
# Show all available outputs
nix flake show
# Evaluate specific option
nix eval .#nixosConfigurations.nix-laptop1.config.networking.hostName
# List all hosts
nix eval .#nixosConfigurations --apply builtins.attrNames
# Check flake metadata
nix flake metadata
# Show evaluation trace
nix eval --show-trace .#nixosConfigurations.nix-laptop1
# Build and enter debug shell
nix develop
# Clean up old generations
nix-collect-garbage -d
# Optimize Nix store
nix store optimise
```
## See Also
- [README.md](../README.md) - Main documentation
- [INVENTORY.md](INVENTORY.md) - Host inventory configuration
- [BUILDING.md](BUILDING.md) - Building installation media
- [USER_CONFIGURATION.md](USER_CONFIGURATION.md) - User management
Reference in New Issue View Git Blame Copy Permalink