@highstate/library 0.7.10 → 0.8.0

package/dist/highstate.manifest.json

@@ -1,5 +1,5 @@
 {
   "sourceHashes": {
-    "./dist/index.js": "3748892554dc300f4ba465a1771acdf991b7267396c618d4f1fe12d27f2b5e19"
+    "./dist/index.js": "87b93b45d5c7ee264151628635db26d22961524bc86f599c8bfb9655f27980e9"
   }
 }

package/dist/index.js

@@ -9,6 +9,9 @@ var common_exports = {};
 __export(common_exports, {
   endpointEntity: () => endpointEntity,
   existingServer: () => existingServer,
+  fileContentEntity: () => fileContentEntity,
+  fileEntity: () => fileEntity,
+  fileMetaEntity: () => fileMetaEntity,
   script: () => script,
   serverEntity: () => serverEntity
 });
@@ -145,6 +148,46 @@ var script = defineUnit2({
     path: "script"
   }
 });
+var fileMetaEntity = defineEntity2({
+  type: "common.file-meta",
+  schema: Type2.Object({
+    name: Type2.String(),
+    size: Type2.Number(),
+    isBinary: Type2.Optional(Type2.Boolean()),
+    isExecutable: Type2.Optional(Type2.Boolean())
+  }),
+  meta: {
+    color: "#FF5722",
+    description: "Metadata for a file."
+  }
+});
+var fileContentEntity = defineEntity2({
+  type: "common.file-content",
+  schema: Type2.Union([
+    Type2.Object({
+      type: Type2.Literal("inline"),
+      content: Type2.String()
+    }),
+    Type2.Object({
+      type: Type2.Literal("remote"),
+      url: Type2.String()
+    })
+  ]),
+  meta: {
+    color: "#FF5722",
+    description: "The content of a file."
+  }
+});
+var fileEntity = defineEntity2({
+  type: "common.file",
+  schema: Type2.Object({
+    meta: fileMetaEntity.schema,
+    content: fileContentEntity.schema
+  }),
+  meta: {
+    color: "#FF5722"
+  }
+});
 
 // src/proxmox.ts
 var proxmox_exports = {};
@@ -317,6 +360,7 @@ __export(k8s_exports, {
   deploymentSpecSchema: () => deploymentSpecSchema,
   dns01TlsIssuer: () => dns01TlsIssuer,
   existingCluster: () => existingCluster,
+  gatewayApi: () => gatewayApi,
   gatewayEntity: () => gatewayEntity,
   interfaceEntity: () => interfaceEntity,
   internalIpsPolicySchema: () => internalIpsPolicySchema,
@@ -380,7 +424,10 @@ var clusterInfoSchema = Type5.Object({
   id: Type5.String(),
   name: Type5.String(),
   cni: Type5.Optional(Type5.String()),
-  externalIps: Type5.Array(Type5.String())
+  externalIps: Type5.Array(Type5.String()),
+  fqdn: Type5.Optional(Type5.String()),
+  kubeApiServerIp: Type5.Optional(Type5.String()),
+  kubeApiServerPort: Type5.Optional(Type5.Number())
 });
 var serviceTypeSchema = Type5.StringEnum(["NodePort", "LoadBalancer", "ClusterIP"]);
 var metadataSchema = Type5.Object({
@@ -542,14 +589,14 @@ var tlsIssuerEntity = defineEntity5({
   }
 });
 var accessPointEntity = defineEntity5({
-  type: "common.access-point",
+  type: "k8s.access-point",
   schema: Type5.Object({
     gateway: gatewayEntity.schema,
     tlsIssuer: tlsIssuerEntity.schema,
-    dnsProvider: providerEntity.schema
+    dnsProviders: Type5.Array(providerEntity.schema)
   }),
   meta: {
-    color: "#FFC107"
+    color: "#F57F17"
   }
 });
 var accessPoint = defineUnit5({
@@ -557,7 +604,10 @@ var accessPoint = defineUnit5({
   inputs: {
     gateway: gatewayEntity,
     tlsIssuer: tlsIssuerEntity,
-    dnsProvider: providerEntity
+    dnsProviders: {
+      entity: providerEntity,
+      multiple: true
+    }
   },
   outputs: {
     accessPoint: accessPointEntity
@@ -592,9 +642,27 @@ var certManager = defineUnit5({
 });
 var dns01TlsIssuer = defineUnit5({
   type: "k8s.dns01-issuer",
+  args: {
+    /**
+     * The top-level domains to filter the DNS01 challenge for.
+     *
+     * If not provided, will use all domains passed to the DNS providers.
+     *
+     * @schema
+     */
+    domains: {
+      ...Type5.Optional(Type5.Array(Type5.String())),
+      description: `The top-level domains to filter the DNS01 challenge for.
+
+ If not provided, will use all domains passed to the DNS providers.`
+    }
+  },
   inputs: {
     k8sCluster: clusterEntity2,
-    dnsProvider: providerEntity
+    dnsProviders: {
+      entity: providerEntity,
+      multiple: true
+    }
   },
   outputs: {
     tlsIssuer: tlsIssuerEntity
@@ -672,6 +740,25 @@ var interfaceEntity = defineEntity5({
     description: "The interface in a network space of pod kernel which can accept or transmit packets."
   }
 });
+var gatewayApi = defineUnit5({
+  type: "k8s.gateway-api",
+  inputs: {
+    k8sCluster: clusterEntity2
+  },
+  outputs: {
+    k8sCluster: clusterEntity2
+  },
+  meta: {
+    displayName: "Gateway API",
+    description: "Installs the Gateway API CRDs to the cluster.",
+    primaryIcon: "mdi:kubernetes",
+    primaryIconColor: "#4CAF50"
+  },
+  source: {
+    package: "@highstate/k8s",
+    path: "units/gateway-api"
+  }
+});
 
 // src/talos.ts
 var talos_exports = {};
@@ -1216,7 +1303,8 @@ var identity = defineUnit7({
      * The FQDN of the WireGuard identity.
      * Will be used as endpoint for the peer.
      *
-     * If `dnsProvider` is provided and `externalIp` is available, the FQDN will be registered automatically.
+     * If `dnsProvider` is provided, external IP is available and `registerFqdn` is set to `true`, and FQDN is provided explicitly (not obtained from the k8s cluster),
+     * the FQDN will be registered with the DNS provider.
      *
      * @schema
      */
@@ -1225,7 +1313,21 @@ var identity = defineUnit7({
       description: `The FQDN of the WireGuard identity.
  Will be used as endpoint for the peer.
 
- If \`dnsProvider\` is provided and \`externalIp\` is available, the FQDN will be registered automatically.`
+ If \`dnsProvider\` is provided, external IP is available and \`registerFqdn\` is set to \`true\`, and FQDN is provided explicitly (not obtained from the k8s cluster),
+ the FQDN will be registered with the DNS provider.`
+    },
+    /**
+     * Whether to register the FQDN of the identity with the DNS provider.
+     *
+     * By default, `true`.
+     *
+     * @schema
+     */
+    registerFqdn: {
+      ...Type7.Default(Type7.Boolean(), true),
+      description: `Whether to register the FQDN of the identity with the DNS provider.
+
+ By default, \`true\`.`
     }
   },
   secrets: {
@@ -1290,6 +1392,15 @@ var identity = defineUnit7({
 
  Their IP addresses will be added to the \`allowedIps\` of the identity and passed to the node to set up network policies.`
     },
+    /**
+     * The Kubernetes cluster associated with the identity.
+     *
+     * If provided, will be used to obtain the external IP or FQDN of the identity.
+     */
+    k8sCluster: {
+      entity: clusterEntity2,
+      required: false
+    },
     dnsProvider: {
       entity: providerEntity,
       required: false
@@ -2057,13 +2168,20 @@ __export(k3s_exports, {
   cluster: () => cluster2
 });
 import { defineUnit as defineUnit21 } from "@highstate/contract";
+import { Type as Type21 } from "@sinclair/typebox";
 var cluster2 = defineUnit21({
   type: "k3s.cluster",
   args: {
-    ...sharedClusterArgs
+    ...sharedClusterArgs,
+    config: Type21.Optional(Type21.Record(Type21.String(), Type21.Any()))
   },
   inputs: {
-    server: serverEntity
+    server: serverEntity,
+    dnsProviders: {
+      entity: providerEntity,
+      required: false,
+      multiple: true
+    }
   },
   outputs: {
     k8sCluster: clusterEntity2
@@ -2087,17 +2205,17 @@ __export(mullvad_exports, {
   endpointType: () => endpointType,
   peer: () => peer2
 });
-import { defineUnit as defineUnit22, Type as Type21 } from "@highstate/contract";
-var endpointType = Type21.Union([
-  Type21.Literal("fqdn"),
-  Type21.Literal("ipv4"),
-  Type21.Literal("ipv6")
+import { defineUnit as defineUnit22, Type as Type22 } from "@highstate/contract";
+var endpointType = Type22.Union([
+  Type22.Literal("fqdn"),
+  Type22.Literal("ipv4"),
+  Type22.Literal("ipv6")
 ]);
 var peer2 = defineUnit22({
   type: "mullvad.peer",
   args: {
-    hostname: Type21.Optional(Type21.String()),
-    endpointType: Type21.Optional({ ...endpointType, default: "fqdn" })
+    hostname: Type22.Optional(Type22.String()),
+    endpointType: Type22.Optional({ ...endpointType, default: "fqdn" })
   },
   inputs: {
     /**
@@ -2133,18 +2251,18 @@ __export(timeweb_exports, {
   connectionEntity: () => connectionEntity,
   virtualMachine: () => virtualMachine2
 });
-import { defineEntity as defineEntity12, defineUnit as defineUnit23, Type as Type22 } from "@highstate/contract";
+import { defineEntity as defineEntity12, defineUnit as defineUnit23, Type as Type23 } from "@highstate/contract";
 var connectionEntity = defineEntity12({
   type: "timeweb.connection",
-  schema: Type22.Object({
-    name: Type22.String(),
-    apiToken: Type22.String()
+  schema: Type23.Object({
+    name: Type23.String(),
+    apiToken: Type23.String()
   })
 });
 var connection3 = defineUnit23({
   type: "timeweb.connection",
   secrets: {
-    apiToken: Type22.String()
+    apiToken: Type23.String()
   },
   outputs: {
     connection: connectionEntity
@@ -2162,9 +2280,9 @@ var connection3 = defineUnit23({
 var virtualMachine2 = defineUnit23({
   type: "timeweb.virtual-machine",
   args: {
-    presetId: Type22.Optional(Type22.Number()),
-    osId: Type22.Optional(Type22.Number()),
-    availabilityZone: Type22.String()
+    presetId: Type23.Optional(Type23.Number()),
+    osId: Type23.Optional(Type23.Number()),
+    availabilityZone: Type23.String()
   },
   inputs: {
     connection: connectionEntity,
@@ -2174,7 +2292,7 @@ var virtualMachine2 = defineUnit23({
     }
   },
   secrets: {
-    sshPrivateKey: Type22.Optional(Type22.String())
+    sshPrivateKey: Type23.Optional(Type23.String())
   },
   outputs: {
     server: serverEntity
@@ -2190,6 +2308,186 @@ var virtualMachine2 = defineUnit23({
     path: "virtual-machine"
   }
 });
+
+// src/nixos.ts
+var nixos_exports = {};
+__export(nixos_exports, {
+  flakeEntity: () => flakeEntity,
+  inlineFlake: () => inlineFlake,
+  inlineModule: () => inlineModule,
+  inlineModuleEntity: () => inlineModuleEntity,
+  remoteFlake: () => remoteFlake,
+  system: () => system
+});
+import { defineEntity as defineEntity13, defineUnit as defineUnit24, Type as Type24 } from "@highstate/contract";
+var inlineModuleEntity = defineEntity13({
+  type: "nixos.inline-module",
+  schema: Type24.Object({
+    code: Type24.String()
+  }),
+  meta: {
+    displayName: "NixOS Inline Module",
+    description: "The NixOS module reference.",
+    color: "#5277c3"
+  }
+});
+var inlineModule = defineUnit24({
+  type: "nixos.inline-module",
+  args: {
+    code: Type24.String({ language: "nix" })
+  },
+  inputs: {
+    files: {
+      entity: fileEntity,
+      required: false,
+      multiple: true
+    }
+  },
+  outputs: {
+    module: inlineModuleEntity
+  },
+  meta: {
+    displayName: "NixOS Inline Module",
+    description: "Creates a NixOS module from inline code.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "mdi:file-code"
+  },
+  source: {
+    package: "@highstate/nixos",
+    path: "inline-module"
+  }
+});
+var flakeEntity = defineEntity13({
+  type: "nixos.flake",
+  schema: Type24.Object({
+    url: Type24.String()
+  }),
+  meta: {
+    displayName: "NixOS Flake",
+    description: "The NixOS flake reference.",
+    color: "#5277c3"
+  }
+});
+var remoteFlake = defineUnit24({
+  type: "nixos.remote-flake",
+  args: {
+    url: Type24.String()
+  },
+  outputs: {
+    flake: flakeEntity
+  },
+  meta: {
+    displayName: "NixOS Remote Flake",
+    description: "References a remote NixOS flake.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "simple-icons:git",
+    secondaryIconColor: "#f1502f"
+  },
+  source: {
+    package: "@highstate/nixos",
+    path: "flake"
+  }
+});
+var inlineFlake = defineUnit24({
+  type: "nixos.inline-flake",
+  args: {
+    code: Type24.String({ language: "nix" })
+  },
+  inputs: {
+    flakes: {
+      entity: flakeEntity,
+      required: false,
+      multiple: true
+    },
+    modules: {
+      entity: inlineModuleEntity,
+      required: false,
+      multiple: true
+    },
+    files: {
+      entity: fileEntity,
+      required: false,
+      multiple: true
+    }
+  },
+  outputs: {
+    flake: flakeEntity
+  },
+  meta: {
+    displayName: "NixOS Inline Flake",
+    description: "Creates a NixOS flake from inline code.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "mdi:file-code"
+  },
+  source: {
+    package: "@highstate/nixos",
+    path: "inline-flake"
+  }
+});
+var system = defineUnit24({
+  type: "nixos.system",
+  args: {
+    system: Type24.Optional(Type24.String())
+  },
+  inputs: {
+    flake: flakeEntity,
+    server: serverEntity,
+    modules: {
+      entity: inlineModuleEntity,
+      required: false,
+      multiple: true
+    }
+  },
+  outputs: {
+    server: serverEntity
+  },
+  meta: {
+    displayName: "NixOS System",
+    description: "Creates a NixOS system on top of any server.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "codicon:vm"
+  },
+  source: {
+    package: "@highstate/nixos",
+    path: "system"
+  }
+});
+
+// src/sops.ts
+var sops_exports = {};
+__export(sops_exports, {
+  secrets: () => secrets
+});
+import { defineUnit as defineUnit25, Type as Type25 } from "@highstate/contract";
+var secrets = defineUnit25({
+  type: "sops.secrets",
+  args: {
+    secrets: Type25.Record(Type25.String(), Type25.Any())
+  },
+  inputs: {
+    servers: {
+      entity: serverEntity,
+      required: false,
+      multiple: true
+    }
+  },
+  outputs: {
+    file: fileEntity
+  },
+  meta: {
+    displayName: "SOPS Secrets",
+    description: "Encrypts secrets using SOPS for the specified servers.",
+    primaryIcon: "mdi:file-lock"
+  },
+  source: {
+    package: "@highstate/sops",
+    path: "secrets"
+  }
+});
 export {
   apps_exports as apps,
   cloudflare_exports as cloudflare,
@@ -2198,8 +2496,10 @@ export {
   k3s_exports as k3s,
   k8s_exports as k8s,
   mullvad_exports as mullvad,
+  nixos_exports as nixos,
   proxmox_exports as proxmox,
   restic_exports as restic,
+  sops_exports as sops,
   ssh_exports as ssh,
   talos_exports as talos,
   timeweb_exports as timeweb,