@highstate/library 0.7.10 → 0.8.0

package/src/index.ts

@@ -12,3 +12,5 @@ export * as restic from "./restic"
 export * as mullvad from "./mullvad"
 export * as dns from "./dns"
 export * as timeweb from "./timeweb"
+export * as nixos from "./nixos"
+export * as sops from "./sops"

package/src/k3s.ts

@@ -1,16 +1,24 @@
 import { defineUnit } from "@highstate/contract"
+import { Type } from "@sinclair/typebox"
 import { serverEntity } from "./common"
 import { clusterEntity, sharedClusterArgs } from "./k8s"
+import { providerEntity } from "./dns"
 
 export const cluster = defineUnit({
   type: "k3s.cluster",
 
   args: {
     ...sharedClusterArgs,
+    config: Type.Optional(Type.Record(Type.String(), Type.Any())),
   },
 
   inputs: {
     server: serverEntity,
+    dnsProviders: {
+      entity: providerEntity,
+      required: false,
+      multiple: true,
+    },
   },
 
   outputs: {

package/src/k8s.ts

@@ -6,6 +6,9 @@ export const clusterInfoSchema = Type.Object({
   name: Type.String(),
   cni: Type.Optional(Type.String()),
   externalIps: Type.Array(Type.String()),
+  fqdn: Type.Optional(Type.String()),
+  kubeApiServerIp: Type.Optional(Type.String()),
+  kubeApiServerPort: Type.Optional(Type.Number()),
 })
 
 export const serviceTypeSchema = Type.StringEnum(["NodePort", "LoadBalancer", "ClusterIP"])
@@ -168,15 +171,16 @@ export const tlsIssuerEntity = defineEntity({
 })
 
 export const accessPointEntity = defineEntity({
-  type: "common.access-point",
+  type: "k8s.access-point",
+
   schema: Type.Object({
     gateway: gatewayEntity.schema,
     tlsIssuer: tlsIssuerEntity.schema,
-    dnsProvider: providerEntity.schema,
+    dnsProviders: Type.Array(providerEntity.schema),
   }),
 
   meta: {
-    color: "#FFC107",
+    color: "#F57F17",
   },
 })
 
@@ -186,7 +190,10 @@ export const accessPoint = defineUnit({
   inputs: {
     gateway: gatewayEntity,
     tlsIssuer: tlsIssuerEntity,
-    dnsProvider: providerEntity,
+    dnsProviders: {
+      entity: providerEntity,
+      multiple: true,
+    },
   },
 
   outputs: {
@@ -231,9 +238,23 @@ export const certManager = defineUnit({
 export const dns01TlsIssuer = defineUnit({
   type: "k8s.dns01-issuer",
 
+  args: {
+    /**
+     * The top-level domains to filter the DNS01 challenge for.
+     *
+     * If not provided, will use all domains passed to the DNS providers.
+     *
+     * @schema
+     */
+    domains: Type.Optional(Type.Array(Type.String())),
+  },
+
   inputs: {
     k8sCluster: clusterEntity,
-    dnsProvider: providerEntity,
+    dnsProviders: {
+      entity: providerEntity,
+      multiple: true,
+    },
   },
 
   outputs: {
@@ -333,6 +354,30 @@ export const interfaceEntity = defineEntity({
   },
 })
 
+export const gatewayApi = defineUnit({
+  type: "k8s.gateway-api",
+
+  inputs: {
+    k8sCluster: clusterEntity,
+  },
+
+  outputs: {
+    k8sCluster: clusterEntity,
+  },
+
+  meta: {
+    displayName: "Gateway API",
+    description: "Installs the Gateway API CRDs to the cluster.",
+    primaryIcon: "mdi:kubernetes",
+    primaryIconColor: "#4CAF50",
+  },
+
+  source: {
+    package: "@highstate/k8s",
+    path: "units/gateway-api",
+  },
+})
+
 export type ClusterInfo = Static<typeof clusterInfoSchema>
 export type Cluster = Static<typeof clusterEntity.schema>
 

package/src/nixos.ts

@@ -0,0 +1,167 @@
+import { defineEntity, defineUnit, Type } from "@highstate/contract"
+import { fileEntity, serverEntity } from "./common"
+
+export const inlineModuleEntity = defineEntity({
+  type: "nixos.inline-module",
+
+  schema: Type.Object({
+    code: Type.String(),
+  }),
+
+  meta: {
+    displayName: "NixOS Inline Module",
+    description: "The NixOS module reference.",
+    color: "#5277c3",
+  },
+})
+
+export const inlineModule = defineUnit({
+  type: "nixos.inline-module",
+
+  args: {
+    code: Type.String({ language: "nix" }),
+  },
+
+  inputs: {
+    files: {
+      entity: fileEntity,
+      required: false,
+      multiple: true,
+    },
+  },
+
+  outputs: {
+    module: inlineModuleEntity,
+  },
+
+  meta: {
+    displayName: "NixOS Inline Module",
+    description: "Creates a NixOS module from inline code.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "mdi:file-code",
+  },
+
+  source: {
+    package: "@highstate/nixos",
+    path: "inline-module",
+  },
+})
+
+export const flakeEntity = defineEntity({
+  type: "nixos.flake",
+
+  schema: Type.Object({
+    url: Type.String(),
+  }),
+
+  meta: {
+    displayName: "NixOS Flake",
+    description: "The NixOS flake reference.",
+    color: "#5277c3",
+  },
+})
+
+export const remoteFlake = defineUnit({
+  type: "nixos.remote-flake",
+
+  args: {
+    url: Type.String(),
+  },
+
+  outputs: {
+    flake: flakeEntity,
+  },
+
+  meta: {
+    displayName: "NixOS Remote Flake",
+    description: "References a remote NixOS flake.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "simple-icons:git",
+    secondaryIconColor: "#f1502f",
+  },
+
+  source: {
+    package: "@highstate/nixos",
+    path: "flake",
+  },
+})
+
+export const inlineFlake = defineUnit({
+  type: "nixos.inline-flake",
+
+  args: {
+    code: Type.String({ language: "nix" }),
+  },
+
+  inputs: {
+    flakes: {
+      entity: flakeEntity,
+      required: false,
+      multiple: true,
+    },
+    modules: {
+      entity: inlineModuleEntity,
+      required: false,
+      multiple: true,
+    },
+    files: {
+      entity: fileEntity,
+      required: false,
+      multiple: true,
+    },
+  },
+
+  outputs: {
+    flake: flakeEntity,
+  },
+
+  meta: {
+    displayName: "NixOS Inline Flake",
+    description: "Creates a NixOS flake from inline code.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "mdi:file-code",
+  },
+
+  source: {
+    package: "@highstate/nixos",
+    path: "inline-flake",
+  },
+})
+
+export const system = defineUnit({
+  type: "nixos.system",
+
+  args: {
+    system: Type.Optional(Type.String()),
+  },
+
+  inputs: {
+    flake: flakeEntity,
+    server: serverEntity,
+    modules: {
+      entity: inlineModuleEntity,
+      required: false,
+      multiple: true,
+    },
+  },
+
+  outputs: {
+    server: serverEntity,
+  },
+
+  meta: {
+    displayName: "NixOS System",
+    description: "Creates a NixOS system on top of any server.",
+    primaryIcon: "simple-icons:nixos",
+    primaryIconColor: "#7ebae4",
+    secondaryIcon: "codicon:vm",
+  },
+
+  source: {
+    package: "@highstate/nixos",
+    path: "system",
+  },
+})

package/src/sops.ts

@@ -0,0 +1,33 @@
+import { defineUnit, Type } from "@highstate/contract"
+import { fileEntity, serverEntity } from "./common"
+
+export const secrets = defineUnit({
+  type: "sops.secrets",
+
+  args: {
+    secrets: Type.Record(Type.String(), Type.Any()),
+  },
+
+  inputs: {
+    servers: {
+      entity: serverEntity,
+      required: false,
+      multiple: true,
+    },
+  },
+
+  outputs: {
+    file: fileEntity,
+  },
+
+  meta: {
+    displayName: "SOPS Secrets",
+    description: "Encrypts secrets using SOPS for the specified servers.",
+    primaryIcon: "mdi:file-lock",
+  },
+
+  source: {
+    package: "@highstate/sops",
+    path: "secrets",
+  },
+})

package/src/wireguard.ts

@@ -357,11 +357,21 @@ export const identity = defineUnit({
      * The FQDN of the WireGuard identity.
      * Will be used as endpoint for the peer.
      *
-     * If `dnsProvider` is provided and `externalIp` is available, the FQDN will be registered automatically.
+     * If `dnsProvider` is provided, external IP is available and `registerFqdn` is set to `true`, and FQDN is provided explicitly (not obtained from the k8s cluster),
+     * the FQDN will be registered with the DNS provider.
      *
      * @schema
      */
     fqdn: Type.Optional(Type.String()),
+
+    /**
+     * Whether to register the FQDN of the identity with the DNS provider.
+     *
+     * By default, `true`.
+     *
+     * @schema
+     */
+    registerFqdn: Type.Default(Type.Boolean(), true),
   },
 
   secrets: {
@@ -410,6 +420,16 @@ export const identity = defineUnit({
       required: false,
     },
 
+    /**
+     * The Kubernetes cluster associated with the identity.
+     *
+     * If provided, will be used to obtain the external IP or FQDN of the identity.
+     */
+    k8sCluster: {
+      entity: clusterEntity,
+      required: false,
+    },
+
     dnsProvider: {
       entity: providerEntity,
       required: false,