feat: refactoring + system types

2026-02-09 12:29:19 -08:00 · 2022-10-02 12:34:00 -07:00 · 2022-10-02 12:34:00 -07:00 · 9794026f6c
commit 9794026f6c
parent a0f9d0ab48
36 changed files with 653 additions and 537 deletions
--- a/modules/esphome/deploy.nix
+++ b/modules/esphome/deploy.nix
@ -1,4 +1,4 @@
-{ tf, target, name, meta, config, lib, ... }:
+{ tf, target, name, meta, pkgs, config, lib, ... }:

 /*
  This module:
@ -15,9 +15,12 @@ let
    name = "unmergedValues";
    merge = loc: defs: map (def: def.value) defs;
  };
-in
-{
-  options.deploy.tf = mkOption {
+in {
+  options = {
+    out = mkOption {
+      type = types.str;
+    };
+    deploy.tf = mkOption {
    type = types.submodule {
      inherit (unmerged) freeformType;

@ -43,44 +46,68 @@ in
      };
    };
  };
+  };

  config = let
-    functionlessConfig = lib.removeAttrs config ["out" "_module" "platform" "deploy"];
+    functionlessConfig = lib.removeAttrs config ["out" "_module" "platform" "deploy" "secrets"];
    mutatedConfig = functionlessConfig // (optionalAttrs (config.platform != {}) {
      ${functionlessConfig.esphome.platform} = config.platform;
    });
    jsonConfig = builtins.toJSON mutatedConfig;
+    secretsMap = mapAttrs (name: _: tf.variables."${config.esphome.name}-secret-${name}".ref) config.secrets;
+    secretsFile = builtins.toJSON secretsMap;
    closureConfig = pkgs.writeText "${functionlessConfig.esphome.name}.json" jsonConfig;
-    closure-upload = pkgs.writeShellScriptBin "${functionlessConfig.esphome.name}-upload" ''
-      '';
-    in {
+    in mkMerge [
+    {
+      _module.args.tf = mapNullable (target: target.tf) target;
+      out = jsonConfig;
    deploy.tf = {
        attrs = [ "import" "imports" "out" "attrs" "triggers" ];
        import = genAttrs cfg.tf.imports (target: meta.deploy.targets.${target}.tf);
        out.set = removeAttrs cfg.tf cfg.tf.attrs;
        triggers = {
-          compile = {
+          upload = {
            system = config.out;
          };
        };
        resources = {
+          "${name}-secrets" = {
+            provider = "local";
+            type = "file";
+            inputs = {
+              filename = "${tf.terraform.dataDir}/esphome-${name}-secrets.json";
+              content = secretsFile;
+            };
+          };
          "${name}-upload" = {
            provider = "null";
            type = "resource";
-            inputs.triggers = cfg.tf.triggers.compile;
+            inputs.triggers = cfg.tf.triggers.upload;
            provisioners = [
              {
                type = "local-exec";
                local-exec.command = ''
-                  ${pkgs.esphome}/bin/esphome upload ${closureConfig}
+                  ${pkgs.esphome}/bin/esphome compile ${closureConfig} ${tf.resources."${name}-secrets".refAttr "filename"}
+                  ${pkgs.esphome}/bin/esphome upload ${closureConfig} --device ${name}.local
                '';
              }
            ];
          };
        };
      };
-
-    _module.args.tf = mapNullable (target: target.tf) target;
-  };
+    }
+    (mkIf (config.secrets != {}) {
+      deploy.tf.variables = mapAttrs' (name: content: let
+        parts = if hasInfix "#" content then splitString "#" content else content;
+        field = head (reverseList parts);
+        path = if length parts > 1 then head parts else "password";
+      in nameValuePair "${config.esphome.name}-secret-${name}" ({
+        value.shellCommand = "bitw get ${path} -f ${field}";
+        type = "string";
+        sensitive = true;
+      })
+    ) config.secrets;
+    })
+    ];
 }