repo: Add toplevels to packages

configs/all-configurations.nix

@@ -9,12 +9,14 @@
     imports = [
       ./pretalx/pretalx.nix
       ./pretalx/postgresql.nix
+      ./dummy.nix
     ];
   };
   pretalx-mysql = {
     imports = [
       ./pretalx/pretalx.nix
       ./pretalx/mysql.nix
+      ./dummy.nix
     ];
   };
 }

configs/dummy.nix

@@ -0,0 +1,18 @@
+# This dummy configuration contains:
+#   1. Options that probably anyone will copying from other files in
+#      `/configs/**/*.nix` will have defined anyways.
+#      The reason here is just to get rid of warnings and remove noise
+#      from the other configs
+#   2. Use the unbootable module so that we can evaluate the toplevel
+#      without caring about boot. This will usually be overriden with
+#      `pkgs.lib.mkForce` whenver we want to boot the system.
+#      The fact that we use this module is also hidden here, not to
+#      confuse anyone just wanting to copy paste from other files in
+#      `/configs/**/*.nix`.
+{...}: {
+  nixpkgs.hostPlatform = "x86_64-linux";
+  system.stateVersion = "23.05";
+
+  # See the module in `/modules/unbootable.nix`.
+  unbootable = true;
+}

configs/pretalx/pretalx.nix

@@ -3,21 +3,21 @@
   pkgs,
   ...
 }: {
-  imports = [./vm.nix];
-
-  nixpkgs.hostPlatform = "x86_64-linux";
-
   networking = {
     firewall.allowedTCPPorts = [config.services.nginx.defaultHTTPListenPort];
     hostName = "server";
     domain = "example.com";
   };
 
   sops = {
+    # See <https://github.com/Mic92/sops-nix>.
+
+    age.keyFile = "/dev/null"; # For a production configuration, set this option.
+    defaultSopsFile = "/dev/null"; # For a production configuration, set this option.
+    validateSopsFiles = false; # For a production configuration, remove this line.
+
     secrets = let
       pretalxSecret = {
-        # For a production configuration also `sopsFile` is required.
-        # See <https://github.com/Mic92/sops-nix>.
         owner = config.services.pretalx.user;
         group = config.services.pretalx.group;
       };
@@ -50,7 +50,6 @@
         backendFile = config.sops.secrets."pretalx/celery/backend".path;
         brokerFile = config.sops.secrets."pretalx/celery/broker".path;
       };
-
       init = {
         admin = {
           email = "pretalx@localhost";
@@ -77,6 +76,4 @@
       recommendedProxySettings = true;
     };
   };
-
-  system.stateVersion = "22.11";
 }

flake.nix

@@ -24,6 +24,12 @@
     ...
   }:
     with builtins; let
+      inherit
+        (nixpkgs.lib)
+        concatMapAttrs
+        nixosSystem
+        ;
+
       importPackages = pkgs:
         import ./all-packages.nix {
           inherit (pkgs) newScope lib;
@@ -45,14 +51,19 @@
           sops-nix = sops-nix.nixosModules.default;
         };
 
+      nixosSystemWithModules = config: nixosSystem {modules = [config] ++ attrValues extendedModules;};
+
       # Compute outputs that are invariant in the system architecture.
       allSystemsOutputs = system: let
         pkgs = importNixpkgs system [
           nix-php-composer-builder.overlays.default
         ];
         treefmtEval = loadTreefmt pkgs;
+        toplevel = name: config: {
+          "${name}-toplevel" = (nixosSystemWithModules config).config.system.build.toplevel;
+        };
       in {
-        packages = importPackages pkgs;
+        packages = (importPackages pkgs) // (concatMapAttrs toplevel importNixosConfigurations);
         formatter = treefmtEval.config.build.wrapper;
       };
     in
@@ -99,12 +110,7 @@
       # 3.
       // {
         nixosConfigurations =
-          mapAttrs (
-            _: config:
-              nixpkgs.lib.nixosSystem {
-                modules = [config] ++ nixpkgs.lib.attrValues extendedModules;
-              }
-          )
+          mapAttrs (_: config: nixosSystemWithModules config)
           importNixosConfigurations;
 
         nixosModules =

modules/all-modules.nix

@@ -5,4 +5,5 @@
   flarum = import ./flarum.nix;
   pretalx = import ./pretalx.nix;
   rosenpass = import ./rosenpass.nix;
+  unbootable = import ./unbootable.nix;
 }

modules/unbootable.nix

@@ -0,0 +1,41 @@
+# This module is used with configuraion examples, to obtain
+#
+#   config.system.build.toplevel
+#
+# without configuring any specific boot, i.e. no contaner (`boot.isContainer`)
+# or virtualisation ("${modulesPath}/virtualisation/qemu-vm.nix").
+# Of course, the resulting system is (by default) unbootable,
+# which might appear useless.
+# However, evaluation of the toplevel is slightly faster, and boot can
+# be restored by
+#
+#    unbootable = pkgs.lib.mkForce false;
+#
+# or simply setting
+#
+#    boot.initrd.enable
+#    boot.kernel.enable
+#    boot.loader.grub.enable
+#
+# accordingly.
+{
+  lib,
+  config,
+  ...
+}:
+with lib; {
+  options = {
+    unbootable = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Prevent the system from booting.";
+    };
+  };
+  config = mkIf config.unbootable {
+    boot = {
+      initrd.enable = mkDefault false;
+      kernel.enable = mkDefault false;
+      loader.grub.enable = mkDefault false;
+    };
+  };
+}

tests/all-tests.nix

@@ -8,6 +8,7 @@
       imports = [
         modules.pretalx
         modules.sops-nix
+        modules.unbootable
         configurations.pretalx-postgresql
       ];
     };

tests/pretalx/default.nix

@@ -11,6 +11,8 @@
         configurations.server
       ];
 
+      unbootable = pkgs.lib.mkForce false;
+
       sops = pkgs.lib.mkForce {
         age.keyFile = ./sops/keys.txt;
         defaultSopsFile = ./sops/pretalx.yaml;