refactor(users/flokli): unify archeology and archivist

This merges the two directories together, and explains the two different AWS profiles and what they're used for. Change-Id: Ieaa09be5af02491056f5ad83b1d639e2de9a218b Reviewed-on: https://cl.snix.dev/c/snix/+/30102 Autosubmit: Florian Klink <flokli@flokli.de> Reviewed-by: Ryan Lahfa <masterancpp@gmail.com> Tested-by: besadii
2025-03-18 13:39:41 +00:00 · 2025-03-18 13:39:41 +00:00 · 2bdb497c85
commit 2bdb497c85
parent 580f03f6fd
12 changed files with 74 additions and 74 deletions
--- a/users/flokli/archivist/default.nix
+++ b/users/flokli/archivist/default.nix
@ -2,7 +2,41 @@
 , pkgs
 , ...
 }:
+
+let
+  clickhouseConfigAWS = builtins.toFile "clickhouse-local.xml" ''
+    <clickhouse>
+        <s3>
+          <use_environment_credentials>true</use_environment_credentials>
+        </s3>
+    </clickhouse>
+  '';
+  # clickhouse has a very odd AWS config concept.
+  # Configure it to be a bit more sane.
+  clickhouseLocalFixedAWS = pkgs.runCommand "clickhouse-local-fixed"
+    {
+      nativeBuildInputs = [ pkgs.makeWrapper ];
+    } ''
+    mkdir -p $out/bin
+    makeWrapper ${pkgs.clickhouse}/bin/clickhouse-local $out/bin/clickhouse-local \
+      --append-flags "-C ${clickhouseConfigAWS}"
+  '';
+
+in
 depot.nix.readTree.drvTargets {
+  inherit clickhouseLocalFixedAWS;
+
+  parse-bucket-logs = pkgs.runCommand "archivist-parse-bucket-logs"
+    {
+      nativeBuildInputs = [ pkgs.makeWrapper ];
+    } ''
+    mkdir -p $out/bin
+    makeWrapper ${(pkgs.writers.writeRust "parse-bucket-logs-unwrapped" {} ./parse_bucket_logs.rs)} $out/bin/archivist-parse-bucket-logs \
+      --prefix PATH : ${pkgs.lib.makeBinPath [ clickhouseLocalFixedAWS ]}
+  '';
+
+
+  # A shell, by default pointing us to the archivist SSO profile / account by default.
  shell = pkgs.mkShell {
    name = "archivist-shell";
    packages = with pkgs; [ awscli2 ];
@ -14,15 +48,15 @@ depot.nix.readTree.drvTargets {
      sso_start_url = https://nixos.awsapps.com/start
      sso_registration_scopes = sso:account:access

-      [profile "archivist"]
-      sso_session = nixos
-      sso_account_id = 286553126452
-      sso_role_name = AWSAdministratorAccess
-
      [profile "archeologist"]
      sso_session = nixos
-      sso_account_id = 080433136561
+      sso_account_id = 080433136561 # nixos root
      sso_role_name = archeologist
+
+      [profile "archivist"]
+      sso_session = nixos
+      sso_account_id = 286553126452 # archivist
+      sso_role_name = AWSAdministratorAccess
    '';
  };
 }