aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2024-02-22 15:19:04 +0100
committerKarel Kočí <cynerd@email.cz>2024-02-22 15:19:04 +0100
commitd6f242168591a8b14c44c6b6496b51a98cef89bd (patch)
tree97406289c8536a04987ee19e988639032a6eba34
parentc014ef4360ebc9fe23d5abf253141f44a94160ca (diff)
downloadnixos-personal-d6f242168591a8b14c44c6b6496b51a98cef89bd.tar.gz
nixos-personal-d6f242168591a8b14c44c6b6496b51a98cef89bd.tar.bz2
nixos-personal-d6f242168591a8b14c44c6b6496b51a98cef89bd.zip
Migrate to nixdeploy
-rw-r--r--.gitignore3
-rw-r--r--flake.lock57
-rw-r--r--flake.nix72
-rwxr-xr-xhosts.sh94
-rwxr-xr-xlocal.sh58
-rw-r--r--nixos/default.nix2
-rw-r--r--nixos/machine/errol.nix2
-rw-r--r--nixos/machine/lipwig.nix5
-rw-r--r--nixos/machine/ridcully.nix2
-rw-r--r--nixos/machine/spt-mox.nix5
-rw-r--r--nixos/machine/spt-mox2.nix5
-rw-r--r--nixos/machine/spt-omnia.nix5
-rw-r--r--tools/common.sh187
13 files changed, 94 insertions, 403 deletions
diff --git a/.gitignore b/.gitignore
index fd1b4ea..542669d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
-result*
-.result-*
+.nixdeploy
diff --git a/flake.lock b/flake.lock
index 2c4788f..b552701 100644
--- a/flake.lock
+++ b/flake.lock
@@ -306,13 +306,32 @@
"type": "github"
}
},
+ "nixdeploy": {
+ "inputs": {
+ "flake-utils": "flake-utils_4",
+ "nixpkgs": "nixpkgs_4"
+ },
+ "locked": {
+ "lastModified": 1708611197,
+ "narHash": "sha256-4UoamtCUOgavrqlSUtbS9CZdWlkcSLjCdZkPWluHAwc=",
+ "owner": "cynerd",
+ "repo": "nixdeploy",
+ "rev": "1be94239235103433a7bc3d769ba411d2c44e02f",
+ "type": "gitlab"
+ },
+ "original": {
+ "owner": "cynerd",
+ "repo": "nixdeploy",
+ "type": "gitlab"
+ }
+ },
"nixos-hardware": {
"locked": {
- "lastModified": 1708091350,
- "narHash": "sha256-o28BJYi68qqvHipT7V2jkWxDiMS1LF9nxUsou+eFUPQ=",
+ "lastModified": 1708594753,
+ "narHash": "sha256-c/gH7iXS/IYH9NrFOT+aJqTq+iEBkvAkpWuUHGU3+f0=",
"owner": "NixOS",
"repo": "nixos-hardware",
- "rev": "106d3fec43bcea19cb2e061ca02531d54b542ce3",
+ "rev": "3f7d0bca003eac1a1a7f4659bbab9c8f8c2a0958",
"type": "github"
},
"original": {
@@ -320,24 +339,6 @@
"type": "indirect"
}
},
- "nixosdeploy": {
- "inputs": {
- "flake-utils": "flake-utils_4",
- "nixpkgs": "nixpkgs_4"
- },
- "locked": {
- "dirtyRev": "e3f3b2aae0944ed05eb28348de26ccb41e54403d-dirty",
- "dirtyShortRev": "e3f3b2a-dirty",
- "lastModified": 1706792024,
- "narHash": "sha256-vXOxR7JlA93FqvIbI3BkOxiQH+swAyzVpsM+Z1MG23M=",
- "type": "git",
- "url": "file:///home/cynerd/projects/nixdeploy"
- },
- "original": {
- "type": "git",
- "url": "file:///home/cynerd/projects/nixdeploy"
- }
- },
"nixpkgs": {
"locked": {
"lastModified": 1703013332,
@@ -426,11 +427,11 @@
},
"nixpkgs_4": {
"locked": {
- "lastModified": 1708407374,
- "narHash": "sha256-EECzarm+uqnNDCwaGg/ppXCO11qibZ1iigORShkkDf0=",
+ "lastModified": 1708469763,
+ "narHash": "sha256-wCJljz6nQdCAnfTx+3i4fWteB3TnVEq95z6d6LhwVKs=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "f33dd27a47ebdf11dc8a5eb05e7c8fbdaf89e73f",
+ "rev": "5eeded8e3518579daa13887297efa79f5be74b41",
"type": "github"
},
"original": {
@@ -440,11 +441,11 @@
},
"nixpkgs_5": {
"locked": {
- "lastModified": 1708405701,
- "narHash": "sha256-E78TXiZiR9irWdYAVltRxZPJ+pMxXPU5PjHwqq6XLtI=",
+ "lastModified": 1708535278,
+ "narHash": "sha256-WQHQ+311Mp8/L5+wB++6nnzeVscdF46hbAh/EwQdp/k=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "fa15b53dbea5028db38d6e09b4cef6eba42aeebb",
+ "rev": "591f9cbebeef5dfdcb24997a3069d7f29c365ab9",
"type": "github"
},
"original": {
@@ -569,8 +570,8 @@
"flake-utils": "flake-utils",
"flatline": "flatline",
"nixbigclown": "nixbigclown",
+ "nixdeploy": "nixdeploy",
"nixos-hardware": "nixos-hardware",
- "nixosdeploy": "nixosdeploy",
"nixpkgs": "nixpkgs_5",
"nixturris": "nixturris",
"personal-secret": "personal-secret",
diff --git a/flake.nix b/flake.nix
index 8e3c2bb..9e0a9bd 100644
--- a/flake.nix
+++ b/flake.nix
@@ -4,6 +4,7 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable-small";
nixos-hardware.url = "nixos-hardware";
+ nixdeploy.url = "gitlab:cynerd/nixdeploy";
personal-secret.url = "git+ssh://git@cynerd.cz/nixos-personal-secret";
agenix.url = "github:ryantm/agenix";
@@ -27,40 +28,45 @@
shvspy,
flatline,
shvcli,
+ nixdeploy,
shellrc,
usbkey,
...
- }:
- with flake-utils.lib;
- {
- lib = import ./lib nixpkgs.lib;
- overlays = {
- noInherit = final: prev: import ./pkgs final prev;
- default = nixpkgs.lib.composeManyExtensions [
- agenix.overlays.default
- shvspy.overlays.default
- flatline.overlays.default
- shvcli.overlays.default
- shellrc.overlays.default
- usbkey.overlays.default
- self.overlays.noInherit
- ];
- };
- nixosModules = import ./nixos self;
- nixosConfigurations = import ./nixos/configurations.nix self;
- }
- // eachDefaultSystem (system: let
- pkgs = nixpkgs.legacyPackages."${system}".extend self.overlays.default;
- in {
- packages = with nixpkgs.lib;
- mapAttrs' (n: v:
- nameValuePair
- "tarball-${n}"
- v.buildPlatform.${system}.config.system.build.tarball) (filterAttrs
- (n: v: v.config.system.build ? tarball)
- self.nixosConfigurations);
- legacyPackages = pkgs;
- devShells = filterPackages system (import ./devShells pkgs);
- formatter = pkgs.alejandra;
- });
+ }: let
+ inherit (flake-utils.lib) eachDefaultSystem filterPackages;
+ inherit (nixpkgs.lib) mapAttrs' nameValuePair filterAttrs;
+ in
+ {
+ lib = import ./lib nixpkgs.lib;
+ overlays = {
+ noInherit = final: prev: import ./pkgs final prev;
+ default = nixpkgs.lib.composeManyExtensions [
+ agenix.overlays.default
+ shvspy.overlays.default
+ flatline.overlays.default
+ shvcli.overlays.default
+ nixdeploy.overlays.default
+ shellrc.overlays.default
+ usbkey.overlays.default
+ self.overlays.noInherit
+ ];
+ };
+ nixosModules = import ./nixos self;
+ nixosConfigurations = import ./nixos/configurations.nix self;
+ }
+ // eachDefaultSystem (system: let
+ pkgs = nixpkgs.legacyPackages."${system}".extend self.overlays.default;
+ in {
+ packages = {
+ default = pkgs.nixdeploy;
+ } // mapAttrs' (n: v:
+ nameValuePair
+ "tarball-${n}"
+ v.buildPlatform.${system}.config.system.build.tarball) (filterAttrs
+ (n: v: v.config.system.build ? tarball)
+ self.nixosConfigurations);
+ legacyPackages = pkgs;
+ devShells = filterPackages system (import ./devShells pkgs);
+ formatter = pkgs.alejandra;
+ });
}
diff --git a/hosts.sh b/hosts.sh
deleted file mode 100755
index a133f7b..0000000
--- a/hosts.sh
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/usr/bin/env bash
-source "${0%/*}/tools/common.sh"
-declare -a default_hosts
-################################################################################
-## x86_64
-# Desktops
-default_hosts+=( "errol" "ridcully" )
-# VPSFree
-default_hosts+=( "lipwig" )
-
-## aarch64
-# Mox
-default_hosts+=( "dean" "spt-mox" "spt-mox2" )
-# Raspberry Pi
-default_hosts+=( "adm-mpd" )
-
-## armv7
-# Omnia
-default_hosts+=( "spt-omnia" "adm-omnia" "adm-omnia2" )
-# Raspberry Pi
-default_hosts+=( "spt-mpd" )
-
-################################################################################
-operation="${1:-}"
-[ $# -gt 0 ] && shift
-
-declare -a selected_hosts
-if [ $# -gt 0 ]; then
- for host in "$@"; do
- selected_hosts+=("$(sshhost "$host")")
- done
-else
- selected_hosts=("${default_hosts[@]}")
-fi
-
-
-for_hosts() {
- for host in "${selected_hosts[@]}"; do
- for op in "$@"; do
- if ! "$op" "$host"; then
- error "Operation '$op' failed for: $host" >&2
- break
- fi
- done
- done
-}
-
-
-case "$operation" in
- help|h)
- cat <<-EOF
- Usage $0 operation [host]...
- Local system builder and updater for remote hosts.
-
- Operations:
- build: build host system
- copy: copy built system to the host
- boot: set built system to be boot default on the host
- switch: switch to the built system on the target host
- test: test the built system on the target host
- EOF
- ;;
- build|b|"")
- for_hosts build
- ;;
- copy|c)
- for_hosts copy
- ;;
- boot)
- for_hosts boot
- ;;
- switch|s)
- for_hosts switch
- ;;
- test|t)
- for_hosts switch_test
- ;;
- build-copy|bc)
- for_hosts build copy
- ;;
- build-switch|bs)
- for_hosts build copy switch
- ;;
- build-test|bt)
- for_hosts build copy switch_test
- ;;
- build-boot|bb)
- for_hosts build copy boot
- ;;
- *)
- echo "Unknown operation: $operation" >&2
- exit 2
- ;;
-esac
diff --git a/local.sh b/local.sh
deleted file mode 100755
index 809cadd..0000000
--- a/local.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/bin/env bash
-source "${0%/*}/tools/common.sh"
-
-operations() {
- for op in "$@"; do
- if ! "$op" "$(hostname)"; then
- error "Operation '$op' failed" >&2
- break
- fi
- done
-}
-
-################################################################################
-operation="${1:-}"
-if [ $# -gt 1 ]; then
- echo "Invalid argument: $2" >&2
- exit 2
-fi
-
-case "$operation" in
- help|h)
- cat <<-EOF
- Usage $0 operation [device]...
- Local system builder and updater for remote devices.
-
- Operations:
- build: build device system
- boot: set built system to be boot default on the device
- switch: switch to the built system on the target device
- test: test the built system on the target device
- EOF
- ;;
- build|b)
- operations build
- ;;
- boot)
- operations boot
- ;;
- switch|s)
- operations switch
- ;;
- test|t)
- operations switch_test
- ;;
- build-switch|bs|"")
- operations build switch
- ;;
- build-test|bt)
- operations build switch_test
- ;;
- build-boot|bb)
- operations build boot
- ;;
- default)
- echo "Unknown operation: $operation" >&2
- exit 2
- ;;
-esac
diff --git a/nixos/default.nix b/nixos/default.nix
index 8385b11..b740024 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -8,7 +8,7 @@ in
default = {
imports = with self.inputs;
[
- nixosdeploy.nixosModules.default
+ nixdeploy.nixosModules.default
shellrc.nixosModules.default
usbkey.nixosModules.default
nixbigclown.nixosModules.default
diff --git a/nixos/machine/errol.nix b/nixos/machine/errol.nix
index 16223d0..8491f92 100644
--- a/nixos/machine/errol.nix
+++ b/nixos/machine/errol.nix
@@ -7,6 +7,8 @@
inherit (lib) mkDefault;
in {
config = {
+ deploy.enable = true;
+
cynerd = {
desktop.enable = true;
develop = true;
diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix
index 45d5215..7b4b7f6 100644
--- a/nixos/machine/lipwig.nix
+++ b/nixos/machine/lipwig.nix
@@ -5,6 +5,11 @@
...
}: {
config = {
+ deploy = {
+ enable = true;
+ ssh.host = "cynerd.cz";
+ };
+
cynerd = {
syncthing = {
enable = false;
diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix
index 3afebdd..d16cdb2 100644
--- a/nixos/machine/ridcully.nix
+++ b/nixos/machine/ridcully.nix
@@ -7,6 +7,8 @@
inherit (lib) mkDefault;
in {
config = {
+ deploy.enable = true;
+
cynerd = {
desktop.enable = true;
develop = true;
diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix
index b223e86..2371b5e 100644
--- a/nixos/machine/spt-mox.nix
+++ b/nixos/machine/spt-mox.nix
@@ -7,6 +7,11 @@
with builtins;
with lib; {
config = {
+ deploy = {
+ enable = true;
+ ssh.host = "mox.spt";
+ };
+
cynerd = {
home-assistant = true;
switch = {
diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix
index 7eb5c59..73aba50 100644
--- a/nixos/machine/spt-mox2.nix
+++ b/nixos/machine/spt-mox2.nix
@@ -6,6 +6,11 @@
}:
with lib; {
config = {
+ deploy = {
+ enable = true;
+ ssh.host = "mox2.spt";
+ };
+
cynerd = {
switch = {
enable = true;
diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix
index f2ea4f0..c897abc 100644
--- a/nixos/machine/spt-omnia.nix
+++ b/nixos/machine/spt-omnia.nix
@@ -7,6 +7,11 @@
hosts = config.cynerd.hosts.spt;
in {
config = {
+ deploy = {
+ enable = true;
+ ssh.host = "omnia.spt";
+ };
+
cynerd = {
router = {
enable = true;
diff --git a/tools/common.sh b/tools/common.sh
deleted file mode 100644
index 2b8e948..0000000
--- a/tools/common.sh
+++ /dev/null
@@ -1,187 +0,0 @@
-# Common Bash functions for helper scripts in this repository
-set -eu
-
-## Logging #####################################################################
-_print() {
- local color="\e[$1m"
- local clrcolor="\e[0m"
- shift
- if [ ! -t 1 ]; then
- color=""
- clrcolor=""
- fi
- printf "${color}%s${clrcolor}\n" "$*" >&2
-}
-
-stage() {
- _print '1;32' "$@"
-}
-
-info() {
- _print '1;35' "$@"
-}
-
-error() {
- _print '1;31' "$@"
-}
-warning() {
- _print '1;33' "$@"
-}
-
-## SSH access helper ###########################################################
-
-# Convert hostname to the SSH destination
-sshdest() {
- if [ "$1" = "lipwig" ]; then
- echo "cynerd.cz"
- elif [ "$1" = "binky" ]; then
- echo "binky.vpn"
- else
- awk -F- 'NF > 1 { print $2"."$1; exit } { print $1 }' <<<"$1"
- fi
-}
-
-# Reverse opeartion for sshdest
-sshhost() {
- if [ "$1" = "cynerd.cz" ]; then
- echo "lipwig"
- else
- awk -F. 'NF > 1 { print $2"-"$1; exit } { print $1 }' <<<"$1"
- fi
-}
-
-_ssh() {
- local device="$1"
- shift
- if [ "$device" != "$(hostname)" ]; then
- ssh "$(sshdest "$device")" -- "$@"
- else
- if [ $# -gt 1 ]; then
- "$@"
- else
- sh -c "$1"
- fi
- fi
-}
-
-_rootssh() {
- local device="$1"
- local cmd="$2"
- if [ "$device" != "$(hostname)" ]; then
- ssh -t "$(sshdest "$device")" sudo "sh -c '${cmd}'"
- else
- sudo sh -c "$cmd"
- fi
-}
-
-## Evalutions and queries ######################################################
-
-# The path where build result is linked to
-result() {
- echo ".result-$1"
-}
-
-# Get system of the device
-device_system() {
- nix eval --raw ".#nixosConfigurations.$1.config.nixpkgs.hostPlatform.system"
-}
-
-build_system() {
- nix eval --raw --impure --expr 'builtins.currentSystem'
-}
-
-# Validates if link is valid.
-build_validate() {
- local device="$1"
- [ -L "$(result "$device")" ] && [ -e "$(result "$device")" ]
-}
-
-## Build NixOS system ##########################################################
-# $1: device name
-# All other arguments are passed to the nix build command
-build() {
- local device="$1"
- shift
-
- local toplevel="config.system.build.toplevel"
- local bsystem="$(build_system)"
- if [ "$bsystem" != "$(device_system "$device")" ]; then
- toplevel="buildPlatform.$bsystem.$toplevel"
- fi
-
- stage "Building system for device: $device"
- nix build \
- -o "$(result "${device}")" \
- --keep-going \
- "$@" \
- "${0%/*}#nixosConfigurations.${device}.${toplevel}"
-}
-
-## Copy NixOS system ###########################################################
-# $1: device name
-copy() {
- local device="$1"
- if ! build_validate "$device"; then
- warning "System for device '$device' seems to be not build." >&2
- return 1
- fi
- local store
- store="$(readlink -f "$(result "$device")")"
-
- local freespace required;
- freespace_raw="$(_ssh "$device" df -B 1 --output=avail /nix)"
- freespace="$(echo "$freespace_raw" | tail -1)"
- required="$(nix path-info -S "$store" | awk '{ print $2 }')"
- info "Free space on device: $(numfmt --to=iec "$freespace")"
- info "Required space: $(numfmt --to=iec "$required")"
- if [ "$required" -ge "$freespace" ]; then
- error "There is not enough space to copy clousure to: $device" >&2
- return 1
- fi
-
- stage "Copy closure to: $device"
- nix copy -s --to "ssh://$(sshdest "$device")" "$store"
-}
-
-## Switch Nix encironment ######################################################
-# $1: switch operation to be performed
-# $2: device name
-# TODO possibly really query if switch is or is not required
-setenv() {
- local switchop="$1"
- local device="$2"
- if ! build_validate "$device"; then
- warning "System '$device' seems to be not build." >&2
- return 1
- fi
- local store
- store="$(readlink -f "$(result "$device")")"
-
- stage "${switchop^} system: $device"
- local cursystem
- cursystem="$(_ssh "$device" readlink -f /nix/var/nix/profiles/system)"
- if [ "$cursystem" != "$store" ]; then
- info "-----------------------------------------------------------------"
- _ssh "$device" \
- nix store diff-closures "$cursystem" "$store"
- info "-----------------------------------------------------------------"
- local _store _switchop
- printf -v _store '%q' "$store"
- printf -v _switchop '%q' "$switchop"
- _rootssh "$device" "$_store/bin/nixos-system $_switchop"
- else
- warning "The latest system might have been already set."
- fi
-}
-
-boot() {
- setenv boot "$1"
-}
-
-switch() {
- setenv switch "$1"
-}
-
-switch_test() {
- setenv test "$1"
-}