From d6f242168591a8b14c44c6b6496b51a98cef89bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Thu, 22 Feb 2024 15:19:04 +0100 Subject: Migrate to nixdeploy --- .gitignore | 3 +- flake.lock | 57 +++++++------- flake.nix | 72 +++++++++-------- hosts.sh | 94 ---------------------- local.sh | 58 -------------- nixos/default.nix | 2 +- nixos/machine/errol.nix | 2 + nixos/machine/lipwig.nix | 5 ++ nixos/machine/ridcully.nix | 2 + nixos/machine/spt-mox.nix | 5 ++ nixos/machine/spt-mox2.nix | 5 ++ nixos/machine/spt-omnia.nix | 5 ++ tools/common.sh | 187 -------------------------------------------- 13 files changed, 94 insertions(+), 403 deletions(-) delete mode 100755 hosts.sh delete mode 100755 local.sh delete mode 100644 tools/common.sh diff --git a/.gitignore b/.gitignore index fd1b4ea..542669d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -result* -.result-* +.nixdeploy diff --git a/flake.lock b/flake.lock index 2c4788f..b552701 100644 --- a/flake.lock +++ b/flake.lock @@ -306,13 +306,32 @@ "type": "github" } }, + "nixdeploy": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1708611197, + "narHash": "sha256-4UoamtCUOgavrqlSUtbS9CZdWlkcSLjCdZkPWluHAwc=", + "owner": "cynerd", + "repo": "nixdeploy", + "rev": "1be94239235103433a7bc3d769ba411d2c44e02f", + "type": "gitlab" + }, + "original": { + "owner": "cynerd", + "repo": "nixdeploy", + "type": "gitlab" + } + }, "nixos-hardware": { "locked": { - "lastModified": 1708091350, - "narHash": "sha256-o28BJYi68qqvHipT7V2jkWxDiMS1LF9nxUsou+eFUPQ=", + "lastModified": 1708594753, + "narHash": "sha256-c/gH7iXS/IYH9NrFOT+aJqTq+iEBkvAkpWuUHGU3+f0=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "106d3fec43bcea19cb2e061ca02531d54b542ce3", + "rev": "3f7d0bca003eac1a1a7f4659bbab9c8f8c2a0958", "type": "github" }, "original": { @@ -320,24 +339,6 @@ "type": "indirect" } }, - "nixosdeploy": { - "inputs": { - "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "dirtyRev": "e3f3b2aae0944ed05eb28348de26ccb41e54403d-dirty", - "dirtyShortRev": "e3f3b2a-dirty", - "lastModified": 1706792024, - "narHash": "sha256-vXOxR7JlA93FqvIbI3BkOxiQH+swAyzVpsM+Z1MG23M=", - "type": "git", - "url": "file:///home/cynerd/projects/nixdeploy" - }, - "original": { - "type": "git", - "url": "file:///home/cynerd/projects/nixdeploy" - } - }, "nixpkgs": { "locked": { "lastModified": 1703013332, @@ -426,11 +427,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1708407374, - "narHash": "sha256-EECzarm+uqnNDCwaGg/ppXCO11qibZ1iigORShkkDf0=", + "lastModified": 1708469763, + "narHash": "sha256-wCJljz6nQdCAnfTx+3i4fWteB3TnVEq95z6d6LhwVKs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f33dd27a47ebdf11dc8a5eb05e7c8fbdaf89e73f", + "rev": "5eeded8e3518579daa13887297efa79f5be74b41", "type": "github" }, "original": { @@ -440,11 +441,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1708405701, - "narHash": "sha256-E78TXiZiR9irWdYAVltRxZPJ+pMxXPU5PjHwqq6XLtI=", + "lastModified": 1708535278, + "narHash": "sha256-WQHQ+311Mp8/L5+wB++6nnzeVscdF46hbAh/EwQdp/k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fa15b53dbea5028db38d6e09b4cef6eba42aeebb", + "rev": "591f9cbebeef5dfdcb24997a3069d7f29c365ab9", "type": "github" }, "original": { @@ -569,8 +570,8 @@ "flake-utils": "flake-utils", "flatline": "flatline", "nixbigclown": "nixbigclown", + "nixdeploy": "nixdeploy", "nixos-hardware": "nixos-hardware", - "nixosdeploy": "nixosdeploy", "nixpkgs": "nixpkgs_5", "nixturris": "nixturris", "personal-secret": "personal-secret", diff --git a/flake.nix b/flake.nix index 8e3c2bb..9e0a9bd 100644 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,7 @@ inputs = { nixpkgs.url = "nixpkgs/nixos-unstable-small"; nixos-hardware.url = "nixos-hardware"; + nixdeploy.url = "gitlab:cynerd/nixdeploy"; personal-secret.url = "git+ssh://git@cynerd.cz/nixos-personal-secret"; agenix.url = "github:ryantm/agenix"; @@ -27,40 +28,45 @@ shvspy, flatline, shvcli, + nixdeploy, shellrc, usbkey, ... - }: - with flake-utils.lib; - { - lib = import ./lib nixpkgs.lib; - overlays = { - noInherit = final: prev: import ./pkgs final prev; - default = nixpkgs.lib.composeManyExtensions [ - agenix.overlays.default - shvspy.overlays.default - flatline.overlays.default - shvcli.overlays.default - shellrc.overlays.default - usbkey.overlays.default - self.overlays.noInherit - ]; - }; - nixosModules = import ./nixos self; - nixosConfigurations = import ./nixos/configurations.nix self; - } - // eachDefaultSystem (system: let - pkgs = nixpkgs.legacyPackages."${system}".extend self.overlays.default; - in { - packages = with nixpkgs.lib; - mapAttrs' (n: v: - nameValuePair - "tarball-${n}" - v.buildPlatform.${system}.config.system.build.tarball) (filterAttrs - (n: v: v.config.system.build ? tarball) - self.nixosConfigurations); - legacyPackages = pkgs; - devShells = filterPackages system (import ./devShells pkgs); - formatter = pkgs.alejandra; - }); + }: let + inherit (flake-utils.lib) eachDefaultSystem filterPackages; + inherit (nixpkgs.lib) mapAttrs' nameValuePair filterAttrs; + in + { + lib = import ./lib nixpkgs.lib; + overlays = { + noInherit = final: prev: import ./pkgs final prev; + default = nixpkgs.lib.composeManyExtensions [ + agenix.overlays.default + shvspy.overlays.default + flatline.overlays.default + shvcli.overlays.default + nixdeploy.overlays.default + shellrc.overlays.default + usbkey.overlays.default + self.overlays.noInherit + ]; + }; + nixosModules = import ./nixos self; + nixosConfigurations = import ./nixos/configurations.nix self; + } + // eachDefaultSystem (system: let + pkgs = nixpkgs.legacyPackages."${system}".extend self.overlays.default; + in { + packages = { + default = pkgs.nixdeploy; + } // mapAttrs' (n: v: + nameValuePair + "tarball-${n}" + v.buildPlatform.${system}.config.system.build.tarball) (filterAttrs + (n: v: v.config.system.build ? tarball) + self.nixosConfigurations); + legacyPackages = pkgs; + devShells = filterPackages system (import ./devShells pkgs); + formatter = pkgs.alejandra; + }); } diff --git a/hosts.sh b/hosts.sh deleted file mode 100755 index a133f7b..0000000 --- a/hosts.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/usr/bin/env bash -source "${0%/*}/tools/common.sh" -declare -a default_hosts -################################################################################ -## x86_64 -# Desktops -default_hosts+=( "errol" "ridcully" ) -# VPSFree -default_hosts+=( "lipwig" ) - -## aarch64 -# Mox -default_hosts+=( "dean" "spt-mox" "spt-mox2" ) -# Raspberry Pi -default_hosts+=( "adm-mpd" ) - -## armv7 -# Omnia -default_hosts+=( "spt-omnia" "adm-omnia" "adm-omnia2" ) -# Raspberry Pi -default_hosts+=( "spt-mpd" ) - -################################################################################ -operation="${1:-}" -[ $# -gt 0 ] && shift - -declare -a selected_hosts -if [ $# -gt 0 ]; then - for host in "$@"; do - selected_hosts+=("$(sshhost "$host")") - done -else - selected_hosts=("${default_hosts[@]}") -fi - - -for_hosts() { - for host in "${selected_hosts[@]}"; do - for op in "$@"; do - if ! "$op" "$host"; then - error "Operation '$op' failed for: $host" >&2 - break - fi - done - done -} - - -case "$operation" in - help|h) - cat <<-EOF - Usage $0 operation [host]... - Local system builder and updater for remote hosts. - - Operations: - build: build host system - copy: copy built system to the host - boot: set built system to be boot default on the host - switch: switch to the built system on the target host - test: test the built system on the target host - EOF - ;; - build|b|"") - for_hosts build - ;; - copy|c) - for_hosts copy - ;; - boot) - for_hosts boot - ;; - switch|s) - for_hosts switch - ;; - test|t) - for_hosts switch_test - ;; - build-copy|bc) - for_hosts build copy - ;; - build-switch|bs) - for_hosts build copy switch - ;; - build-test|bt) - for_hosts build copy switch_test - ;; - build-boot|bb) - for_hosts build copy boot - ;; - *) - echo "Unknown operation: $operation" >&2 - exit 2 - ;; -esac diff --git a/local.sh b/local.sh deleted file mode 100755 index 809cadd..0000000 --- a/local.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash -source "${0%/*}/tools/common.sh" - -operations() { - for op in "$@"; do - if ! "$op" "$(hostname)"; then - error "Operation '$op' failed" >&2 - break - fi - done -} - -################################################################################ -operation="${1:-}" -if [ $# -gt 1 ]; then - echo "Invalid argument: $2" >&2 - exit 2 -fi - -case "$operation" in - help|h) - cat <<-EOF - Usage $0 operation [device]... - Local system builder and updater for remote devices. - - Operations: - build: build device system - boot: set built system to be boot default on the device - switch: switch to the built system on the target device - test: test the built system on the target device - EOF - ;; - build|b) - operations build - ;; - boot) - operations boot - ;; - switch|s) - operations switch - ;; - test|t) - operations switch_test - ;; - build-switch|bs|"") - operations build switch - ;; - build-test|bt) - operations build switch_test - ;; - build-boot|bb) - operations build boot - ;; - default) - echo "Unknown operation: $operation" >&2 - exit 2 - ;; -esac diff --git a/nixos/default.nix b/nixos/default.nix index 8385b11..b740024 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -8,7 +8,7 @@ in default = { imports = with self.inputs; [ - nixosdeploy.nixosModules.default + nixdeploy.nixosModules.default shellrc.nixosModules.default usbkey.nixosModules.default nixbigclown.nixosModules.default diff --git a/nixos/machine/errol.nix b/nixos/machine/errol.nix index 16223d0..8491f92 100644 --- a/nixos/machine/errol.nix +++ b/nixos/machine/errol.nix @@ -7,6 +7,8 @@ inherit (lib) mkDefault; in { config = { + deploy.enable = true; + cynerd = { desktop.enable = true; develop = true; diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix index 45d5215..7b4b7f6 100644 --- a/nixos/machine/lipwig.nix +++ b/nixos/machine/lipwig.nix @@ -5,6 +5,11 @@ ... }: { config = { + deploy = { + enable = true; + ssh.host = "cynerd.cz"; + }; + cynerd = { syncthing = { enable = false; diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix index 3afebdd..d16cdb2 100644 --- a/nixos/machine/ridcully.nix +++ b/nixos/machine/ridcully.nix @@ -7,6 +7,8 @@ inherit (lib) mkDefault; in { config = { + deploy.enable = true; + cynerd = { desktop.enable = true; develop = true; diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix index b223e86..2371b5e 100644 --- a/nixos/machine/spt-mox.nix +++ b/nixos/machine/spt-mox.nix @@ -7,6 +7,11 @@ with builtins; with lib; { config = { + deploy = { + enable = true; + ssh.host = "mox.spt"; + }; + cynerd = { home-assistant = true; switch = { diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix index 7eb5c59..73aba50 100644 --- a/nixos/machine/spt-mox2.nix +++ b/nixos/machine/spt-mox2.nix @@ -6,6 +6,11 @@ }: with lib; { config = { + deploy = { + enable = true; + ssh.host = "mox2.spt"; + }; + cynerd = { switch = { enable = true; diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix index f2ea4f0..c897abc 100644 --- a/nixos/machine/spt-omnia.nix +++ b/nixos/machine/spt-omnia.nix @@ -7,6 +7,11 @@ hosts = config.cynerd.hosts.spt; in { config = { + deploy = { + enable = true; + ssh.host = "omnia.spt"; + }; + cynerd = { router = { enable = true; diff --git a/tools/common.sh b/tools/common.sh deleted file mode 100644 index 2b8e948..0000000 --- a/tools/common.sh +++ /dev/null @@ -1,187 +0,0 @@ -# Common Bash functions for helper scripts in this repository -set -eu - -## Logging ##################################################################### -_print() { - local color="\e[$1m" - local clrcolor="\e[0m" - shift - if [ ! -t 1 ]; then - color="" - clrcolor="" - fi - printf "${color}%s${clrcolor}\n" "$*" >&2 -} - -stage() { - _print '1;32' "$@" -} - -info() { - _print '1;35' "$@" -} - -error() { - _print '1;31' "$@" -} -warning() { - _print '1;33' "$@" -} - -## SSH access helper ########################################################### - -# Convert hostname to the SSH destination -sshdest() { - if [ "$1" = "lipwig" ]; then - echo "cynerd.cz" - elif [ "$1" = "binky" ]; then - echo "binky.vpn" - else - awk -F- 'NF > 1 { print $2"."$1; exit } { print $1 }' <<<"$1" - fi -} - -# Reverse opeartion for sshdest -sshhost() { - if [ "$1" = "cynerd.cz" ]; then - echo "lipwig" - else - awk -F. 'NF > 1 { print $2"-"$1; exit } { print $1 }' <<<"$1" - fi -} - -_ssh() { - local device="$1" - shift - if [ "$device" != "$(hostname)" ]; then - ssh "$(sshdest "$device")" -- "$@" - else - if [ $# -gt 1 ]; then - "$@" - else - sh -c "$1" - fi - fi -} - -_rootssh() { - local device="$1" - local cmd="$2" - if [ "$device" != "$(hostname)" ]; then - ssh -t "$(sshdest "$device")" sudo "sh -c '${cmd}'" - else - sudo sh -c "$cmd" - fi -} - -## Evalutions and queries ###################################################### - -# The path where build result is linked to -result() { - echo ".result-$1" -} - -# Get system of the device -device_system() { - nix eval --raw ".#nixosConfigurations.$1.config.nixpkgs.hostPlatform.system" -} - -build_system() { - nix eval --raw --impure --expr 'builtins.currentSystem' -} - -# Validates if link is valid. -build_validate() { - local device="$1" - [ -L "$(result "$device")" ] && [ -e "$(result "$device")" ] -} - -## Build NixOS system ########################################################## -# $1: device name -# All other arguments are passed to the nix build command -build() { - local device="$1" - shift - - local toplevel="config.system.build.toplevel" - local bsystem="$(build_system)" - if [ "$bsystem" != "$(device_system "$device")" ]; then - toplevel="buildPlatform.$bsystem.$toplevel" - fi - - stage "Building system for device: $device" - nix build \ - -o "$(result "${device}")" \ - --keep-going \ - "$@" \ - "${0%/*}#nixosConfigurations.${device}.${toplevel}" -} - -## Copy NixOS system ########################################################### -# $1: device name -copy() { - local device="$1" - if ! build_validate "$device"; then - warning "System for device '$device' seems to be not build." >&2 - return 1 - fi - local store - store="$(readlink -f "$(result "$device")")" - - local freespace required; - freespace_raw="$(_ssh "$device" df -B 1 --output=avail /nix)" - freespace="$(echo "$freespace_raw" | tail -1)" - required="$(nix path-info -S "$store" | awk '{ print $2 }')" - info "Free space on device: $(numfmt --to=iec "$freespace")" - info "Required space: $(numfmt --to=iec "$required")" - if [ "$required" -ge "$freespace" ]; then - error "There is not enough space to copy clousure to: $device" >&2 - return 1 - fi - - stage "Copy closure to: $device" - nix copy -s --to "ssh://$(sshdest "$device")" "$store" -} - -## Switch Nix encironment ###################################################### -# $1: switch operation to be performed -# $2: device name -# TODO possibly really query if switch is or is not required -setenv() { - local switchop="$1" - local device="$2" - if ! build_validate "$device"; then - warning "System '$device' seems to be not build." >&2 - return 1 - fi - local store - store="$(readlink -f "$(result "$device")")" - - stage "${switchop^} system: $device" - local cursystem - cursystem="$(_ssh "$device" readlink -f /nix/var/nix/profiles/system)" - if [ "$cursystem" != "$store" ]; then - info "-----------------------------------------------------------------" - _ssh "$device" \ - nix store diff-closures "$cursystem" "$store" - info "-----------------------------------------------------------------" - local _store _switchop - printf -v _store '%q' "$store" - printf -v _switchop '%q' "$switchop" - _rootssh "$device" "$_store/bin/nixos-system $_switchop" - else - warning "The latest system might have been already set." - fi -} - -boot() { - setenv boot "$1" -} - -switch() { - setenv switch "$1" -} - -switch_test() { - setenv test "$1" -} -- cgit v1.2.3