fix(deploy-rs)!: complete

Now makes correct `deploy-rs` node definitions
    - defined by a `deploy.nix` file in the system configuration directory
    - has extra attribute `hostname` used for `deploy` invocations (might differ from local hostname)
    - single `system` profile, based on output configurations
Supports `nixos` and `nix-darwin` (for now)
Add example `deploy.nix`
This commit is contained in:
reo101 2023-07-30 00:00:17 +03:00
parent 2fea5ded7b
commit 6c7f65c018
Signed by: reo101
GPG key ID: 675AA7EF13964ACB
2 changed files with 168 additions and 48 deletions

View file

@ -0,0 +1,42 @@
{
# This is the hostname by which you'll refer to this machine using reploy-rs
hostname = "server";
# This is the user that deploy-rs will use when connecting.
# This will default to your own username if not specified anywhere
sshUser = "admin";
# This is the user that the profile will be deployed to (will use sudo if not the same as above).
# If `sshUser` is specified, this will be the default (though it will _not_ default to your own username)
user = "root";
# Which sudo command to use. Must accept at least two arguments:
# the user name to execute commands as and the rest is the command to execute
# This will default to "sudo -u" if not specified anywhere.
sudo = "doas -u";
# This is an optional list of arguments that will be passed to SSH.
sshOpts = [ "-p" "2121" ];
# Fast connection to the node. If this is true, copy the whole closure instead of letting the node substitute.
# This defaults to `false`
fastConnection = false;
# If the previous profile should be re-activated if activation fails.
# This defaults to `true`
autoRollback = true;
# See the earlier section about Magic Rollback for more information.
# This defaults to `true`
magicRollback = true;
# The path which deploy-rs will use for temporary files, this is currently only used by `magicRollback` to create an inotify watcher in for confirmations
# If not specified, this will default to `/tmp`
# (if `magicRollback` is in use, this _must_ be writable by `user`)
tempPath = "/home/someuser/.deploy-rs";
# Build the derivation on the target system.
# Will also fetch all external dependencies from the target system's substituters.
# This default to `false`
remoteBuild = true;
}

View file

@ -99,17 +99,17 @@ rec {
]; ];
# Modules # Modules
nixosModules = createModules ../modules/nixos { }; nixosModules = createModules ../modules/nixos { };
nixOnDroidModules = createModules ../modules/nix-on-droid { }; nixOnDroidModules = createModules ../modules/nix-on-droid { };
nixDarwinModules = createModules ../modules/nix-darwin { }; nixDarwinModules = createModules ../modules/nix-darwin { };
homeManagerModules = createModules ../modules/home-manager { }; homeManagerModules = createModules ../modules/home-manager { };
# Machines # Machines
machines = recurseDir ../machines; machines = recurseDir ../machines;
homeManagerMachines = machines.home-manager or { }; homeManagerMachines = machines.home-manager or { };
nixDarwinMachines = machines.nix-darwin or { }; nixDarwinMachines = machines.nix-darwin or { };
nixOnDroidMachines = machines.nix-on-droid or { }; nixOnDroidMachines = machines.nix-on-droid or { };
nixosMachines = machines.nixos or { }; nixosMachines = machines.nixos or { };
# Configuration helpers # Configuration helpers
mkNixosHost = root: system: hostname: users: lib.nixosSystem { mkNixosHost = root: system: hostname: users: lib.nixosSystem {
@ -134,7 +134,7 @@ rec {
}; };
} }
{ {
networking.hostName = hostname; networking.hostName = lib.mkDefault hostname;
} }
] ++ (builtins.attrValues nixosModules); ] ++ (builtins.attrValues nixosModules);
@ -228,15 +228,15 @@ rec {
(builtins.attrValues (builtins.attrValues
(builtins.mapAttrs (builtins.mapAttrs
(system: hosts: (system: hosts:
lib.filterAttrs lib.filterAttrs
(host: config:
config != null)
(builtins.mapAttrs
(host: config: (host: config:
config != null) if (pred system host config)
(builtins.mapAttrs then mkHost system host config
(host: config: else null)
if (pred system host config) hosts))
then mkHost system host config
else null)
hosts))
machines)); machines));
# Configurations # Configurations
@ -316,37 +316,115 @@ rec {
host) host)
homeManagerMachines; homeManagerMachines;
# Deploy.rs nodes # Automatic deploy.rs nodes (for NixOS and nix-darwin)
deploy.autoNodes =
let
# TODO: extract `${system}` from `nixosConfigurations`
system = "x86_64-linux";
deploy-rs-config = system: host:
../machines/nixos/${system}/${host}/deploy.nix;
in
lib.pipe
outputs.nixosConfigurations
[
(lib.filterAttrs
(host: config:
builtins.pathExists (deploy-rs-config system host)))
(lib.mapAttrs
(host: config:
let
nodeConfig = import (deploy-rs-config system host);
system = config.pkgs.system;
in
{
inherit (nodeConfig)
hostname;
profiles.system = {
path = inputs.deploy-rs.lib.${system}.activate.nixos config;
inherit (nodeConfig)
sshUser user sshOpts
magicRollback remoteBuild;
};
}))
];
autoChecks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib; gen-config-type-to = mappings: mkError: config-type:
mappings.${config-type} or
(builtins.throw
(mkError config-type));
config-type-to-outputs-machines =
gen-config-type-to
{
nixos = "nixosMachines";
nix-on-droid = "nixOnDroidMachines";
nix-darwin = "nixDarwinMachines";
home-manager = "homeMachines";
}
(config-type:
builtins.throw
"Invaild config-type \"${config-type}\" for flake outputs' machines");
config-type-to-outputs-configurations =
gen-config-type-to
{
nixos = "nixosConfigurations";
nix-on-droid = "nixOnDroidConfigurations";
nix-darwin = "darwinConfigurations";
home-manager = "homeConfigurations";
}
(config-type:
builtins.throw
"Invaild config-type \"${config-type}\" for flake outputs' configurations");
config-type-to-deploy-type =
gen-config-type-to
{
nixos = "nixos";
nix-darwin = "darwin";
}
(config-type:
builtins.throw
"Invaild config-type \"${config-type}\" for deploy-rs deployment");
deploy.autoNodes =
lib.flip lib.concatMapAttrs
(lib.genAttrs
[
"nixos"
"nix-darwin"
]
(config-type:
let
machines = config-type-to-outputs-machines config-type;
in
outputs.${machines}))
(config-type: machines:
lib.pipe
machines
[
# Filter out nondirectories
(lib.filterAttrs
(system: configs:
builtins.isAttrs configs))
# Convert non-template configs into `system-and-config` pairs
(lib.concatMapAttrs
(system: configs:
(lib.concatMapAttrs
(host: config:
lib.optionalAttrs
(host != "__template__")
{
${host} = {
inherit system;
config =
let
configurations = config-type-to-outputs-configurations config-type;
in
outputs.${configurations}.${host};
};
})
configs)))
# Convert each `system-and-config` pair into a deploy-rs node
(lib.concatMapAttrs
(host: { system, config }:
let
deploy-config-path =
../machines/${config-type}/${system}/${host}/deploy.nix;
deploy-config =
import deploy-config-path;
in
lib.optionalAttrs
(builtins.pathExists deploy-config-path)
{
${host} = {
inherit (deploy-config)
hostname;
profiles.system = deploy-config // {
path =
let
deploy-type = config-type-to-deploy-type config-type;
in
inputs.deploy-rs.lib.${system}.activate.${deploy-type} config;
};
};
}))
]);
autoChecks =
lib.mapAttrs
(system: deployLib:
deployLib.deployChecks
outputs.deploy)
inputs.deploy-rs.lib;
} }