1
0
Fork 0

all: switch back to deploy-rs
All checks were successful
Build / build-amd64-linux (push) Successful in 28s
Build / build-arm64-linux (push) Successful in 57s

This commit is contained in:
Daniel Kempkens 2024-07-23 22:03:30 +02:00
parent e892312ecd
commit 2b55805176
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
10 changed files with 187 additions and 125 deletions

View file

@ -72,6 +72,28 @@
"type": "github" "type": "github"
} }
}, },
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1718194053,
"narHash": "sha256-FaGrf7qwZ99ehPJCAwgvNY5sLCqQ3GDiE/6uLhxxwSY=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "3867348fa92bc892eba5d9ddb2d7a97b9e127a8a",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -141,6 +163,22 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
@ -212,7 +250,7 @@
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -230,7 +268,7 @@
}, },
"flake-utils_3": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,
@ -381,7 +419,7 @@
}, },
"neovim-nightly-overlay": { "neovim-nightly-overlay": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_3",
"flake-parts": [ "flake-parts": [
"flake-parts" "flake-parts"
], ],
@ -574,7 +612,7 @@
"nifoc-overlay", "nifoc-overlay",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_4", "systems": "systems_5",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
@ -593,7 +631,7 @@
}, },
"pre-commit-hooks-nix": { "pre-commit-hooks-nix": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_4",
"gitignore": "gitignore", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
@ -618,6 +656,7 @@
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"attic": "attic", "attic": "attic",
"deploy-rs": "deploy-rs",
"disko": "disko", "disko": "disko",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-root": "flake-root", "flake-root": "flake-root",
@ -679,6 +718,21 @@
} }
}, },
"systems_4": { "systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_5": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -733,6 +787,24 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

View file

@ -16,6 +16,11 @@
flake-root.url = "github:srid/flake-root"; flake-root.url = "github:srid/flake-root";
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
treefmt-nix = { treefmt-nix = {
url = "github:numtide/treefmt-nix"; url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -82,12 +87,13 @@
}; };
}; };
outputs = inputs@{ self, flake-parts, ... }: outputs = inputs@{ flake-parts, lix-module, deploy-rs, ... }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
flake = flake =
let let
Styx = import ./system/flakes/Styx.nix { Styx = import ./system/flakes/Styx.nix {
inherit (inputs) nixpkgs lix-module home-manager nix-darwin agenix; inherit (inputs) nixpkgs home-manager nix-darwin agenix;
inherit lix-module;
inherit inputs; inherit inputs;
}; };
@ -98,6 +104,7 @@
mediaserver = import ./system/flakes/mediaserver.nix { mediaserver = import ./system/flakes/mediaserver.nix {
inherit (inputs) nixpkgs home-manager agenix; inherit (inputs) nixpkgs home-manager agenix;
inherit lix-module;
inherit inputs; inherit inputs;
}; };
@ -107,8 +114,8 @@
}; };
neon = import ./system/flakes/neon.nix { neon = import ./system/flakes/neon.nix {
inherit (inputs) nixpkgs nixos-hardware home-manager agenix; inherit (inputs) nixpkgs nixos-hardware home-manager agenix neovim-nightly-overlay nifoc-overlay;
inherit inputs; inherit lix-module;
}; };
adsb-antenna = import ./system/flakes/adsb-antenna.nix { adsb-antenna = import ./system/flakes/adsb-antenna.nix {
@ -129,26 +136,20 @@
adsb-antenna = adsb-antenna.system; adsb-antenna = adsb-antenna.system;
}; };
colmena = deploy.nodes =
let let
nixosConf = self.nixosConfigurations; mkDeployConfig = node: node.deployment // {
profiles.system = {
path = deploy-rs.lib.${node.arch}.activate.nixos node.system;
};
};
in in
{ {
meta = { tanker = mkDeployConfig tanker;
# Since I'm only deploying from Styx ... mediaserver = mkDeployConfig mediaserver;
nixpkgs = import inputs.nixpkgs { argon = mkDeployConfig argon;
system = "aarch64-darwin"; neon = mkDeployConfig neon;
}; adsb-antenna = mkDeployConfig adsb-antenna;
nodeNixpkgs = builtins.mapAttrs (_name: value: value.pkgs) nixosConf;
nodeSpecialArgs = builtins.mapAttrs (_name: value: value._module.specialArgs) nixosConf;
};
tanker = tanker.colmena;
mediaserver = mediaserver.colmena;
argon = argon.colmena;
neon = neon.colmena;
adsb-antenna = adsb-antenna.colmena;
}; };
}; };
@ -199,7 +200,7 @@
packages = [ packages = [
inputs'.agenix.packages.agenix inputs'.agenix.packages.agenix
pkgs.colmena inputs'.deploy-rs.packages.default
pkgs.nix-output-monitor pkgs.nix-output-monitor
]; ];

View file

@ -35,7 +35,10 @@ if test "$other_hostname" = ""
end end
else else
git pull git pull
colmena apply --on $other_hostname -v nom build --eval-store auto --store "ssh-ng://$other_hostname.ts.kempkens.network" ".#nixosConfigurations.$other_hostname.config.system.build.toplevel"
if test $status -eq 0
deploy --skip-checks ".#$other_hostname"
end
end end
if test $status -eq 0 if test $status -eq 0

View file

@ -20,7 +20,9 @@ let
}; };
}; };
in in
rec { {
arch = default-system;
system = nixpkgs.lib.nixosSystem { system = nixpkgs.lib.nixosSystem {
system = default-system; system = default-system;
modules = [ modules = [
@ -44,16 +46,13 @@ rec {
]; ];
}; };
colmena = { deployment = {
deployment = { hostname = "adsb-antenna";
targetHost = "adsb-antenna"; sshUser = "root";
targetPort = 22; remoteBuild = false;
targetUser = "root"; autoRollback = false;
magicRollback = false;
tags = [ "home" "rpi4" ]; activationTimeout = 600;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -3,7 +3,6 @@
let let
default-system = "aarch64-linux"; default-system = "aarch64-linux";
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
inputs.neovim-nightly-overlay.overlays.default inputs.neovim-nightly-overlay.overlays.default
@ -14,13 +13,13 @@ let
allowUnfree = true; allowUnfree = true;
allowBroken = true; allowBroken = true;
permittedInsecurePackages = [ permittedInsecurePackages = [ ];
"openssl-1.1.1t"
];
}; };
}; };
in in
rec { {
arch = default-system;
system = nixpkgs.lib.nixosSystem { system = nixpkgs.lib.nixosSystem {
system = default-system; system = default-system;
modules = [ modules = [
@ -46,17 +45,11 @@ rec {
]; ];
}; };
colmena = { deployment = {
deployment = { hostname = "argon";
targetHost = "argon"; sshUser = "root";
targetPort = 22; remoteBuild = true;
targetUser = "root"; autoRollback = false;
buildOnTarget = true; magicRollback = false;
tags = [ "home" "rpi4" ];
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,4 +1,4 @@
{ nixpkgs, home-manager, agenix, inputs, ... }: { nixpkgs, lix-module, home-manager, agenix, inputs, ... }:
let let
default-system = "x86_64-linux"; default-system = "x86_64-linux";
@ -13,47 +13,46 @@ let
allowUnfree = true; allowUnfree = true;
allowBroken = true; allowBroken = true;
permittedInsecurePackages = [ permittedInsecurePackages = [ ];
"openssl-1.1.1t"
];
}; };
}; };
in in
rec { {
arch = default-system;
system = nixpkgs.lib.nixosSystem { system = nixpkgs.lib.nixosSystem {
system = default-system; system = default-system;
modules = [ modules = [
../hosts/mediaserver.nix
home-manager.nixosModules.home-manager
agenix.nixosModules.default
{ {
nixpkgs = nixpkgsConfig; nixpkgs = nixpkgsConfig;
nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; nix = {
nix.registry.nixpkgs.flake = nixpkgs; registry.nixpkgs.to = { type = "path"; path = nixpkgs.outPath; };
nixPath = nixpkgs.lib.mkForce [ "nixpkgs=flake:nixpkgs" ];
};
}
lix-module.nixosModules.default
home-manager.nixosModules.home-manager
{
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
users.daniel = import ../../home/hosts/mediaserver.nix; users.daniel = import ../../home/hosts/mediaserver.nix;
}; };
} }
agenix.nixosModules.default
../hosts/mediaserver.nix
]; ];
}; };
colmena = { deployment = {
deployment = { hostname = "mediaserver";
targetHost = "mediaserver"; sshUser = "root";
targetPort = 22; remoteBuild = true;
targetUser = "root"; autoRollback = false;
buildOnTarget = true; magicRollback = false;
tags = [ "home" ];
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,61 +1,60 @@
{ nixpkgs, nixos-hardware, home-manager, agenix, inputs, ... }: { nixpkgs, lix-module, nixos-hardware, home-manager, agenix, neovim-nightly-overlay, nifoc-overlay }:
let let
default-system = "aarch64-linux"; default-system = "aarch64-linux";
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
inputs.neovim-nightly-overlay.overlays.default neovim-nightly-overlay.overlays.default
inputs.nifoc-overlay.overlay nifoc-overlay.overlay
]; ];
config = { config = {
allowUnfree = true; allowUnfree = true;
allowBroken = true; allowBroken = true;
permittedInsecurePackages = [ permittedInsecurePackages = [ ];
"openssl-1.1.1t"
];
}; };
}; };
in in
rec { {
arch = default-system;
system = nixpkgs.lib.nixosSystem { system = nixpkgs.lib.nixosSystem {
system = default-system; system = default-system;
modules = [ modules = [
../hosts/neon.nix {
nixpkgs = nixpkgsConfig;
nix = {
registry.nixpkgs.to = { type = "path"; path = nixpkgs.outPath; };
nixPath = nixpkgs.lib.mkForce [ "nixpkgs=flake:nixpkgs" ];
};
}
nixos-hardware.nixosModules.raspberry-pi-4 nixos-hardware.nixosModules.raspberry-pi-4
lix-module.nixosModules.default
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
agenix.nixosModules.default
{ {
nixpkgs = nixpkgsConfig;
nix.nixPath = [ "nixpkgs=${nixpkgs}" ];
nix.registry.nixpkgs.flake = nixpkgs;
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
users.daniel = import ../../home/hosts/neon.nix; users.daniel = import ../../home/hosts/neon.nix;
}; };
} }
agenix.nixosModules.default
../hosts/neon.nix
]; ];
}; };
colmena = { deployment = {
deployment = { hostname = "neon";
targetHost = "neon"; sshUser = "root";
targetPort = 22; remoteBuild = true;
targetUser = "root"; autoRollback = false;
buildOnTarget = true; magicRollback = false;
tags = [ "home" "rpi4" ];
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -18,7 +18,9 @@ let
}; };
}; };
in in
rec { {
arch = default-system;
system = nixpkgs.lib.nixosSystem { system = nixpkgs.lib.nixosSystem {
system = default-system; system = default-system;
modules = [ modules = [
@ -49,17 +51,11 @@ rec {
]; ];
}; };
colmena = { deployment = {
deployment = { hostname = "tanker";
targetHost = "tanker"; sshUser = "root";
targetPort = 22; remoteBuild = true;
targetUser = "root"; autoRollback = false;
buildOnTarget = true; magicRollback = false;
tags = [ "remote" ];
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -55,8 +55,6 @@ in
system.stateVersion = "22.11"; system.stateVersion = "22.11";
nix = { nix = {
package = pkgs.nixVersions.stable;
settings = { settings = {
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
extra-platforms = [ "aarch64-linux" ]; extra-platforms = [ "aarch64-linux" ];
@ -71,6 +69,7 @@ in
"https://attic.cache.daniel.sx/nifoc-ci?priority=35" "https://attic.cache.daniel.sx/nifoc-ci?priority=35"
"https://nix-community.cachix.org?priority=50" "https://nix-community.cachix.org?priority=50"
"https://cache.garnix.io?priority=60" "https://cache.garnix.io?priority=60"
"https://cache.lix.systems?priority=70"
]; ];
extra-trusted-public-keys = [ extra-trusted-public-keys = [
@ -78,6 +77,7 @@ in
"nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk=" "nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
]; ];
trusted-users = [ trusted-users = [

View file

@ -34,8 +34,6 @@ in
system.stateVersion = "23.11"; system.stateVersion = "23.11";
nix = { nix = {
package = pkgs.nixVersions.stable;
settings = { settings = {
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
@ -49,6 +47,7 @@ in
"https://attic.cache.daniel.sx/nifoc-ci?priority=35" "https://attic.cache.daniel.sx/nifoc-ci?priority=35"
"https://nix-community.cachix.org?priority=50" "https://nix-community.cachix.org?priority=50"
"https://cache.garnix.io?priority=60" "https://cache.garnix.io?priority=60"
"https://cache.lix.systems?priority=70"
]; ];
extra-trusted-public-keys = [ extra-trusted-public-keys = [
@ -56,6 +55,7 @@ in
"nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk=" "nifoc-ci:JpD9zqVQi8JuS7B8htPDOQZh08rhInMnGFS9RVhiuwk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
]; ];
connect-timeout = 5; connect-timeout = 5;