From 65959c41b083a398edc5c58521ce50b871a5eca3 Mon Sep 17 00:00:00 2001 From: Daniel Kempkens Date: Wed, 25 Oct 2023 15:58:11 +0200 Subject: [PATCH] systems: switch to colmena for deployment --- .forgejo/workflows/build.yml | 73 +++++++++++------------ flake.lock | 88 ++++++---------------------- flake.nix | 48 +++++++++------ home/hosts/Styx.nix | 1 - home/programs/scripts/nixpkgs-switch | 5 +- system/flakes/adsb-antenna.nix | 22 ++++--- system/flakes/argon.nix | 22 ++++--- system/flakes/mediaserver.nix | 22 ++++--- system/flakes/tanker.nix | 22 ++++--- system/flakes/weather-sdr.nix | 22 ++++--- 10 files changed, 130 insertions(+), 195 deletions(-) diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index 4f264a5..3953b4f 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -1,5 +1,4 @@ name: Build - on: push: branches: ['master'] @@ -7,49 +6,43 @@ on: - 'flake.lock' - 'home/programs/nvim/plugins.nix' - '.forgejo/workflows/build.yml' - jobs: build-amd64-linux: runs-on: ubuntu-latest-amd64 - steps: - - uses: actions/checkout@v3 - - name: Install Nix - uses: https://github.com/DeterminateSystems/nix-installer-action@v4 - with: - init: none - planner: linux - github-token: null - - name: Setup Attic - uses: https://github.com/ryanccn/attic-action@v0 - with: - endpoint: ${{ secrets.ATTIC_ENDPOINT }} - cache: ${{ secrets.ATTIC_CACHE }} - token: ${{ secrets.ATTIC_TOKEN }} - - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server' - - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client' - - run: nix build '.#nixosConfigurations.tanker.pkgs.deploy-rs' - - run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package' - - run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage' - + - uses: actions/checkout@v3 + - name: Install Nix + uses: https://github.com/DeterminateSystems/nix-installer-action@v4 + with: + init: none + planner: linux + github-token: null + - name: Setup Attic + uses: https://github.com/ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} + - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server' + - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client' + - run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package' + - run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage' build-arm64-linux: runs-on: ubuntu-latest-arm64 - steps: - - uses: actions/checkout@v3 - - name: Install Nix - uses: https://github.com/DeterminateSystems/nix-installer-action@v4 - with: - init: none - planner: linux - github-token: null - - name: Setup Attic - uses: https://github.com/ryanccn/attic-action@v0 - with: - endpoint: ${{ secrets.ATTIC_ENDPOINT }} - cache: ${{ secrets.ATTIC_CACHE }} - token: ${{ secrets.ATTIC_TOKEN }} - - run: nix build '.#nixosConfigurations.argon.pkgs.attic-client' - - run: nix build '.#nixosConfigurations.argon.pkgs.deploy-rs' - - run: nix build '.#nixosConfigurations.argon.config.services.nginx.package' - - run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage' + - uses: actions/checkout@v3 + - name: Install Nix + uses: https://github.com/DeterminateSystems/nix-installer-action@v4 + with: + init: none + planner: linux + github-token: null + - name: Setup Attic + uses: https://github.com/ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} + - run: nix build '.#nixosConfigurations.argon.pkgs.attic-client' + - run: nix build '.#nixosConfigurations.argon.config.services.nginx.package' + - run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage' diff --git a/flake.lock b/flake.lock index 6eccd79..e3c9c7d 100644 --- a/flake.lock +++ b/flake.lock @@ -80,28 +80,6 @@ "type": "github" } }, - "deploy-rs": { - "inputs": { - "flake-compat": "flake-compat_2", - "nixpkgs": [ - "nixpkgs" - ], - "utils": "utils" - }, - "locked": { - "lastModified": 1695052866, - "narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9", - "type": "github" - }, - "original": { - "owner": "serokell", - "repo": "deploy-rs", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -109,11 +87,11 @@ ] }, "locked": { - "lastModified": 1698023869, - "narHash": "sha256-iIi9HhMFEhC0ca1GUoBPXhzFp5N4fm7QIBt21ScnX9A=", + "lastModified": 1698155728, + "narHash": "sha256-PUJ40o/0LyMEgSBEfLVyPA0K3gQnPYQDq9dW9nCOU9M=", "owner": "nix-community", "repo": "disko", - "rev": "a3283f0e5cba07dc1f6795a6ee71bf3a23b3fc53", + "rev": "8c5d52db5690c72406b0cb13a5ac8554a287c93a", "type": "github" }, "original": { @@ -139,22 +117,6 @@ } }, "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { "flake": false, "locked": { "lastModified": 1673956053, @@ -282,11 +244,11 @@ ] }, "locked": { - "lastModified": 1697964592, - "narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=", + "lastModified": 1698162493, + "narHash": "sha256-Zehw3cWiTXGGlDDjzTgIX1BhWG+049D/RcSMAiypAcM=", "owner": "nix-community", "repo": "home-manager", - "rev": "219d268a69512ff520fe8da1739ac22d95d52355", + "rev": "14b54157201fd574b0fa1b3ce7394c9d3a87fbc1", "type": "github" }, "original": { @@ -325,11 +287,11 @@ }, "locked": { "dir": "contrib", - "lastModified": 1698042398, - "narHash": "sha256-y4YAeQaQKpAXzLRD4TLryW9qBgmL0YVXn9w4rWeZASk=", + "lastModified": 1698199142, + "narHash": "sha256-9/LkcMin96m6zkofYoEVRutmUXH7KOwsFKv1L6hkhtI=", "owner": "neovim", "repo": "neovim", - "rev": "5e5f5174e3faa862a9bc353aa7da41487911140b", + "rev": "684e93054b82c6b5b215db7d3ecbad803eb81f0e", "type": "github" }, "original": { @@ -350,11 +312,11 @@ ] }, "locked": { - "lastModified": 1698047232, - "narHash": "sha256-l0gFPS83aCvr1dxGpS8sbuGeVb3mnQVr9/LRrdMIbTo=", + "lastModified": 1698221188, + "narHash": "sha256-/xz2daPH/brL+GtqRDJ4ajH+EzjlDHpUyLFQdqqPQlA=", "ref": "refs/heads/master", - "rev": "779a566c0dbeaba7ffec8b76c0ac45beb01fa2d6", - "revCount": 545, + "rev": "7d3d1d2619f67ebe8d0da716345cbda4c646c086", + "revCount": 548, "type": "git", "url": "https://git.kempkens.io/daniel/nix-overlay" }, @@ -483,7 +445,7 @@ }, "pre-commit-hooks-nix": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_3", "gitignore": "gitignore", "nixpkgs": [ @@ -492,11 +454,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1697746376, - "narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", + "lastModified": 1698227354, + "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", + "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf", "type": "github" }, "original": { @@ -509,7 +471,6 @@ "inputs": { "agenix": "agenix", "attic": "attic", - "deploy-rs": "deploy-rs", "disko": "disko", "flake-parts": "flake-parts", "flake-root": "flake-root", @@ -600,21 +561,6 @@ "repo": "treefmt-nix", "type": "github" } - }, - "utils": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 95b5b9c..3e35504 100644 --- a/flake.nix +++ b/flake.nix @@ -61,18 +61,13 @@ }; }; - deploy-rs = { - url = "github:serokell/deploy-rs"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - mkalias = { url = "github:reckenrode/mkalias"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = inputs@{ flake-parts, ... }: + outputs = inputs@{ self, flake-parts, ... }: flake-parts.lib.mkFlake { inherit inputs; } { flake = let @@ -84,35 +79,35 @@ tanker = import ./system/flakes/tanker.nix { nixpkgs = inputs.nixos-unstable; - inherit (inputs) disko deploy-rs home-manager agenix attic; + inherit (inputs) disko home-manager agenix attic; inherit inputs; }; mediaserver = import ./system/flakes/mediaserver.nix { nixpkgs = inputs.nixos-unstable; - inherit (inputs) deploy-rs home-manager agenix; + inherit (inputs) home-manager agenix; inherit inputs; }; argon = import ./system/flakes/argon.nix { nixpkgs = inputs.nixos-unstable; - inherit (inputs) nixos-hardware deploy-rs home-manager agenix; + inherit (inputs) nixos-hardware home-manager agenix; inherit inputs; }; weather-sdr = import ./system/flakes/weather-sdr.nix { nixpkgs = inputs.nixos-unstable; - inherit (inputs) deploy-rs home-manager agenix; + inherit (inputs) home-manager agenix; inherit inputs; }; adsb-antenna = import ./system/flakes/adsb-antenna.nix { nixpkgs = inputs.nixos-unstable; - inherit (inputs) nixos-hardware deploy-rs home-manager; + inherit (inputs) nixos-hardware home-manager; inherit inputs; }; in @@ -129,13 +124,27 @@ adsb-antenna = adsb-antenna.system; }; - deploy.nodes = { - tanker = tanker.deployment; - mediaserver = mediaserver.deployment; - argon = argon.deployment; - weather-sdr = weather-sdr.deployment; - adsb-antenna = adsb-antenna.deployment; - }; + colmena = + let + nixosConf = self.nixosConfigurations; + in + { + meta = { + # Since I'm only deploying from Styx ... + nixpkgs = import inputs.nixpkgs { + system = "aarch64-darwin"; + }; + + nodeNixpkgs = builtins.mapAttrs (_name: value: value.pkgs) nixosConf; + nodeSpecialArgs = builtins.mapAttrs (_name: value: value._module.specialArgs) nixosConf; + }; + + tanker = tanker.colmena; + mediaserver = mediaserver.colmena; + argon = argon.colmena; + weather-sdr = weather-sdr.colmena; + adsb-antenna = adsb-antenna.colmena; + }; }; imports = [ @@ -184,7 +193,8 @@ packages = [ inputs'.agenix.packages.agenix - inputs'.deploy-rs.packages.deploy-rs + pkgs.colmena + pkgs.nix-output-monitor ]; TREEFMT_CONFIG_FILE = config.treefmt.build.configFile; diff --git a/home/hosts/Styx.nix b/home/hosts/Styx.nix index 5425e0a..baf65a6 100644 --- a/home/hosts/Styx.nix +++ b/home/hosts/Styx.nix @@ -62,7 +62,6 @@ lnav mtr nix-tree - nix-output-monitor nurl ouch parallel diff --git a/home/programs/scripts/nixpkgs-switch b/home/programs/scripts/nixpkgs-switch index 98a4266..6433916 100755 --- a/home/programs/scripts/nixpkgs-switch +++ b/home/programs/scripts/nixpkgs-switch @@ -35,10 +35,7 @@ if test "$other_hostname" = "" end else git pull - nom build --eval-store auto --store "ssh-ng://builder-$other_hostname" ".#nixosConfigurations.$other_hostname.config.system.build.toplevel" - if test $status -eq 0 - deploy --skip-checks ".#$other_hostname" - end + colmena apply --on $other_hostname end if test $status -eq 0 diff --git a/system/flakes/adsb-antenna.nix b/system/flakes/adsb-antenna.nix index 96f832f..eabc52d 100644 --- a/system/flakes/adsb-antenna.nix +++ b/system/flakes/adsb-antenna.nix @@ -1,16 +1,14 @@ -{ nixpkgs, nixos-hardware, deploy-rs, home-manager, inputs, ... }: +{ nixpkgs, nixos-hardware, home-manager, inputs, ... }: let default-system = "aarch64-linux"; overlay-attic = inputs.attic.overlays.default; - overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; }; overlay-nifoc = inputs.nifoc-overlay.overlay; nixpkgsConfig = { overlays = [ overlay-attic - overlay-deploy-rs overlay-nifoc ]; @@ -48,15 +46,15 @@ rec { ]; }; - deployment = { - hostname = "adsb-antenna"; - sshUser = "root"; - remoteBuild = true; - autoRollback = false; - magicRollback = false; - - profiles.system = { - path = deploy-rs.lib.${default-system}.activate.nixos system; + colmena = { + deployment = { + targetHost = "adsb-antenna"; + targetPort = 22; + targetUser = "root"; + buildOnTarget = true; }; + + nixpkgs.system = default-system; + imports = system._module.args.modules; }; } diff --git a/system/flakes/argon.nix b/system/flakes/argon.nix index 19ecb48..b2842a6 100644 --- a/system/flakes/argon.nix +++ b/system/flakes/argon.nix @@ -1,16 +1,14 @@ -{ nixpkgs, nixos-hardware, deploy-rs, home-manager, agenix, inputs, ... }: +{ nixpkgs, nixos-hardware, home-manager, agenix, inputs, ... }: let default-system = "aarch64-linux"; overlay-attic = inputs.attic.overlays.default; - overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; }; overlay-nifoc = inputs.nifoc-overlay.overlay; nixpkgsConfig = { overlays = [ overlay-attic - overlay-deploy-rs overlay-nifoc ]; @@ -50,15 +48,15 @@ rec { ]; }; - deployment = { - hostname = "argon"; - sshUser = "root"; - remoteBuild = true; - autoRollback = false; - magicRollback = false; - - profiles.system = { - path = deploy-rs.lib.${default-system}.activate.nixos system; + colmena = { + deployment = { + targetHost = "argon"; + targetPort = 22; + targetUser = "root"; + buildOnTarget = true; }; + + nixpkgs.system = default-system; + imports = system._module.args.modules; }; } diff --git a/system/flakes/mediaserver.nix b/system/flakes/mediaserver.nix index 4705ff4..b2a97f1 100644 --- a/system/flakes/mediaserver.nix +++ b/system/flakes/mediaserver.nix @@ -1,16 +1,14 @@ -{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }: +{ nixpkgs, home-manager, agenix, inputs, ... }: let default-system = "x86_64-linux"; overlay-attic = inputs.attic.overlays.default; - overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; }; overlay-nifoc = inputs.nifoc-overlay.overlay; nixpkgsConfig = { overlays = [ overlay-attic - overlay-deploy-rs overlay-nifoc ]; @@ -48,15 +46,15 @@ rec { ]; }; - deployment = { - hostname = "mediaserver"; - sshUser = "root"; - remoteBuild = true; - autoRollback = false; - magicRollback = false; - - profiles.system = { - path = deploy-rs.lib.${default-system}.activate.nixos system; + colmena = { + deployment = { + targetHost = "mediaserver"; + targetPort = 22; + targetUser = "root"; + buildOnTarget = true; }; + + nixpkgs.system = default-system; + imports = system._module.args.modules; }; } diff --git a/system/flakes/tanker.nix b/system/flakes/tanker.nix index 90be577..544acfb 100644 --- a/system/flakes/tanker.nix +++ b/system/flakes/tanker.nix @@ -1,16 +1,14 @@ -{ nixpkgs, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }: +{ nixpkgs, disko, home-manager, agenix, attic, inputs, ... }: let default-system = "x86_64-linux"; # overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; }; - overlay-deploy-rs = _: _: { inherit (deploy-rs.packages.${default-system}) deploy-rs; }; overlay-nifoc = inputs.nifoc-overlay.overlay; nixpkgsConfig = { overlays = [ # overlay-master - overlay-deploy-rs overlay-nifoc ]; @@ -52,15 +50,15 @@ rec { ]; }; - deployment = { - hostname = "tanker"; - sshUser = "root"; - remoteBuild = true; - autoRollback = false; - magicRollback = false; - - profiles.system = { - path = deploy-rs.lib.${default-system}.activate.nixos system; + colmena = { + deployment = { + targetHost = "tanker"; + targetPort = 22; + targetUser = "root"; + buildOnTarget = true; }; + + nixpkgs.system = default-system; + imports = system._module.args.modules; }; } diff --git a/system/flakes/weather-sdr.nix b/system/flakes/weather-sdr.nix index 209cccb..a543c72 100644 --- a/system/flakes/weather-sdr.nix +++ b/system/flakes/weather-sdr.nix @@ -1,16 +1,14 @@ -{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }: +{ nixpkgs, home-manager, agenix, inputs, ... }: let default-system = "aarch64-linux"; overlay-attic = inputs.attic.overlays.default; - overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; }; overlay-nifoc = inputs.nifoc-overlay.overlay; nixpkgsConfig = { overlays = [ overlay-attic - overlay-deploy-rs overlay-nifoc ]; @@ -48,15 +46,15 @@ rec { ]; }; - deployment = { - hostname = "weather-sdr"; - sshUser = "root"; - remoteBuild = true; - autoRollback = false; - magicRollback = false; - - profiles.system = { - path = deploy-rs.lib.${default-system}.activate.nixos system; + colmena = { + deployment = { + targetHost = "weather-sdr"; + targetPort = 22; + targetUser = "root"; + buildOnTarget = true; }; + + nixpkgs.system = default-system; + imports = system._module.args.modules; }; }