1
0
Fork 0

systems: switch to colmena for deployment

This commit is contained in:
Daniel Kempkens 2023-10-25 15:58:11 +02:00
parent baf66055e5
commit 65959c41b0
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
10 changed files with 130 additions and 195 deletions

View file

@ -1,5 +1,4 @@
name: Build name: Build
on: on:
push: push:
branches: ['master'] branches: ['master']
@ -7,49 +6,43 @@ on:
- 'flake.lock' - 'flake.lock'
- 'home/programs/nvim/plugins.nix' - 'home/programs/nvim/plugins.nix'
- '.forgejo/workflows/build.yml' - '.forgejo/workflows/build.yml'
jobs: jobs:
build-amd64-linux: build-amd64-linux:
runs-on: ubuntu-latest-amd64 runs-on: ubuntu-latest-amd64
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Install Nix - name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4 uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with: with:
init: none init: none
planner: linux planner: linux
github-token: null github-token: null
- name: Setup Attic - name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0 uses: https://github.com/ryanccn/attic-action@v0
with: with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }} endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }} cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }} token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server' - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server'
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client' - run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.tanker.pkgs.deploy-rs' - run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package' - run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage'
- run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage'
build-arm64-linux: build-arm64-linux:
runs-on: ubuntu-latest-arm64 runs-on: ubuntu-latest-arm64
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Install Nix - name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4 uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with: with:
init: none init: none
planner: linux planner: linux
github-token: null github-token: null
- name: Setup Attic - name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0 uses: https://github.com/ryanccn/attic-action@v0
with: with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }} endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }} cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }} token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.argon.pkgs.attic-client' - run: nix build '.#nixosConfigurations.argon.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.argon.pkgs.deploy-rs' - run: nix build '.#nixosConfigurations.argon.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.argon.config.services.nginx.package' - run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage'
- run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage'

View file

@ -80,28 +80,6 @@
"type": "github" "type": "github"
} }
}, },
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1695052866,
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -109,11 +87,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1698023869, "lastModified": 1698155728,
"narHash": "sha256-iIi9HhMFEhC0ca1GUoBPXhzFp5N4fm7QIBt21ScnX9A=", "narHash": "sha256-PUJ40o/0LyMEgSBEfLVyPA0K3gQnPYQDq9dW9nCOU9M=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "a3283f0e5cba07dc1f6795a6ee71bf3a23b3fc53", "rev": "8c5d52db5690c72406b0cb13a5ac8554a287c93a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -139,22 +117,6 @@
} }
}, },
"flake-compat_2": { "flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1673956053,
@ -282,11 +244,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1697964592, "lastModified": 1698162493,
"narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=", "narHash": "sha256-Zehw3cWiTXGGlDDjzTgIX1BhWG+049D/RcSMAiypAcM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "219d268a69512ff520fe8da1739ac22d95d52355", "rev": "14b54157201fd574b0fa1b3ce7394c9d3a87fbc1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -325,11 +287,11 @@
}, },
"locked": { "locked": {
"dir": "contrib", "dir": "contrib",
"lastModified": 1698042398, "lastModified": 1698199142,
"narHash": "sha256-y4YAeQaQKpAXzLRD4TLryW9qBgmL0YVXn9w4rWeZASk=", "narHash": "sha256-9/LkcMin96m6zkofYoEVRutmUXH7KOwsFKv1L6hkhtI=",
"owner": "neovim", "owner": "neovim",
"repo": "neovim", "repo": "neovim",
"rev": "5e5f5174e3faa862a9bc353aa7da41487911140b", "rev": "684e93054b82c6b5b215db7d3ecbad803eb81f0e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -350,11 +312,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1698047232, "lastModified": 1698221188,
"narHash": "sha256-l0gFPS83aCvr1dxGpS8sbuGeVb3mnQVr9/LRrdMIbTo=", "narHash": "sha256-/xz2daPH/brL+GtqRDJ4ajH+EzjlDHpUyLFQdqqPQlA=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "779a566c0dbeaba7ffec8b76c0ac45beb01fa2d6", "rev": "7d3d1d2619f67ebe8d0da716345cbda4c646c086",
"revCount": 545, "revCount": 548,
"type": "git", "type": "git",
"url": "https://git.kempkens.io/daniel/nix-overlay" "url": "https://git.kempkens.io/daniel/nix-overlay"
}, },
@ -483,7 +445,7 @@
}, },
"pre-commit-hooks-nix": { "pre-commit-hooks-nix": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"gitignore": "gitignore", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
@ -492,11 +454,11 @@
"nixpkgs-stable": "nixpkgs-stable_2" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1697746376, "lastModified": 1698227354,
"narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=", "narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd", "rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -509,7 +471,6 @@
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"attic": "attic", "attic": "attic",
"deploy-rs": "deploy-rs",
"disko": "disko", "disko": "disko",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-root": "flake-root", "flake-root": "flake-root",
@ -600,21 +561,6 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

View file

@ -61,18 +61,13 @@
}; };
}; };
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
mkalias = { mkalias = {
url = "github:reckenrode/mkalias"; url = "github:reckenrode/mkalias";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = inputs@{ flake-parts, ... }: outputs = inputs@{ self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
flake = flake =
let let
@ -84,35 +79,35 @@
tanker = import ./system/flakes/tanker.nix { tanker = import ./system/flakes/tanker.nix {
nixpkgs = inputs.nixos-unstable; nixpkgs = inputs.nixos-unstable;
inherit (inputs) disko deploy-rs home-manager agenix attic; inherit (inputs) disko home-manager agenix attic;
inherit inputs; inherit inputs;
}; };
mediaserver = import ./system/flakes/mediaserver.nix { mediaserver = import ./system/flakes/mediaserver.nix {
nixpkgs = inputs.nixos-unstable; nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix; inherit (inputs) home-manager agenix;
inherit inputs; inherit inputs;
}; };
argon = import ./system/flakes/argon.nix { argon = import ./system/flakes/argon.nix {
nixpkgs = inputs.nixos-unstable; nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager agenix; inherit (inputs) nixos-hardware home-manager agenix;
inherit inputs; inherit inputs;
}; };
weather-sdr = import ./system/flakes/weather-sdr.nix { weather-sdr = import ./system/flakes/weather-sdr.nix {
nixpkgs = inputs.nixos-unstable; nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix; inherit (inputs) home-manager agenix;
inherit inputs; inherit inputs;
}; };
adsb-antenna = import ./system/flakes/adsb-antenna.nix { adsb-antenna = import ./system/flakes/adsb-antenna.nix {
nixpkgs = inputs.nixos-unstable; nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager; inherit (inputs) nixos-hardware home-manager;
inherit inputs; inherit inputs;
}; };
in in
@ -129,13 +124,27 @@
adsb-antenna = adsb-antenna.system; adsb-antenna = adsb-antenna.system;
}; };
deploy.nodes = { colmena =
tanker = tanker.deployment; let
mediaserver = mediaserver.deployment; nixosConf = self.nixosConfigurations;
argon = argon.deployment; in
weather-sdr = weather-sdr.deployment; {
adsb-antenna = adsb-antenna.deployment; meta = {
}; # Since I'm only deploying from Styx ...
nixpkgs = import inputs.nixpkgs {
system = "aarch64-darwin";
};
nodeNixpkgs = builtins.mapAttrs (_name: value: value.pkgs) nixosConf;
nodeSpecialArgs = builtins.mapAttrs (_name: value: value._module.specialArgs) nixosConf;
};
tanker = tanker.colmena;
mediaserver = mediaserver.colmena;
argon = argon.colmena;
weather-sdr = weather-sdr.colmena;
adsb-antenna = adsb-antenna.colmena;
};
}; };
imports = [ imports = [
@ -184,7 +193,8 @@
packages = [ packages = [
inputs'.agenix.packages.agenix inputs'.agenix.packages.agenix
inputs'.deploy-rs.packages.deploy-rs pkgs.colmena
pkgs.nix-output-monitor
]; ];
TREEFMT_CONFIG_FILE = config.treefmt.build.configFile; TREEFMT_CONFIG_FILE = config.treefmt.build.configFile;

View file

@ -62,7 +62,6 @@
lnav lnav
mtr mtr
nix-tree nix-tree
nix-output-monitor
nurl nurl
ouch ouch
parallel parallel

View file

@ -35,10 +35,7 @@ if test "$other_hostname" = ""
end end
else else
git pull git pull
nom build --eval-store auto --store "ssh-ng://builder-$other_hostname" ".#nixosConfigurations.$other_hostname.config.system.build.toplevel" colmena apply --on $other_hostname
if test $status -eq 0
deploy --skip-checks ".#$other_hostname"
end
end end
if test $status -eq 0 if test $status -eq 0

View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, inputs, ... }: { nixpkgs, nixos-hardware, home-manager, inputs, ... }:
let let
default-system = "aarch64-linux"; default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default; overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay; overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
overlay-attic overlay-attic
overlay-deploy-rs
overlay-nifoc overlay-nifoc
]; ];
@ -48,15 +46,15 @@ rec {
]; ];
}; };
deployment = { colmena = {
hostname = "adsb-antenna"; deployment = {
sshUser = "root"; targetHost = "adsb-antenna";
remoteBuild = true; targetPort = 22;
autoRollback = false; targetUser = "root";
magicRollback = false; buildOnTarget = true;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
}; };
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, agenix, inputs, ... }: { nixpkgs, nixos-hardware, home-manager, agenix, inputs, ... }:
let let
default-system = "aarch64-linux"; default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default; overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay; overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
overlay-attic overlay-attic
overlay-deploy-rs
overlay-nifoc overlay-nifoc
]; ];
@ -50,15 +48,15 @@ rec {
]; ];
}; };
deployment = { colmena = {
hostname = "argon"; deployment = {
sshUser = "root"; targetHost = "argon";
remoteBuild = true; targetPort = 22;
autoRollback = false; targetUser = "root";
magicRollback = false; buildOnTarget = true;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
}; };
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }: { nixpkgs, home-manager, agenix, inputs, ... }:
let let
default-system = "x86_64-linux"; default-system = "x86_64-linux";
overlay-attic = inputs.attic.overlays.default; overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay; overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
overlay-attic overlay-attic
overlay-deploy-rs
overlay-nifoc overlay-nifoc
]; ];
@ -48,15 +46,15 @@ rec {
]; ];
}; };
deployment = { colmena = {
hostname = "mediaserver"; deployment = {
sshUser = "root"; targetHost = "mediaserver";
remoteBuild = true; targetPort = 22;
autoRollback = false; targetUser = "root";
magicRollback = false; buildOnTarget = true;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
}; };
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,16 +1,14 @@
{ nixpkgs, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }: { nixpkgs, disko, home-manager, agenix, attic, inputs, ... }:
let let
default-system = "x86_64-linux"; default-system = "x86_64-linux";
# overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; }; # overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; };
overlay-deploy-rs = _: _: { inherit (deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay; overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
# overlay-master # overlay-master
overlay-deploy-rs
overlay-nifoc overlay-nifoc
]; ];
@ -52,15 +50,15 @@ rec {
]; ];
}; };
deployment = { colmena = {
hostname = "tanker"; deployment = {
sshUser = "root"; targetHost = "tanker";
remoteBuild = true; targetPort = 22;
autoRollback = false; targetUser = "root";
magicRollback = false; buildOnTarget = true;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
}; };
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }

View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }: { nixpkgs, home-manager, agenix, inputs, ... }:
let let
default-system = "aarch64-linux"; default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default; overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay; overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = { nixpkgsConfig = {
overlays = [ overlays = [
overlay-attic overlay-attic
overlay-deploy-rs
overlay-nifoc overlay-nifoc
]; ];
@ -48,15 +46,15 @@ rec {
]; ];
}; };
deployment = { colmena = {
hostname = "weather-sdr"; deployment = {
sshUser = "root"; targetHost = "weather-sdr";
remoteBuild = true; targetPort = 22;
autoRollback = false; targetUser = "root";
magicRollback = false; buildOnTarget = true;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
}; };
nixpkgs.system = default-system;
imports = system._module.args.modules;
}; };
} }