daniel/dotfiles
1
0
Fork 0
Code Activity Actions

systems: switch to colmena for deployment

Browse source
This commit is contained in:
Daniel Kempkens 2023-10-25 15:58:11 +02:00
parent baf66055e5
commit 65959c41b0
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
10 changed files with 130 additions and 195 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

73
.forgejo/workflows/build.yml
View file

@ -1,5 +1,4 @@
name: Build
on:
push:
branches: ['master']
@ -7,49 +6,43 @@ on:
- 'flake.lock'
- 'home/programs/nvim/plugins.nix'
- '.forgejo/workflows/build.yml'
jobs:
build-amd64-linux:
runs-on: ubuntu-latest-amd64
steps:
- uses: actions/checkout@v3
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with:
init: none
planner: linux
github-token: null
- name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0
with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server'
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.tanker.pkgs.deploy-rs'
- run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage'
- uses: actions/checkout@v3
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with:
init: none
planner: linux
github-token: null
- name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0
with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server'
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage'
build-arm64-linux:
runs-on: ubuntu-latest-arm64
steps:
- uses: actions/checkout@v3
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with:
init: none
planner: linux
github-token: null
- name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0
with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.argon.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.argon.pkgs.deploy-rs'
- run: nix build '.#nixosConfigurations.argon.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage'
- uses: actions/checkout@v3
- name: Install Nix
uses: https://github.com/DeterminateSystems/nix-installer-action@v4
with:
init: none
planner: linux
github-token: null
- name: Setup Attic
uses: https://github.com/ryanccn/attic-action@v0
with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.argon.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.argon.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage'

88
flake.lock
View file

@ -80,28 +80,6 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1695052866,
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -109,11 +87,11 @@
]
},
"locked": {
"lastModified": 1698023869,
"narHash": "sha256-iIi9HhMFEhC0ca1GUoBPXhzFp5N4fm7QIBt21ScnX9A=",
"lastModified": 1698155728,
"narHash": "sha256-PUJ40o/0LyMEgSBEfLVyPA0K3gQnPYQDq9dW9nCOU9M=",
"owner": "nix-community",
"repo": "disko",
"rev": "a3283f0e5cba07dc1f6795a6ee71bf3a23b3fc53",
"rev": "8c5d52db5690c72406b0cb13a5ac8554a287c93a",
"type": "github"
},
"original": {
@ -139,22 +117,6 @@
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
@ -282,11 +244,11 @@
]
},
"locked": {
"lastModified": 1697964592,
"narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=",
"lastModified": 1698162493,
"narHash": "sha256-Zehw3cWiTXGGlDDjzTgIX1BhWG+049D/RcSMAiypAcM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "219d268a69512ff520fe8da1739ac22d95d52355",
"rev": "14b54157201fd574b0fa1b3ce7394c9d3a87fbc1",
"type": "github"
},
"original": {
@ -325,11 +287,11 @@
},
"locked": {
"dir": "contrib",
"lastModified": 1698042398,
"narHash": "sha256-y4YAeQaQKpAXzLRD4TLryW9qBgmL0YVXn9w4rWeZASk=",
"lastModified": 1698199142,
"narHash": "sha256-9/LkcMin96m6zkofYoEVRutmUXH7KOwsFKv1L6hkhtI=",
"owner": "neovim",
"repo": "neovim",
"rev": "5e5f5174e3faa862a9bc353aa7da41487911140b",
"rev": "684e93054b82c6b5b215db7d3ecbad803eb81f0e",
"type": "github"
},
"original": {
@ -350,11 +312,11 @@
]
},
"locked": {
"lastModified": 1698047232,
"narHash": "sha256-l0gFPS83aCvr1dxGpS8sbuGeVb3mnQVr9/LRrdMIbTo=",
"lastModified": 1698221188,
"narHash": "sha256-/xz2daPH/brL+GtqRDJ4ajH+EzjlDHpUyLFQdqqPQlA=",
"ref": "refs/heads/master",
"rev": "779a566c0dbeaba7ffec8b76c0ac45beb01fa2d6",
"revCount": 545,
"rev": "7d3d1d2619f67ebe8d0da716345cbda4c646c086",
"revCount": 548,
"type": "git",
"url": "https://git.kempkens.io/daniel/nix-overlay"
},
@ -483,7 +445,7 @@
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3",
"gitignore": "gitignore",
"nixpkgs": [
@ -492,11 +454,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1697746376,
"narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=",
"lastModified": 1698227354,
"narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd",
"rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf",
"type": "github"
},
"original": {
@ -509,7 +471,6 @@
"inputs": {
"agenix": "agenix",
"attic": "attic",
"deploy-rs": "deploy-rs",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-root": "flake-root",
@ -600,21 +561,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

48
flake.nix
View file

@ -61,18 +61,13 @@
};
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
mkalias = {
url = "github:reckenrode/mkalias";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ flake-parts, ... }:
outputs = inputs@{ self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
flake =
let
@ -84,35 +79,35 @@
tanker = import ./system/flakes/tanker.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) disko deploy-rs home-manager agenix attic;
inherit (inputs) disko home-manager agenix attic;
inherit inputs;
};
mediaserver = import ./system/flakes/mediaserver.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix;
inherit (inputs) home-manager agenix;
inherit inputs;
};
argon = import ./system/flakes/argon.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager agenix;
inherit (inputs) nixos-hardware home-manager agenix;
inherit inputs;
};
weather-sdr = import ./system/flakes/weather-sdr.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix;
inherit (inputs) home-manager agenix;
inherit inputs;
};
adsb-antenna = import ./system/flakes/adsb-antenna.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager;
inherit (inputs) nixos-hardware home-manager;
inherit inputs;
};
in
@ -129,13 +124,27 @@
adsb-antenna = adsb-antenna.system;
};
deploy.nodes = {
tanker = tanker.deployment;
mediaserver = mediaserver.deployment;
argon = argon.deployment;
weather-sdr = weather-sdr.deployment;
adsb-antenna = adsb-antenna.deployment;
};
colmena =
let
nixosConf = self.nixosConfigurations;
in
{
meta = {
# Since I'm only deploying from Styx ...
nixpkgs = import inputs.nixpkgs {
system = "aarch64-darwin";
};
nodeNixpkgs = builtins.mapAttrs (_name: value: value.pkgs) nixosConf;
nodeSpecialArgs = builtins.mapAttrs (_name: value: value._module.specialArgs) nixosConf;
};
tanker = tanker.colmena;
mediaserver = mediaserver.colmena;
argon = argon.colmena;
weather-sdr = weather-sdr.colmena;
adsb-antenna = adsb-antenna.colmena;
};
};
imports = [
@ -184,7 +193,8 @@
packages = [
inputs'.agenix.packages.agenix
inputs'.deploy-rs.packages.deploy-rs
pkgs.colmena
pkgs.nix-output-monitor
];
TREEFMT_CONFIG_FILE = config.treefmt.build.configFile;

1
home/hosts/Styx.nix
View file

@ -62,7 +62,6 @@
lnav
mtr
nix-tree
nix-output-monitor
nurl
ouch
parallel

5
home/programs/scripts/nixpkgs-switch
View file

@ -35,10 +35,7 @@ if test "$other_hostname" = ""
end
else
git pull
nom build --eval-store auto --store "ssh-ng://builder-$other_hostname" ".#nixosConfigurations.$other_hostname.config.system.build.toplevel"
if test $status -eq 0
deploy --skip-checks ".#$other_hostname"
end
colmena apply --on $other_hostname
end
if test $status -eq 0

22
system/flakes/adsb-antenna.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, inputs, ... }:
{ nixpkgs, nixos-hardware, home-manager, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,15 @@ rec {
];
};
deployment = {
hostname = "adsb-antenna";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
colmena = {
deployment = {
targetHost = "adsb-antenna";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

22
system/flakes/argon.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, nixos-hardware, home-manager, agenix, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -50,15 +48,15 @@ rec {
];
};
deployment = {
hostname = "argon";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
colmena = {
deployment = {
targetHost = "argon";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

22
system/flakes/mediaserver.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, home-manager, agenix, inputs, ... }:
let
default-system = "x86_64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,15 @@ rec {
];
};
deployment = {
hostname = "mediaserver";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
colmena = {
deployment = {
targetHost = "mediaserver";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

22
system/flakes/tanker.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }:
{ nixpkgs, disko, home-manager, agenix, attic, inputs, ... }:
let
default-system = "x86_64-linux";
# overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; };
overlay-deploy-rs = _: _: { inherit (deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
# overlay-master
overlay-deploy-rs
overlay-nifoc
];
@ -52,15 +50,15 @@ rec {
];
};
deployment = {
hostname = "tanker";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
colmena = {
deployment = {
targetHost = "tanker";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

22
system/flakes/weather-sdr.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, home-manager, agenix, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,15 @@ rec {
];
};
deployment = {
hostname = "weather-sdr";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
colmena = {
deployment = {
targetHost = "weather-sdr";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}