.gitignore

@@ -1,3 +0,0 @@
-.envrc
-.direnv
-result

server/README.md

@@ -1,15 +0,0 @@
-# fediversity.eu webserver
-
-This directory contains the configuration for the server hosting https://fediversity.eu
-
-Build the configuration:
-
-```bash
-nix-build -A machine
-```
-
-Deploy via SSH:
-
-```bash
-env SSH_OPTS="..." nix-shell --run deploy-webserver
-```

server/configuration.nix

@@ -1,3 +1,4 @@
+
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
@@ -6,8 +7,7 @@
 
 {
   imports =
-    [
+    [ # Include the results of the hardware scan.
-      # Include the results of the hardware scan.
       ./hardware-configuration.nix
     ];
 
@@ -245,6 +245,9 @@
     })
     wget
     git
+    hugo
+    go
+    nodejs
   ];
 
   # List services that you want to enable:
@@ -255,6 +258,11 @@
   # Enable xe-guest-utilities
   services.xe-guest-utilities.enable = true;
 
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  system.copySystemConfiguration = true;
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
@@ -264,3 +272,4 @@
   system.stateVersion = "23.11"; # Did you read the comment?
 
 }
+

server/default.nix

@@ -1,46 +0,0 @@
-{ sources ? import ../website/npins
-, system ? builtins.currentSystem
-, pkgs ? import sources.nixpkgs {
-    inherit system;
-    config = { };
-    overlays = [ ];
-  }
-, lib ? import "${sources.nixpkgs}/lib"
-}:
-let
-  # TODO: this is a hard copy of the IP in the config; wire all of it up with NixOps4
-  ipv4 = "185.206.232.106";
-  deploy = pkgs.writeShellApplication {
-    name = "deploy-webserver";
-    text = ''
-      # HACK: decouple system evaluation from shell evaluation
-      # the structured way for using this hack is encoded in https://github.com/fricklerhandwerk/lazy-drv
-      result="$(nix-build ${toString ./.} -A machine --no-out-link --eval-store auto --store ssh-ng://${ipv4})"
-      # shellcheck disable=SC2087
-      ssh ${ipv4} << EOF
-      nix-env -p /nix/var/nix/profiles/system --set "$result"
-      "$result"/bin/switch-to-configuration switch
-      EOF
-    '';
-  };
-  nixos-configuration = config:
-    import "${pkgs.path}/nixos/lib/eval-config.nix" {
-      modules = [
-        config
-      ];
-      system = null;
-    };
-in
-rec {
-  nixos = nixos-configuration ./configuration.nix;
-  machine = nixos.config.system.build.toplevel;
-  shell = pkgs.mkShellNoCC {
-    packages = with pkgs; [
-      deploy
-    ];
-    env = {
-      # TODO: reusing other pins for now; wire up the whole repo to use the same dependencies
-      NPINS_DIRECTORY = toString ../website/npins;
-    };
-  };
-}

server/shell.nix

@@ -1 +0,0 @@
-(import ./. { }).shell

services/README.md

@@ -57,6 +57,16 @@ nix build .#installers.peertube
 Upload the image in `./result` to Proxmox when creating a VM.
 Booting the image will format the disk and install NixOS with the desired configuration.
 
+# Deploying an updated machine configuration
+
+> TODO: There is currently no way to specify an actual target machine by name.
+
+Assuming you have SSH configuration with access to the remote `root` user stored for a machine called e.g. `peertube`, deploy the configuration by the same name:
+
+```bash
+nix run .#deploy.peertube
+```
+
 ## debugging notes
 
 - it is sometimes useful to `cat result/bin/run-nixos-vm` to see what's really going on (e.g. which ports are getting forwarded)

services/deploy.nix

@@ -0,0 +1,13 @@
+{ writeShellApplication }:
+name: _config:
+writeShellApplication {
+  name = "deploy";
+  text = ''
+    result="$(nix build --print-out-paths ${./.}#nixosConfigurations#${name} --eval-store auto --store ssh-ng://${name})"
+    # shellcheck disable=SC2087
+    ssh ${name} << EOF
+    nix-env -p /nix/var/nix/profiles/system --set "$result"
+    "$result"/bin/switch-to-configuration switch
+    EOF
+  '';
+}

services/flake.nix

@@ -114,6 +114,12 @@
       mkInstaller = import ./installer.nix;
       installers = lib.mapAttrs (_: config: self.mkInstaller nixpkgs config) self.nixosConfigurations;
 
+      deploy =
+        let
+          deployCommand = (pkgs.callPackage ./deploy.nix { });
+        in
+        lib.mapAttrs (name: config: deployCommand name config) self.nixosConfigurations;
+
       checks.${system} = {
         mastodon-garage = import ./tests/mastodon-garage.nix { inherit pkgs self; };
         pixelfed-garage = import ./tests/pixelfed-garage.nix { inherit pkgs self; };