diff --git a/deployment/check/data-model-tf-proxmox/nixosTest.nix b/deployment/check/data-model-tf-proxmox/nixosTest.nix index d2c6dc29..72f1475b 100644 --- a/deployment/check/data-model-tf-proxmox/nixosTest.nix +++ b/deployment/check/data-model-tf-proxmox/nixosTest.nix @@ -59,8 +59,6 @@ in _class = "nixosTest"; name = "deployment-model"; sourceFileset = lib.fileset.unions [ - ../../run/tf-proxmox-template/run.sh - ../../run/tf-proxmox-vm/run.sh ../../run/tf-proxmox-vm/await-ssh.sh ]; diff --git a/deployment/check/data-model-tf/data-model.nix b/deployment/check/data-model-tf/data-model.nix index e204475f..32441f0e 100644 --- a/deployment/check/data-model-tf/data-model.nix +++ b/deployment/check/data-model-tf/data-model.nix @@ -42,7 +42,7 @@ in ssh = { username = "root"; host = nodeName; - key-file = null; + key-file = ""; inherit sshOpts; }; caller = "deployment/check/data-model-tf/data-model.nix"; diff --git a/deployment/check/data-model-tf/nixosTest.nix b/deployment/check/data-model-tf/nixosTest.nix index 46ea4d35..c38705cf 100644 --- a/deployment/check/data-model-tf/nixosTest.nix +++ b/deployment/check/data-model-tf/nixosTest.nix @@ -30,9 +30,6 @@ in { _class = "nixosTest"; name = "deployment-model"; - sourceFileset = lib.fileset.unions [ - ../../run/tf-single-host/run.sh - ]; nodes.deployer = { ... }: @@ -71,7 +68,7 @@ in deployer.wait_for_unit("multi-user.target") deployer.succeed("curl -u basic:fake-secret -X GET http://localhost:8080/state/project1/example") output = deployer.fail(""" - ${lib.getExe deploy} + ${lib.getExe deploy} 2>&1 """) assert "Timeout, server ${nodeName} not responding" in output target.wait_for_unit("multi-user.target") diff --git a/deployment/data-model.nix b/deployment/data-model.nix index 863c25b4..4973fcba 100644 --- a/deployment/data-model.nix +++ b/deployment/data-model.nix @@ -19,15 +19,7 @@ let str submodule ; - inherit (pkgs.callPackage ./utils.nix { }) toBash; - withPackages = packages: { - makeWrapperArgs = [ - "--prefix" - "PATH" - ":" - "${lib.makeBinPath packages}" - ]; - }; + inherit (pkgs.callPackage ./utils.nix { }) toBash withPackages tfApply; writeConfig = { system, @@ -246,6 +238,10 @@ let key-file sshOpts ; + in + tfApply { + inherit httpBackend; + directory = "tf-single-host"; environment = { key_file = key-file; ssh_opts = sshOpts; @@ -264,22 +260,7 @@ let deployment-type = "tf-host"; }; }; - tf-env = pkgs.callPackage ./run/tf-env.nix { - inherit httpBackend; - tfPackage = pkgs.callPackage ./run/tf-single-host/tf.nix { }; - tfDirs = [ "deployment/run/tf-single-host" ]; - }; - in - pkgs.writers.writeBashBin "deploy-tf.sh" - (withPackages [ - pkgs.jq - (pkgs.callPackage ./run/tf-single-host/tf.nix { }) - ]) - '' - env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \ - ${toString (lib.mapAttrsToList (k: v: "${k}=\"${toBash v}\"") httpBackend)} \ - tf_env=${tf-env} bash ./deployment/run/tf-single-host/run.sh - ''; + }; }; }; }); @@ -344,19 +325,10 @@ let node_name = node-name; image_datastore_id = imageDatastoreId; }; - tf-env = pkgs.callPackage ./run/tf-env.nix { - inherit httpBackend; - tfPackage = pkgs.callPackage ./run/tf-proxmox-template/tf.nix { }; - tfDirs = [ - "deployment/run/tf-proxmox-template" - ]; - }; in lib.trace (lib.strings.toJSON environment) pkgs.writers.writeBashBin "deploy-tf-proxmox-template.sh" (withPackages [ - pkgs.jq pkgs.qemu - (pkgs.callPackage ./run/tf-proxmox-vm/tf.nix { }) ]) '' set -e @@ -369,11 +341,13 @@ let ls -l /tmp/${name}.qcow2 >&2 checksum="$(sha256sum /tmp/${name}.qcow2 | cut -d " " -f1)" - env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \ - ${toString (lib.mapAttrsToList (k: v: "${k}=\"${toBash v}\"") httpBackend)} \ + env \ TF_VAR_image=/tmp/${name}.qcow2 \ TF_VAR_checksum="$checksum" \ - tf_env=${tf-env} bash ./deployment/run/tf-proxmox-template/run.sh + ${lib.getExe (tfApply { + inherit httpBackend environment; + directory = "tf-proxmox-template"; + })} ''; }; }; @@ -531,33 +505,12 @@ let ipv6_gateway = ipv6Gateway; ipv6_address = ipv6Address; }; - tf-env = pkgs.callPackage ./run/tf-env.nix { - inherit httpBackend; - tfPackage = pkgs.callPackage ./run/tf-proxmox-vm/tf.nix { }; - tfDirs = [ - "deployment/run/tf-single-host" - "deployment/run/tf-proxmox-vm" - ]; - }; in - lib.trace (lib.strings.toJSON environment) pkgs.writers.writeBashBin "deploy-tf-proxmox-vm.sh" - (withPackages [ - pkgs.jq - pkgs.qemu - (pkgs.callPackage ./run/tf-proxmox-vm/tf.nix { }) - ]) - '' - set -e - env ${ - toString ( - lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") ( - lib.filterAttrs (_: v: v != null) environment - ) - ) - } \ - ${toString (lib.mapAttrsToList (k: v: "${k}=\"${toBash v}\"") httpBackend)} \ - tf_env=${tf-env} bash ./deployment/run/tf-proxmox-vm/run.sh - ''; + lib.trace (lib.strings.toJSON environment) (tfApply { + inherit httpBackend environment; + directory = "tf-proxmox-vm"; + dependentDirs = [ "tf-single-host" ]; + }); }; }; }); diff --git a/deployment/run/tf-proxmox-template/run.sh b/deployment/run/tf-proxmox-template/run.sh deleted file mode 100644 index a6941e31..00000000 --- a/deployment/run/tf-proxmox-template/run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#! /usr/bin/env bash -set -euo pipefail -declare tf_env - -cd "${tf_env}/deployment/run/tf-proxmox-template" -tofu apply --auto-approve -input=false -parallelism=1 >&2 -tofu output -json diff --git a/deployment/run/tf-proxmox-vm/run.sh b/deployment/run/tf-proxmox-vm/run.sh deleted file mode 100644 index 1bd46abd..00000000 --- a/deployment/run/tf-proxmox-vm/run.sh +++ /dev/null @@ -1,8 +0,0 @@ -#! /usr/bin/env bash -set -euo pipefail -declare tf_env - -cd "${tf_env}/deployment/run/tf-proxmox-vm" -# parallelism=1: limit OOM risk -tofu apply --auto-approve -input=false -parallelism=1 >&2 -tofu output -json diff --git a/deployment/run/tf-single-host/run.sh b/deployment/run/tf-single-host/run.sh deleted file mode 100644 index 61178ccc..00000000 --- a/deployment/run/tf-single-host/run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#! /usr/bin/env bash -set -euo pipefail -declare tf_env - -cd "${tf_env}/deployment/run/tf-single-host" -# parallelism=1: limit OOM risk -tofu apply --auto-approve -parallelism=1 diff --git a/deployment/utils.nix b/deployment/utils.nix index 69345931..82b32b70 100644 --- a/deployment/utils.nix +++ b/deployment/utils.nix @@ -4,7 +4,7 @@ inputs ? null, ... }: -{ +rec { evalModel = module: (lib.evalModules { @@ -17,6 +17,7 @@ module ]; }).config; + toBash = v: lib.replaceStrings [ "\"" ] [ "\\\"" ] ( @@ -27,4 +28,51 @@ else lib.strings.toJSON v ); + + withPackages = packages: { + makeWrapperArgs = [ + "--prefix" + "PATH" + ":" + "${lib.makeBinPath packages}" + ]; + }; + + tfApply = + { + directory, + httpBackend, + dependentDirs ? [ ], + environment ? { }, + # limit OOM risk + parallelism ? 1, + }: + let + env-vars = '' + ${ + toString ( + lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") ( + lib.filterAttrs (_: v: v != null) environment + ) + ) + } \ + ${toString (lib.mapAttrsToList (k: v: "${k}=\"${toBash v}\"") httpBackend)} \ + ''; + tfPackage = pkgs.callPackage ./run/${directory}/tf.nix { }; + tf-env = pkgs.callPackage ./run/tf-env.nix { + inherit httpBackend tfPackage; + tfDirs = lib.lists.map (dir: "deployment/run/${dir}") ([ directory ] ++ dependentDirs); + }; + in + pkgs.writers.writeBashBin "tf-apply.sh" + (withPackages [ + tfPackage + pkgs.jq + ]) + '' + set -e + dir="${tf-env}/deployment/run/${directory}" + env ${env-vars} tofu -chdir="$dir" apply --auto-approve -parallelism=${builtins.toString parallelism} >&2 + env ${env-vars} tofu -chdir="$dir" output -json + ''; }