forked from fediversity/fediversity
Compare commits
76 commits
4b2f168f58
...
1de353fada
| Author | SHA1 | Date | |
|---|---|---|---|
1de353fada
|
|||
|
18bcae835e
|
|||
|
9a60948765
|
|||
|
7f1dabe7cb
|
|||
|
253352616b
|
|||
|
de19210d1d
|
|||
|
a3ffd6d23b
|
|||
|
dd6e8850f3
|
|||
|
d35de0b457
|
|||
|
51b72c79c7
|
|||
|
76a07a6cf1
|
|||
|
0aeac419e4
|
|||
|
220fe52612
|
|||
|
d6731bbc7d
|
|||
|
a245f52e5b
|
|||
|
2ae4ca3f68
|
|||
|
9907404e94
|
|||
|
22accb50c0
|
|||
|
6e70640caa
|
|||
|
5ce2f2e8ed
|
|||
|
733c500cd1
|
|||
|
c818e55194
|
|||
|
f705e56707
|
|||
|
0249324d86
|
|||
|
4d348fb9cb
|
|||
|
06fc1e8666
|
|||
|
dc07eb68c3
|
|||
|
871384d51f
|
|||
|
d37a90723f
|
|||
|
ebfe19ab5c
|
|||
|
95a450023a
|
|||
|
f75fb5eec0
|
|||
|
1f35ca5fe8
|
|||
|
a76b3cc4a3
|
|||
|
871b6bd906
|
|||
|
eec987af06
|
|||
|
240d68617e
|
|||
|
c9dc6ee392
|
|||
|
98599cebf4
|
|||
|
9746ad0e92
|
|||
|
bcb0fd5318
|
|||
|
41b4fa6476
|
|||
|
13a97eadaf
|
|||
|
a0e330eb85
|
|||
|
fe4916c854
|
|||
|
1c362d83b9
|
|||
|
4c360d2cd9
|
|||
|
4db88cf8df
|
|||
|
e6c590b4d7
|
|||
|
03ea2730b0
|
|||
|
f8b508fa43
|
|||
|
2b66f15e7c
|
|||
|
cac911a16b
|
|||
|
4249a64c10
|
|||
|
c1897a3684
|
|||
|
562e511ed8
|
|||
|
c7f2e2b7aa
|
|||
|
d363957e37
|
|||
|
9e3c3b9ee0
|
|||
|
d5bd886757
|
|||
|
67484b70ee
|
|||
|
767ffd9f87
|
|||
|
80f2bbcc4d
|
|||
|
8d5c9781d5
|
|||
|
ea78e850af
|
|||
|
2a550e6963
|
|||
|
34a5a62ba3
|
|||
|
c0a5f28adf
|
|||
|
9adfb3eae9
|
|||
|
7d3afbb469
|
|||
|
ff5fd5047f
|
|||
|
d2b5d7e607
|
|||
|
382bcda9d2
|
|||
|
35e49c04f4
|
|||
|
bb79f366e9
|
|||
|
63c6221479
|
9 changed files with 147 additions and 313 deletions
|
|
@ -1,5 +1,4 @@
|
||||||
on:
|
on:
|
||||||
workflow_dispatch: # allows manual triggering
|
|
||||||
pull_request:
|
pull_request:
|
||||||
types:
|
types:
|
||||||
- opened
|
- opened
|
||||||
|
|
|
||||||
|
|
@ -105,7 +105,8 @@ let
|
||||||
options.enable = lib.mkEnableOption "Hello in the shell";
|
options.enable = lib.mkEnableOption "Hello in the shell";
|
||||||
};
|
};
|
||||||
implementation = cfg: {
|
implementation = cfg: {
|
||||||
resources = lib.optionalAttrs cfg.enable {
|
input = cfg;
|
||||||
|
output.resources = lib.optionalAttrs cfg.enable {
|
||||||
hello.login-shell.packages.hello = pkgs.hello;
|
hello.login-shell.packages.hello = pkgs.hello;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
@ -138,21 +139,17 @@ let
|
||||||
implementation =
|
implementation =
|
||||||
{
|
{
|
||||||
required-resources,
|
required-resources,
|
||||||
deployment-name,
|
...
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
ssh-host = {
|
input = required-resources;
|
||||||
|
output.ssh-host = {
|
||||||
nixos-configuration = mkNixosConfiguration environment required-resources;
|
nixos-configuration = mkNixosConfiguration environment required-resources;
|
||||||
system = targetSystem;
|
|
||||||
ssh = {
|
ssh = {
|
||||||
username = "root";
|
username = "root";
|
||||||
host = nodeName;
|
host = nodeName;
|
||||||
key-file = null;
|
key-file = null;
|
||||||
inherit sshOpts;
|
|
||||||
};
|
};
|
||||||
module = self;
|
|
||||||
inherit args deployment-name;
|
|
||||||
root-path = pathToRoot;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
@ -164,7 +161,8 @@ let
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
nixops4 =
|
input = required-resources;
|
||||||
|
output.nixops4 =
|
||||||
{ providers, ... }:
|
{ providers, ... }:
|
||||||
{
|
{
|
||||||
providers = {
|
providers = {
|
||||||
|
|
@ -191,7 +189,8 @@ let
|
||||||
deployment-name,
|
deployment-name,
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
tf-host = {
|
input = required-resources;
|
||||||
|
output.tf-host = {
|
||||||
nixos-configuration = mkNixosConfiguration environment required-resources;
|
nixos-configuration = mkNixosConfiguration environment required-resources;
|
||||||
system = targetSystem;
|
system = targetSystem;
|
||||||
ssh = {
|
ssh = {
|
||||||
|
|
@ -214,7 +213,8 @@ let
|
||||||
deployment-name,
|
deployment-name,
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
tf-proxmox-host = {
|
input = required-resources;
|
||||||
|
output.tf-proxmox-host = {
|
||||||
nixos-configuration = mkNixosConfiguration environment required-resources;
|
nixos-configuration = mkNixosConfiguration environment required-resources;
|
||||||
system = targetSystem;
|
system = targetSystem;
|
||||||
ssh = {
|
ssh = {
|
||||||
|
|
|
||||||
|
|
@ -9,9 +9,9 @@ let
|
||||||
inherit (pkgs) system;
|
inherit (pkgs) system;
|
||||||
deployment-config = {
|
deployment-config = {
|
||||||
inherit pathToRoot pathFromRoot;
|
inherit pathToRoot pathFromRoot;
|
||||||
|
inherit (config) enableAcme;
|
||||||
|
acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
|
||||||
nodeName = "ssh";
|
nodeName = "ssh";
|
||||||
targetSystem = system;
|
|
||||||
sshOpts = [ ];
|
|
||||||
};
|
};
|
||||||
deploy =
|
deploy =
|
||||||
(import ../common/data-model.nix {
|
(import ../common/data-model.nix {
|
||||||
|
|
@ -30,10 +30,6 @@ in
|
||||||
sourceFileset = lib.fileset.unions [
|
sourceFileset = lib.fileset.unions [
|
||||||
../../data-model.nix
|
../../data-model.nix
|
||||||
../../function.nix
|
../../function.nix
|
||||||
../../nixos.nix
|
|
||||||
../../run/ssh-single-host/run.sh
|
|
||||||
../../../npins/default.nix
|
|
||||||
../../../npins/sources.json
|
|
||||||
../common/data-model.nix
|
../common/data-model.nix
|
||||||
../common/data-model-options.nix
|
../common/data-model-options.nix
|
||||||
./constants.nix
|
./constants.nix
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,10 @@ let
|
||||||
inherit pathToRoot pathFromRoot;
|
inherit pathToRoot pathFromRoot;
|
||||||
nodeName = "mypve";
|
nodeName = "mypve";
|
||||||
targetSystem = system;
|
targetSystem = system;
|
||||||
sshOpts = [ ];
|
sshOpts = [
|
||||||
|
"ConnectTimeout=1"
|
||||||
|
"ServerAliveInterval=1"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
deployment =
|
deployment =
|
||||||
(import ../common/data-model.nix {
|
(import ../common/data-model.nix {
|
||||||
|
|
@ -19,6 +22,7 @@ let
|
||||||
config = deployment-config;
|
config = deployment-config;
|
||||||
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
|
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
|
||||||
})."tf-proxmox-deployment".tf-proxmox-host;
|
})."tf-proxmox-deployment".tf-proxmox-host;
|
||||||
|
# deployment = setup.tf-proxmox-host;
|
||||||
# tracking non-tarball downloads seems unsupported still in npins:
|
# tracking non-tarball downloads seems unsupported still in npins:
|
||||||
# https://github.com/andir/npins/issues/163
|
# https://github.com/andir/npins/issues/163
|
||||||
minimalIso = pkgs.fetchurl {
|
minimalIso = pkgs.fetchurl {
|
||||||
|
|
@ -87,7 +91,6 @@ in
|
||||||
(pkgs.callPackage ../../run/tf-proxmox/tf.nix { inherit sources; })
|
(pkgs.callPackage ../../run/tf-proxmox/tf.nix { inherit sources; })
|
||||||
jq
|
jq
|
||||||
nixos-generators
|
nixos-generators
|
||||||
deployment.run
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# needed only when building from deployer
|
# needed only when building from deployer
|
||||||
|
|
@ -121,80 +124,23 @@ in
|
||||||
then
|
then
|
||||||
lib.trace "yes" [
|
lib.trace "yes" [
|
||||||
# lib.traceVal pkg.inputDerivation # not of type `path in the Nix store'
|
# lib.traceVal pkg.inputDerivation # not of type `path in the Nix store'
|
||||||
(
|
((x: builtins.trace "${builtins.toString pkg}: ${builtins.toString (lib.isPath x.inputDerivation)}" x) pkg).inputDerivation
|
||||||
(
|
|
||||||
x: builtins.trace "${builtins.toString pkg}: ${builtins.toString (lib.isPath x.inputDerivation)}" x
|
|
||||||
)
|
|
||||||
pkg
|
|
||||||
).inputDerivation
|
|
||||||
]
|
]
|
||||||
else
|
else
|
||||||
lib.trace "no" [ ]
|
lib.trace "no" [ ]
|
||||||
)
|
)
|
||||||
) machine.environment.systemPackages)
|
) machine.environment.systemPackages)
|
||||||
++ [
|
++ [
|
||||||
(
|
((x: builtins.trace "machine.system.build.toplevel.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.toplevel.inputDerivation)
|
||||||
(
|
((x: builtins.trace "machine.system.build.etc.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.etc.inputDerivation)
|
||||||
x:
|
((x: builtins.trace "machine.system.build.etcBasedir.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.etcBasedir.inputDerivation)
|
||||||
builtins.trace "machine.system.build.toplevel.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
((x: builtins.trace "machine.system.build.etcMetadataImage.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.etcMetadataImage.inputDerivation)
|
||||||
)
|
((x: builtins.trace "machine.system.build.extraUtils.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.extraUtils.inputDerivation)
|
||||||
machine.system.build.toplevel.inputDerivation
|
((x: builtins.trace "machine.system.path.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.path.inputDerivation)
|
||||||
)
|
((x: builtins.trace "machine.system.build.setEnvironment.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.setEnvironment.inputDerivation)
|
||||||
(
|
((x: builtins.trace "machine.system.build.vm.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.vm.inputDerivation)
|
||||||
(
|
((x: builtins.trace "machine.system.build.bootStage1.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.bootStage1.inputDerivation)
|
||||||
x: builtins.trace "machine.system.build.etc.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
((x: builtins.trace "machine.system.build.bootStage2.inputDerivation: ${builtins.toString (lib.isPath x)}" x) machine.system.build.bootStage2.inputDerivation)
|
||||||
)
|
|
||||||
machine.system.build.etc.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.etcBasedir.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.etcBasedir.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.etcMetadataImage.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.etcMetadataImage.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.extraUtils.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.extraUtils.inputDerivation
|
|
||||||
)
|
|
||||||
((x: builtins.trace "machine.system.path.inputDerivation: ${builtins.toString (lib.isPath x)}" x)
|
|
||||||
machine.system.path.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.setEnvironment.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.setEnvironment.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(x: builtins.trace "machine.system.build.vm.inputDerivation: ${builtins.toString (lib.isPath x)}" x)
|
|
||||||
machine.system.build.vm.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.bootStage1.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.bootStage1.inputDerivation
|
|
||||||
)
|
|
||||||
(
|
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "machine.system.build.bootStage2.inputDerivation: ${builtins.toString (lib.isPath x)}" x
|
|
||||||
)
|
|
||||||
machine.system.build.bootStage2.inputDerivation
|
|
||||||
)
|
|
||||||
pkgs.gnu-config
|
pkgs.gnu-config
|
||||||
# pkgs.gnu-config.inputDerivation
|
# pkgs.gnu-config.inputDerivation
|
||||||
pkgs.byacc
|
pkgs.byacc
|
||||||
|
|
@ -240,13 +186,7 @@ in
|
||||||
if v ? source.inputDerivation then
|
if v ? source.inputDerivation then
|
||||||
[
|
[
|
||||||
# v.source.inputDerivation
|
# v.source.inputDerivation
|
||||||
(
|
((x: builtins.trace "${builtins.toString (lib.attrNames v)}: ${builtins.toString (lib.isPath x.source.inputDerivation)}" x) v).source.inputDerivation
|
||||||
(
|
|
||||||
x:
|
|
||||||
builtins.trace "${builtins.toString (lib.attrNames v)}: ${builtins.toString (lib.isPath x.source.inputDerivation)}" x
|
|
||||||
)
|
|
||||||
v
|
|
||||||
).source.inputDerivation
|
|
||||||
]
|
]
|
||||||
else
|
else
|
||||||
[ ]
|
[ ]
|
||||||
|
|
@ -269,7 +209,7 @@ in
|
||||||
with subtest("Run the deployment"):
|
with subtest("Run the deployment"):
|
||||||
# target.fail("hello 1>&2")
|
# target.fail("hello 1>&2")
|
||||||
deployer.succeed("""
|
deployer.succeed("""
|
||||||
${lib.getExe deployment.run}
|
${deployment.run}
|
||||||
""")
|
""")
|
||||||
# target.wait_for_unit("multi-user.target")
|
# target.wait_for_unit("multi-user.target")
|
||||||
# target.succeed("su - operator -c hello 1>&2")
|
# target.succeed("su - operator -c hello 1>&2")
|
||||||
|
|
|
||||||
|
|
@ -10,14 +10,17 @@ let
|
||||||
inherit pathToRoot pathFromRoot;
|
inherit pathToRoot pathFromRoot;
|
||||||
nodeName = "target";
|
nodeName = "target";
|
||||||
targetSystem = system;
|
targetSystem = system;
|
||||||
sshOpts = [ ];
|
sshOpts = [
|
||||||
|
"ConnectTimeout=1"
|
||||||
|
"ServerAliveInterval=1"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
deploy =
|
deployment =
|
||||||
(import ../common/data-model.nix {
|
(import ../common/data-model.nix {
|
||||||
inherit system;
|
inherit system;
|
||||||
config = deployment-config;
|
config = deployment-config;
|
||||||
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
|
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
|
||||||
})."tf-deployment".tf-host.run;
|
})."tf-deployment".tf-host;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
_class = "nixosTest";
|
_class = "nixosTest";
|
||||||
|
|
@ -36,7 +39,6 @@ in
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
(pkgs.callPackage ../../run/tf-single-host/tf.nix { })
|
(pkgs.callPackage ../../run/tf-single-host/tf.nix { })
|
||||||
jq
|
jq
|
||||||
deploy
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# needed only when building from deployer
|
# needed only when building from deployer
|
||||||
|
|
@ -55,7 +57,7 @@ in
|
||||||
|
|
||||||
with subtest("ssh: Run the deployment"):
|
with subtest("ssh: Run the deployment"):
|
||||||
deployer.succeed("""
|
deployer.succeed("""
|
||||||
${lib.getExe deploy}
|
${deployment.run}
|
||||||
""")
|
""")
|
||||||
target.wait_for_unit("multi-user.target")
|
target.wait_for_unit("multi-user.target")
|
||||||
target.succeed("su - operator -c hello 1>&2")
|
target.succeed("su - operator -c hello 1>&2")
|
||||||
|
|
|
||||||
|
|
@ -98,9 +98,9 @@ in
|
||||||
{
|
{
|
||||||
options.enable = lib.mkEnableOption "Hello in the shell";
|
options.enable = lib.mkEnableOption "Hello in the shell";
|
||||||
};
|
};
|
||||||
implementation =
|
implementation = cfg: {
|
||||||
cfg: {
|
input = cfg;
|
||||||
resources = lib.optionalAttrs cfg.enable {
|
output.resources = lib.optionalAttrs cfg.enable {
|
||||||
hello.login-shell.packages.hello = pkgs.hello;
|
hello.login-shell.packages.hello = pkgs.hello;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
@ -110,7 +110,8 @@ in
|
||||||
{
|
{
|
||||||
resources."operator-environment".login-shell.username = "operator";
|
resources."operator-environment".login-shell.username = "operator";
|
||||||
implementation = requests: {
|
implementation = requests: {
|
||||||
nixops4 = (
|
input = requests;
|
||||||
|
output.nixops4 =
|
||||||
{ providers, ... }:
|
{ providers, ... }:
|
||||||
{
|
{
|
||||||
providers = {
|
providers = {
|
||||||
|
|
@ -133,8 +134,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
};
|
||||||
);
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ let
|
||||||
lib.strings.toJSON v
|
lib.strings.toJSON v
|
||||||
);
|
);
|
||||||
|
|
||||||
functionType = submodule ./function.nix;
|
functionType = import ./function.nix;
|
||||||
application-resources = submodule {
|
application-resources = submodule {
|
||||||
options.resources = mkOption {
|
options.resources = mkOption {
|
||||||
# TODO: maybe transpose, and group the resources by type instead
|
# TODO: maybe transpose, and group the resources by type instead
|
||||||
|
|
@ -87,73 +87,12 @@ let
|
||||||
deployment-type = attrTag {
|
deployment-type = attrTag {
|
||||||
ssh-host = mkOption {
|
ssh-host = mkOption {
|
||||||
description = "A deployment by SSH to update a single existing NixOS host.";
|
description = "A deployment by SSH to update a single existing NixOS host.";
|
||||||
type = submodule (ssh-host: {
|
type = submodule {
|
||||||
options = {
|
options = {
|
||||||
system = mkOption {
|
|
||||||
description = "The architecture of the system to deploy to.";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
inherit nixos-configuration;
|
inherit nixos-configuration;
|
||||||
ssh = host-ssh;
|
ssh = host-ssh;
|
||||||
module = mkOption {
|
|
||||||
description = "The module to call to obtain the NixOS configuration from.";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
args = mkOption {
|
|
||||||
description = "The arguments with which to call the module to obtain the NixOS configuration.";
|
|
||||||
type = types.attrs;
|
|
||||||
};
|
|
||||||
deployment-name = mkOption {
|
|
||||||
description = "The name of the deployment for which to obtain the NixOS configuration.";
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
root-path = mkOption {
|
|
||||||
description = "The path to the root of the repository.";
|
|
||||||
type = types.path;
|
|
||||||
};
|
|
||||||
run = mkOption {
|
|
||||||
type = types.package;
|
|
||||||
# error: The option `ssh-deployment.ssh-host.run' is read-only, but it's set multiple times.
|
|
||||||
# readOnly = true;
|
|
||||||
default =
|
|
||||||
let
|
|
||||||
inherit (ssh-host.config)
|
|
||||||
system
|
|
||||||
ssh
|
|
||||||
module
|
|
||||||
args
|
|
||||||
deployment-name
|
|
||||||
root-path
|
|
||||||
;
|
|
||||||
inherit (ssh)
|
|
||||||
host
|
|
||||||
username
|
|
||||||
key-file
|
|
||||||
sshOpts
|
|
||||||
;
|
|
||||||
environment = {
|
|
||||||
key_file = key-file;
|
|
||||||
deployment_name = deployment-name;
|
|
||||||
root_path = root-path;
|
|
||||||
ssh_opts = sshOpts;
|
|
||||||
inherit
|
|
||||||
system
|
|
||||||
host
|
|
||||||
username
|
|
||||||
module
|
|
||||||
args
|
|
||||||
;
|
|
||||||
deployment_type = "ssh-host";
|
|
||||||
};
|
|
||||||
in
|
|
||||||
pkgs.writeShellScriptBin "deploy-ssh.sh" ''
|
|
||||||
env ${
|
|
||||||
toString (lib.mapAttrsToList (k: v: "${k}=\"${toBash v}\"") environment)
|
|
||||||
} bash ./deployment/run/ssh-single-host/run.sh
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
});
|
|
||||||
};
|
};
|
||||||
nixops4 = mkOption {
|
nixops4 = mkOption {
|
||||||
description = "A NixOps4 NixOS deployment. For an example, see https://github.com/nixops4/nixops4-nixos/blob/main/example/deployment.nix.";
|
description = "A NixOps4 NixOS deployment. For an example, see https://github.com/nixops4/nixops4-nixos/blob/main/example/deployment.nix.";
|
||||||
|
|
@ -257,7 +196,7 @@ let
|
||||||
type = types.path;
|
type = types.path;
|
||||||
};
|
};
|
||||||
run = mkOption {
|
run = mkOption {
|
||||||
type = types.package;
|
type = types.str;
|
||||||
# error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times.
|
# error: The option `tf-deployment.tf-host.run' is read-only, but it's set multiple times.
|
||||||
# readOnly = true;
|
# readOnly = true;
|
||||||
default =
|
default =
|
||||||
|
|
@ -292,7 +231,7 @@ let
|
||||||
};
|
};
|
||||||
tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
|
tf-env = pkgs.callPackage ./run/tf-proxmox/tf-env.nix { };
|
||||||
in
|
in
|
||||||
pkgs.writeShellScriptBin "deploy-ssh.sh" ''
|
''
|
||||||
env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
|
env ${toString (lib.mapAttrsToList (k: v: "TF_VAR_${k}=\"${toBash v}\"") environment)} \
|
||||||
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
|
tf_env=${tf-env} bash ./deployment/run/tf-proxmox/run.sh
|
||||||
'';
|
'';
|
||||||
|
|
@ -364,19 +303,18 @@ in
|
||||||
};
|
};
|
||||||
resources = mkOption {
|
resources = mkOption {
|
||||||
description = "Compute resources required by an application";
|
description = "Compute resources required by an application";
|
||||||
type = application.config.config-mapping.function-type;
|
type = functionTo application.config.config-mapping.output-type;
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = application.config.config-mapping.apply;
|
default = input: (application.config.implementation input).output;
|
||||||
};
|
};
|
||||||
# TODO(@fricklerhandwerk): this needs a better name
|
# TODO(@fricklerhandwerk): this needs a better name, it's just the type
|
||||||
config-mapping = mkOption {
|
config-mapping = mkOption {
|
||||||
description = "Function type for the mapping from application configuration to required resources";
|
description = "Function type for the mapping from application configuration to required resources";
|
||||||
type = functionType;
|
type = submodule functionType;
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = {
|
default = {
|
||||||
input-type = submodule application.config.module;
|
input-type = submodule application.config.module;
|
||||||
output-type = application-resources;
|
output-type = application-resources;
|
||||||
implementation = application.config.implementation;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
@ -408,7 +346,7 @@ in
|
||||||
};
|
};
|
||||||
resource-mapping = mkOption {
|
resource-mapping = mkOption {
|
||||||
description = "Function type for the mapping from resources to a deployment";
|
description = "Function type for the mapping from resources to a deployment";
|
||||||
type = functionType;
|
type = submodule functionType;
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = {
|
default = {
|
||||||
input-type = submodule {
|
input-type = submodule {
|
||||||
|
|
@ -422,26 +360,16 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
output-type = deployment-type;
|
output-type = deployment-type;
|
||||||
implementation = environment.config.implementation;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config-mapping = mkOption {
|
# TODO(@fricklerhandwerk): maybe this should be a separate thing such as `fediversity-setup`,
|
||||||
description = "Mapping from a configuration to a deployment";
|
# which makes explicit which applications and environments are available.
|
||||||
type = functionType;
|
# then the deployments can simply be the result of the function application baked into this module.
|
||||||
|
deployment = mkOption {
|
||||||
|
description = "Generate a deployment from a configuration, by applying an environment's resource policies to the applications' resource mappings";
|
||||||
|
type = functionTo (environment.config.resource-mapping.output-type);
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = {
|
default =
|
||||||
input-type = submodule {
|
|
||||||
options = {
|
|
||||||
deployment-name = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
configuration = mkOption {
|
|
||||||
type = config.configuration;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
output-type = deployment-type;
|
|
||||||
implementation =
|
|
||||||
{
|
{
|
||||||
deployment-name,
|
deployment-name,
|
||||||
configuration,
|
configuration,
|
||||||
|
|
@ -452,17 +380,8 @@ in
|
||||||
name: application-settings: config.applications.${name}.resources application-settings
|
name: application-settings: config.applications.${name}.resources application-settings
|
||||||
) configuration.applications;
|
) configuration.applications;
|
||||||
in
|
in
|
||||||
environment.config.resource-mapping.apply { inherit required-resources deployment-name; };
|
(environment.config.implementation { inherit required-resources deployment-name; }).output;
|
||||||
};
|
|
||||||
};
|
|
||||||
# TODO(@fricklerhandwerk): maybe this should be a separate thing such as `fediversity-setup`,
|
|
||||||
# which makes explicit which applications and environments are available.
|
|
||||||
# then the deployments can simply be the result of the function application baked into this module.
|
|
||||||
deployment = mkOption {
|
|
||||||
description = "Generate a deployment from a configuration, by applying an environment's resource policies to the applications' resource mappings";
|
|
||||||
type = environment.config.config-mapping.function-type;
|
|
||||||
readOnly = true;
|
|
||||||
default = environment.config.config-mapping.apply;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -19,11 +19,6 @@ in
|
||||||
type = optionType;
|
type = optionType;
|
||||||
};
|
};
|
||||||
function-type = mkOption {
|
function-type = mkOption {
|
||||||
type = optionType;
|
|
||||||
readOnly = true;
|
|
||||||
default = functionTo config.output-type;
|
|
||||||
};
|
|
||||||
wrapper-type = mkOption {
|
|
||||||
type = optionType;
|
type = optionType;
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
default = functionTo (submodule {
|
default = functionTo (submodule {
|
||||||
|
|
@ -37,22 +32,5 @@ in
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
implementation = mkOption {
|
|
||||||
type = config.function-type;
|
|
||||||
default = _: { };
|
|
||||||
};
|
|
||||||
wrapper = mkOption {
|
|
||||||
type = config.wrapper-type;
|
|
||||||
readOnly = true;
|
|
||||||
default = input: fn: {
|
|
||||||
inherit input;
|
|
||||||
output = config.implementation fn.config.input;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
apply = mkOption {
|
|
||||||
type = config.function-type;
|
|
||||||
readOnly = true;
|
|
||||||
default = input: (config.wrapper input).output;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
2
deployment/run/ssh-single-host/run.sh
Executable file → Normal file
2
deployment/run/ssh-single-host/run.sh
Executable file → Normal file
|
|
@ -39,7 +39,7 @@ NIX_SSHOPTS="${sshOpts[*]}" nix-copy-closure --to "$destination" "$outPath" --gz
|
||||||
# shellcheck disable=SC2029
|
# shellcheck disable=SC2029
|
||||||
ssh "${sshOpts[@]}" "$destination" "nix-env --profile /nix/var/nix/profiles/system --set $outPath"
|
ssh "${sshOpts[@]}" "$destination" "nix-env --profile /nix/var/nix/profiles/system --set $outPath"
|
||||||
# shellcheck disable=SC2029
|
# shellcheck disable=SC2029
|
||||||
output=$(ssh -o "ConnectTimeout=1" -o "ServerAliveInterval=1" "${sshOpts[@]}" "$destination" "nohup $outPath/bin/switch-to-configuration switch &" 2>&1) || echo "status code: $?"
|
output=$(ssh "${sshOpts[@]}" "$destination" "nohup $outPath/bin/switch-to-configuration switch &" 2>&1) || echo "status code: $?"
|
||||||
echo "output: $output"
|
echo "output: $output"
|
||||||
if [[ $output != *"Timeout, server $host not responding"* ]]; then
|
if [[ $output != *"Timeout, server $host not responding"* ]]; then
|
||||||
echo "non-timeout error: $output"
|
echo "non-timeout error: $output"
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue