forked from Fediversity/Fediversity
91 lines
2.2 KiB
Nix
91 lines
2.2 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
inputs,
|
|
...
|
|
}:
|
|
let
|
|
inherit (import ./constants.nix) pathToRoot pathFromRoot;
|
|
inherit (pkgs) system;
|
|
# escapedJson = v: lib.replaceStrings [ "\"" ] [ "\\\\\"" ] (lib.strings.toJSON v);
|
|
deployment-config = {
|
|
inherit pathToRoot pathFromRoot;
|
|
inherit (config) enableAcme;
|
|
acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
|
|
nodeName = "target";
|
|
};
|
|
inherit
|
|
((import ../common/data-model.nix {
|
|
inherit system inputs;
|
|
config = deployment-config;
|
|
})."tf-deployment".tf-host.ssh
|
|
)
|
|
host
|
|
username
|
|
# key-file
|
|
;
|
|
tf-vars = {
|
|
inherit host username system;
|
|
config_nix = lib.strings.toJSON deployment-config;
|
|
# config_nix = escapedJson deployment-config;
|
|
# config_tf = ;
|
|
};
|
|
tf-env = pkgs.callPackage ./tf-env.nix { };
|
|
in
|
|
{
|
|
_class = "nixosTest";
|
|
imports = [
|
|
../common/data-model-options.nix
|
|
];
|
|
|
|
name = "deployment-model";
|
|
sourceFileset = lib.fileset.unions [
|
|
../../data-model.nix
|
|
../../function.nix
|
|
../common/data-model.nix
|
|
../common/data-model-options.nix
|
|
./constants.nix
|
|
./main.tf
|
|
./variables.tf
|
|
./deploy.sh
|
|
];
|
|
|
|
nodes.deployer =
|
|
{ pkgs, ... }:
|
|
{
|
|
# nixpkgs.config.allowUnfree = lib.mkForce true;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
(pkgs.callPackage ./tf.nix { })
|
|
jq
|
|
];
|
|
|
|
# needed only when building from deployer
|
|
system.extraDependenciesFromModule =
|
|
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = with pkgs; [
|
|
hello
|
|
];
|
|
};
|
|
};
|
|
|
|
extraTestScript = ''
|
|
with subtest("ssh: Check the status before deployment"):
|
|
target.fail("hello 1>&2")
|
|
|
|
with subtest("ssh: Run the deployment"):
|
|
deployer.succeed("""
|
|
set -xeuo pipefail
|
|
${lib.concatStringsSep "\n" (lib.mapAttrsToList (k: v: ''export TF_VAR_${k}='${v}';'') tf-vars)}
|
|
export TF_LOG=info
|
|
|
|
cd "${tf-env}/deployment/check/data-model-tf"
|
|
# parallelism=1: limit OOM risk
|
|
tofu apply --auto-approve -lock=false -parallelism=1
|
|
""")
|
|
target.wait_for_unit("multi-user.target")
|
|
target.succeed("su - operator -c hello 1>&2")
|
|
'';
|
|
}
|