forked from Fediversity/Fediversity
Kiara Grouwstra
6a1db9750d
deduplicate flake inputs
make re-exports explicit again
Revert "deduplicate flake inputs"
This reverts commit 95769084ce.
switch launch shell to root flake's nixpkgs, see #279
use flake-sourced nixos-anywhere in tf, to reproduce modules for nix
properly pass repo dir for prod, be it with hard-coded TF init
move tf init out of python over read-only nix env
skip tf lock in views.py over read-only nix env
specify XDG_CACHE_HOME, workaround to error writing to /var/empty/.cache
update
document updating TF module
get TF in prod to the same 'installable ... does not correspond to a Nix language value' for non-flakes
seemingly gets further when a similar command is tried from terminal.
as per https://github.com/NixOS/nix/issues/8752#issuecomment-1694714693,
this may have to do with aligning the current working directory.
rm launch flake, as i seem to have reached similar progress without it
update nixos-anywhere to fix error 'installable ... does not correspond to a Nix language value'
rm comment
untrack TF generated provider/module stuff - local dev now requires following launch/README.md
for now gitignore .auto.tfvars.json used to track TF module of nixos-anywhere
in case we want that file for something else, we can move this (and its
ignore) to something separate.
use a mutable HOME in TF for nixos-anywhere to make a `.ssh` dir in - will this not backfire?
change ssh user to root
allow accessing test vms from fedi201's machine ssh key, closes #286
allow accessing test vms from fedi201's machine ssh key, closes #286
update nixpkgs to unstable - resolves manual deploy error on bootloader already on newer version
switch to bash deployment
tmp
16 lines
1.1 KiB
Bash
Executable file
16 lines
1.1 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
set -uex -o pipefail
|
|
declare domain hostname config initialUser
|
|
eval "$(jq -r '@sh "domain=\(.domain) hostname=\(.hostname) config=\(.config) initialUser=\(.initialUser)"')"
|
|
TARGET_HOST="${hostname}.abundos.eu"
|
|
TARGET="root@${TARGET_HOST}"
|
|
wrapper="$(mktemp -d)/wrapper.nix"
|
|
echo "(import $(readlink -f "./${config}.nix")).extendModules { specialArgs.terraform = { domain = \"${domain}\"; hostname = \"${hostname}\"; initialUser = builtins.fromJSON ''${initialUser}''; }; }" > "$wrapper"
|
|
NIXOS_SYSTEM=$(nix build --no-link --json --option show-trace true --file "$wrapper" "config.system.build.toplevel" | jq -r '.[].outputs.out')
|
|
sshOpts=(-p 22 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no)
|
|
NIX_SSHOPTS="${sshOpts[*]}" nix copy -s --experimental-features nix-command --to "ssh://$TARGET" "$NIXOS_SYSTEM"
|
|
switchCommand="nix-env -p /nix/var/nix/profiles/system --set $(printf "%q" "$NIXOS_SYSTEM"); /nix/var/nix/profiles/system/bin/switch-to-configuration switch"
|
|
deploy_status=0
|
|
# shellcheck disable=SC2029
|
|
ssh "${sshOpts[@]}" "$TARGET" "$switchCommand" || deploy_status="$?"
|
|
exit "$deploy_status"
|