Merge branch 'hci-improvements'
This commit is contained in:
commit
771ed52c59
3 changed files with 81 additions and 14 deletions
54
flake.lock
54
flake.lock
|
@ -295,11 +295,11 @@
|
|||
"pre-commit-hooks-nix": "pre-commit-hooks-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1650986041,
|
||||
"narHash": "sha256-D3tzjgLOt7I25iT0THEP2dz8PQHpWgJ2zPt7C5VeOrY=",
|
||||
"lastModified": 1653393452,
|
||||
"narHash": "sha256-d0GasBxQxvNBXt614BCohYVy448KCGEekZWX2Ck8wC4=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-agent",
|
||||
"rev": "2da921cf6f6d95fba10ba7ec93578bcb02d89231",
|
||||
"rev": "44b7776f36934cd588612069679ec308f0efba78",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -308,6 +308,24 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hercules-ci-effects": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1653415319,
|
||||
"narHash": "sha256-h+YUX7ZYujf73KL1R07LsEnhV7uV8oxSKEhH4bDj0Jc=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-effects",
|
||||
"rev": "1f904af1824e7393702daaf40a8fed56ebead0d7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "hercules-ci-effects",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -424,7 +442,7 @@
|
|||
"nix": {
|
||||
"inputs": {
|
||||
"lowdown-src": "lowdown-src",
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
"nixpkgs": "nixpkgs_5"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1606150835,
|
||||
|
@ -482,15 +500,16 @@
|
|||
},
|
||||
"nixos-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1649417654,
|
||||
"narHash": "sha256-IKC+25OiNIGPIGs0iBg/gx1lrGR4N5MGe5x+sGi7vzw=",
|
||||
"lastModified": 1650701402,
|
||||
"narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "5df8b35e4f4074bd8b77eed10b267b6e5d029d6c",
|
||||
"rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -555,6 +574,22 @@
|
|||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1647297614,
|
||||
"narHash": "sha256-ulGq3W5XsrBMU/u5k9d4oPy65pQTkunR4HKKtTq0RwY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "73ad5f9e147c0d2a2061f1d4bd91e05078dc0b58",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1602702596,
|
||||
"narHash": "sha256-fqJ4UgOb4ZUnCDIapDb4gCrtAah5Rnr2/At3IzMitig=",
|
||||
|
@ -569,7 +604,7 @@
|
|||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_5": {
|
||||
"nixpkgs_6": {
|
||||
"locked": {
|
||||
"lastModified": 1650998007,
|
||||
"narHash": "sha256-NcJnbGDBBN023x8s3ll3HZxBcQoPq1ry9E2sjg+4flc=",
|
||||
|
@ -670,11 +705,12 @@
|
|||
"devshell": "devshell",
|
||||
"dream2nix": "dream2nix",
|
||||
"hercules-ci-agent": "hercules-ci-agent",
|
||||
"hercules-ci-effects": "hercules-ci-effects",
|
||||
"home-manager": "home-manager",
|
||||
"mms": "mms",
|
||||
"nar-serve": "nar-serve",
|
||||
"nix-super": "nix-super",
|
||||
"nixpkgs": "nixpkgs_5"
|
||||
"nixpkgs": "nixpkgs_6"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
|
|
24
flake.nix
24
flake.nix
|
@ -28,6 +28,7 @@
|
|||
mms.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
hercules-ci-agent.url = "github:hercules-ci/hercules-ci-agent";
|
||||
hercules-ci-effects.url = "github:hercules-ci/hercules-ci-effects";
|
||||
};
|
||||
outputs = { self, nixpkgs, home-manager, ... }@inputs:
|
||||
let
|
||||
|
@ -61,6 +62,26 @@
|
|||
};
|
||||
mkNixOS = mkNixOS' lib;
|
||||
|
||||
mkDeployEffect = branch: name: host: let
|
||||
subdomain = host.enterprise.subdomain or "services";
|
||||
hostname = "${lib.toLower name}.${subdomain}.${meta.domain}";
|
||||
in effects.runIf (branch == "master") (effects.runNixOS {
|
||||
requiredSystemFeatures = [ "hci-deploy-agent-nixos" ];
|
||||
config = self.nixosConfigurations.${name}.config // { outPath = "wtfwtfwtfwtfwtfwtf"; };
|
||||
secretsMap.ssh = "deploy-ssh";
|
||||
|
||||
userSetupScript = ''
|
||||
writeSSHKey ssh
|
||||
cat >>~/.ssh/known_hosts <<EOF
|
||||
${hostname} ${host.ssh.id.publicKey}
|
||||
EOF
|
||||
'';
|
||||
ssh.destination = "root@${hostname}";
|
||||
});
|
||||
|
||||
mkDeployEffects = branch: hostnames: lib.genAttrs hostnames
|
||||
(name: mkDeployEffect branch name hosts.${name});
|
||||
|
||||
mkDeploy = name: let
|
||||
host = hosts.${name};
|
||||
subdomain = host.enterprise.subdomain or "services";
|
||||
|
@ -82,6 +103,7 @@
|
|||
pkgs = nixpkgsFor system;
|
||||
});
|
||||
|
||||
effects = inputs.hercules-ci-effects.lib.withPkgs (nixpkgsFor "x86_64-linux");
|
||||
in {
|
||||
nixosModules = aspect.modules;
|
||||
|
||||
|
@ -100,5 +122,7 @@
|
|||
systems = lib.mapAttrs (_: x: x.config.system.build.toplevel) self.nixosConfigurations;
|
||||
inherit (self) packages;
|
||||
};
|
||||
|
||||
effects = { branch, ... }: mkDeployEffects branch nixosHosts;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +1,16 @@
|
|||
let tools = import ./lib/tools.nix;
|
||||
{ inputs, pkgs, system, ... }:
|
||||
let
|
||||
tools = import ./lib/tools.nix;
|
||||
packages = builtins.mapAttrs (_: v: v.packages.${system}) inputs;
|
||||
in with tools;
|
||||
{ inputs, pkgs, system, ... }: rec {
|
||||
inherit (inputs.deploy-rs.packages.${system}) deploy-rs;
|
||||
rec {
|
||||
inherit (packages.deploy-rs) deploy-rs;
|
||||
|
||||
nix-super = inputs.nix-super.defaultPackage.${system};
|
||||
nix-super = packages.nix-super.nix;
|
||||
|
||||
agenix = inputs.agenix.packages.${system}.agenix.override { nix = nix-super; };
|
||||
agenix = packages.agenix.agenix.override { nix = nix-super; };
|
||||
|
||||
hercules-ci-agent = packages.hercules-ci-agent.hercules-ci-agent;
|
||||
|
||||
hci = packages.hercules-ci-agent.hercules-ci-cli;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue