From dad5c855c77541ae6253db7717dfbdda4ea2d117 Mon Sep 17 00:00:00 2001 From: Max Date: Sun, 23 Jul 2023 03:27:24 +0200 Subject: [PATCH] hosts: deploy with cachix deploy, drop deploy-rs --- hosts/deploy.nix | 128 +++++++++++++++++------------------------------ 1 file changed, 47 insertions(+), 81 deletions(-) diff --git a/hosts/deploy.nix b/hosts/deploy.nix index 9052429..65ca360 100644 --- a/hosts/deploy.nix +++ b/hosts/deploy.nix @@ -1,95 +1,61 @@ { config, inputs, lib, self, withSystem, ... }: let - inherit (lib) elem mapAttrs toLower; - inherit (config) gods defaultEffectSystem; + inherit (lib) const elem flip genAttrs mapAttrs; + inherit (config) gods defaultEffectSystem systems; inherit (self) nixosConfigurations; - meta = import ../tools/meta.nix; - chosenHours = gods.fromLight; withEffectSystem = withSystem defaultEffectSystem; - callUpon = name: host: withEffectSystem ({ config, hci-effects, ... }: let - inherit (hci-effects) runIf runNixOS; - inherit (host.enterprise) subdomain; - - hostname = "${toLower name}.${subdomain}.${meta.domain}"; - - deploy-rs = inputs.deploy-rs.lib."${host.system}"; - in { - effect = { branch, ... }: runIf (elem branch [ "master" "staging" ]) - (runNixOS rec { - requiredSystemFeatures = [ "hci-deploy-agent-nixos" ]; - - inherit (nixosConfigurations.${name}) config; - - secretsMap.ssh = "deploy-ssh"; - - userSetupScript = '' - writeSSHKey ssh - cat >>~/.ssh/known_hosts </dev/null; then - echo "Consul not active, skipping reboot" - exit 0 - fi - consul lock --timeout=3m system/coordinated-reboot bash ${scheduleReboot} - fi - ''; - }); - - deploy = { - inherit hostname; - profiles.system = { - user = "root"; - sshUser = "deploy"; - path = deploy-rs.activate.nixos self.nixosConfigurations.${name}; - }; - }; - }); - - calledUponHours = mapAttrs callUpon chosenHours; - - pick = format: _: calledUponHour: calledUponHour.${format}; + callUpon = hours: mapAttrs (hour: const nixosConfigurations.${hour}.config.system.build.toplevel) hours; in { - herculesCI = { config, ... }: let - powers = mapAttrs (pick "effect") calledUponHours; - wield = mapAttrs (_: wieldPowerWith: wieldPowerWith config.repo); - in { - onPush.default.outputs.effects = wield powers; + herculesCI = { config, ... }: { + onPush.default.outputs.effects.callUponTheHours = withEffectSystem ({ hci-effects, ... }: let + inherit (hci-effects) runIf runCachixDeploy; + in runIf (elem config.repo.branch [ "master" "staging" ]) ( + runCachixDeploy { + async = true; + deploy = { + agents = callUpon chosenHours; + rollbackScript = genAttrs systems (flip withSystem ({ pkgs, ... }: + let + scheduleReboot = pkgs.writeShellScript "schedule-reboot.sh" '' + currentTime=$(date +%s) + lastScheduledTime=$(consul kv get system/coordinated-reboot/last) + if [[ $? -ne 0 ]]; then + lastScheduledTime=$((currentTime - 300)) + fi + nextScheduledTime=$((lastScheduledTime + 900)) + if [[ $nextScheduledTime -lt $((currentTime + 300)) ]]; then + nextScheduledTime=$((currentTime + 300)) + fi + consul kv put system/coordinated-reboot/last $nextScheduledTime + echo "Scheduling reboot for $nextScheduledTime" + systemd-analyze timestamp @$nextScheduledTime + busctl call \ + org.freedesktop.login1 \ + /org/freedesktop/login1 \ + org.freedesktop.login1.Manager \ + ScheduleShutdown st reboot ''${nextScheduledTime}000000 + ''; + in pkgs.writeShellScript "post-effect.sh" '' + export PATH="${pkgs.consul}/bin:${pkgs.coreutils}/bin" + if [[ "$(realpath /run/booted-system/kernel)" != "$(realpath /run/current-system/kernel)" ]]; then + echo "Scheduling reboot for kernel upgrade" + if ! consul members >/dev/null; then + echo "Consul not active, skipping reboot" + exit 0 + fi + consul lock --timeout=3m system/coordinated-reboot ${scheduleReboot} + fi + '' + )); + }; + } + )); }; - - flake.deploy.nodes = mapAttrs (pick "deploy") calledUponHours; }