privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

hosts: deploy with cachix deploy, drop deploy-rs

Browse source
This commit is contained in:
Max Headroom 2023-07-23 03:27:24 +02:00
parent 98798af2cc
commit dad5c855c7
1 changed files with 47 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
hosts/deploy.nix
View file

@ -1,43 +1,29 @@
{ config, inputs, lib, self, withSystem, ... }: { config, inputs, lib, self, withSystem, ... }:
let let
inherit (lib) elem mapAttrs toLower; inherit (lib) const elem flip genAttrs mapAttrs;
inherit (config) gods defaultEffectSystem; inherit (config) gods defaultEffectSystem systems;
inherit (self) nixosConfigurations; inherit (self) nixosConfigurations;
meta = import ../tools/meta.nix;
chosenHours = gods.fromLight; chosenHours = gods.fromLight;
withEffectSystem = withSystem defaultEffectSystem; withEffectSystem = withSystem defaultEffectSystem;
callUpon = name: host: withEffectSystem ({ config, hci-effects, ... }: let callUpon = hours: mapAttrs (hour: const nixosConfigurations.${hour}.config.system.build.toplevel) hours;
inherit (hci-effects) runIf runNixOS; in
inherit (host.enterprise) subdomain;
hostname = "${toLower name}.${subdomain}.${meta.domain}"; {
herculesCI = { config, ... }: {
deploy-rs = inputs.deploy-rs.lib."${host.system}"; onPush.default.outputs.effects.callUponTheHours = withEffectSystem ({ hci-effects, ... }: let
in { inherit (hci-effects) runIf runCachixDeploy;
effect = { branch, ... }: runIf (elem branch [ "master" "staging" ]) in runIf (elem config.repo.branch [ "master" "staging" ]) (
(runNixOS rec { runCachixDeploy {
requiredSystemFeatures = [ "hci-deploy-agent-nixos" ]; async = true;
deploy = {
inherit (nixosConfigurations.${name}) config; agents = callUpon chosenHours;
rollbackScript = genAttrs systems (flip withSystem ({ pkgs, ... }:
secretsMap.ssh = "deploy-ssh"; let
scheduleReboot = pkgs.writeShellScript "schedule-reboot.sh" ''
userSetupScript = ''
writeSSHKey ssh
cat >>~/.ssh/known_hosts <<EOF
${hostname} ${host.ssh.id.publicKey}
EOF
'';
ssh.destination = "root@${hostname}";
postEffect = let
scheduleReboot = builtins.toFile "schedule-reboot.sh" /*bash*/ ''
currentTime=$(date +%s) currentTime=$(date +%s)
lastScheduledTime=$(consul kv get system/coordinated-reboot/last) lastScheduledTime=$(consul kv get system/coordinated-reboot/last)
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
@ -56,40 +42,20 @@ let
org.freedesktop.login1.Manager \ org.freedesktop.login1.Manager \
ScheduleShutdown st reboot ''${nextScheduledTime}000000 ScheduleShutdown st reboot ''${nextScheduledTime}000000
''; '';
in hci-effects.ssh ssh /*bash*/ '' in pkgs.writeShellScript "post-effect.sh" ''
export PATH="${pkgs.consul}/bin:${pkgs.coreutils}/bin"
if [[ "$(realpath /run/booted-system/kernel)" != "$(realpath /run/current-system/kernel)" ]]; then if [[ "$(realpath /run/booted-system/kernel)" != "$(realpath /run/current-system/kernel)" ]]; then
echo "Scheduling reboot for kernel upgrade" echo "Scheduling reboot for kernel upgrade"
if ! consul members >/dev/null; then if ! consul members >/dev/null; then
echo "Consul not active, skipping reboot" echo "Consul not active, skipping reboot"
exit 0 exit 0
fi fi
consul lock --timeout=3m system/coordinated-reboot bash ${scheduleReboot} consul lock --timeout=3m system/coordinated-reboot ${scheduleReboot}
fi fi
''; ''
}); ));
deploy = {
inherit hostname;
profiles.system = {
user = "root";
sshUser = "deploy";
path = deploy-rs.activate.nixos self.nixosConfigurations.${name};
}; };
}
));
}; };
});
calledUponHours = mapAttrs callUpon chosenHours;
pick = format: _: calledUponHour: calledUponHour.${format};
in
{
herculesCI = { config, ... }: let
powers = mapAttrs (pick "effect") calledUponHours;
wield = mapAttrs (_: wieldPowerWith: wieldPowerWith config.repo);
in {
onPush.default.outputs.effects = wield powers;
};
flake.deploy.nodes = mapAttrs (pick "deploy") calledUponHours;
} }