systems: nixinate -> deploy-rs (again)

this is for rollbacks during the deploy workflow

9 files changed, 101 insertions, 49 deletions

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 4cd02fe..cee7095 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -1,8 +1,8 @@
 name: deploy systems
 
 on:
-  #check_suite:
-  #  types: [completed]
+  push:
+    branches: [main]
   workflow_dispatch:
 
 jobs:
@@ -34,4 +34,7 @@ jobs:
           EOF
 
       - name: deploy all systems
-        run: nix run nixpkgs#just deploy-all
+        run: |
+          nix develop --accept-flake-config \
+            --command bash \
+            --comand "just deploy-all"
diff --git a/README.md b/README.md
index 21f301c..0e0c55e 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,7 @@ there are some amazing tools i use to make/manage this flake that i would highly
 - [home-manager](https://github.com/nix-community/home-manager)
 - [agenix](https://github.com/ryantm/agenix)
 - [flake-parts](https://github.com/hercules-ci/flake-parts)
-- [nixinate](https://github.com/MatthewCroughan/nixinate)
+- [deploy-rs](https://github.com/serokell/deploy-rs)
 - [lanzaboote](https://github.com/nix-community/lanzaboote)
 - [nixos-wsl](https://github.com/nix-community/nixos-wsl)
 - [nix-openwrt-imagebuilder](https://github.com/astro/nix-openwrt-imagebuilder)
diff --git a/dev.nix b/dev.nix
index 896dd84..ae56627 100644
--- a/dev.nix
+++ b/dev.nix
@@ -24,6 +24,7 @@
             actionlint
             alejandra
             deadnix
+            deploy-rs
             fzf
             just
             nil
diff --git a/flake.lock b/flake.lock
index 45c078f..31c2ca6 100644
--- a/flake.lock
+++ b/flake.lock
@@ -121,6 +121,34 @@
         "type": "github"
       }
     },
+    "deploy": {
+      "inputs": {
+        "flake-compat": [
+          "pre-commit",
+          "flake-compat"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "utils": [
+          "pre-commit",
+          "flake-utils"
+        ]
+      },
+      "locked": {
+        "lastModified": 1698921442,
+        "narHash": "sha256-7KmvhQ7FuXlT/wG4zjTssap6maVqeAMBdtel+VjClSM=",
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "rev": "660180bbbeae7d60dad5a92b30858306945fd427",
+        "type": "github"
+      },
+      "original": {
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "type": "github"
+      }
+    },
     "flake-compat": {
       "flake": false,
       "locked": {
@@ -298,26 +326,6 @@
         "type": "github"
       }
     },
-    "nixinate": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1688141737,
-        "narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
-        "owner": "MatthewCroughan",
-        "repo": "nixinate",
-        "rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
-        "type": "github"
-      },
-      "original": {
-        "owner": "MatthewCroughan",
-        "repo": "nixinate",
-        "type": "github"
-      }
-    },
     "nixos-hardware": {
       "locked": {
         "lastModified": 1699159446,
@@ -478,12 +486,12 @@
         "arkenfox": "arkenfox",
         "catppuccin": "catppuccin",
         "darwin": "darwin",
+        "deploy": "deploy",
         "getchoo": "getchoo",
         "getchvim": "getchvim",
         "hm": "hm",
         "lanzaboote": "lanzaboote",
         "nix-index-database": "nix-index-database",
-        "nixinate": "nixinate",
         "nixos-hardware": "nixos-hardware",
         "nixos-wsl": "nixos-wsl",
         "nixpkgs": "nixpkgs",
diff --git a/flake.nix b/flake.nix
index f342e34..029478a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -46,6 +46,15 @@
       };
     };
 
+    deploy = {
+      url = "github:serokell/deploy-rs";
+      inputs = {
+        nixpkgs.follows = "nixpkgs";
+        utils.follows = "pre-commit/flake-utils";
+        flake-compat.follows = "pre-commit/flake-compat";
+      };
+    };
+
     getchoo = {
       url = "github:getchoo/nix-exprs";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -76,11 +85,6 @@
       };
     };
 
-    nixinate = {
-      url = "github:MatthewCroughan/nixinate";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
     nix-index-database = {
       url = "github:nix-community/nix-index-database";
       inputs.nixpkgs.follows = "nixpkgs";
diff --git a/justfile b/justfile
index ac69740..dcbd65e 100644
--- a/justfile
+++ b/justfile
@@ -11,8 +11,8 @@ alias u := update
 alias ui := update-input
 
 rebuildArgs := "--verbose"
-rebuild := if os() == "macos" {"darwin-rebuild"} else {"nixos-rebuild"}
-asRoot := if os() == "linux" {"true"} else {"false"}
+rebuild := if os() == "macos" { "darwin-rebuild" } else { "nixos-rebuild" }
+asRoot := if os() == "linux" { "true" } else { "false" }
 
 default:
     @just --choose
@@ -21,7 +21,7 @@ default:
 [macos]
 [private]
 rebuild subcmd root="false":
-    {{ if root == "true" {"sudo "} else {""} }}{{rebuild}} {{subcmd}} {{rebuildArgs}} --flake .
+    {{ if root == "true" { "sudo " } else { "" } }}{{ rebuild }} {{ subcmd }} {{ rebuildArgs }} --flake .
 
 [linux]
 [macos]
@@ -32,9 +32,10 @@ check:
     nix flake check
 
 deploy host:
-    nix run .#{{ host }}
+    deploy -s .#{{ host }}
 
-deploy-all: (deploy "atlas")
+deploy-all:
+    deploy -s
 
 [linux]
 [macos]
@@ -47,14 +48,14 @@ pre-commit:
 [linux]
 [macos]
 switch:
-    @just rebuild switch {{asRoot}}
+    @just rebuild switch {{ asRoot }}
 
 switch-and-deploy: switch deploy-all
 
 [linux]
 [macos]
 test:
-    @just rebuild test {{asRoot}}
+    @just rebuild test {{ asRoot }}
 
 update:
     nix flake update
diff --git a/systems/atlas/default.nix b/systems/atlas/default.nix
index d241658..e8c28e3 100644
--- a/systems/atlas/default.nix
+++ b/systems/atlas/default.nix
@@ -9,14 +9,6 @@
     ./nginx.nix
   ];
 
-  _module.args.nixinate = {
-    host = "atlas";
-    sshUser = "root";
-    buildOn = "remote";
-    substituteOnTarget = true;
-    hermetic = false;
-  };
-
   age.secrets.teawiebot.file = ../../secrets/systems/atlas/teawieBot.age;
 
   boot = {
diff --git a/systems/default.nix b/systems/default.nix
index 023dc59..5c6703e 100644
--- a/systems/default.nix
+++ b/systems/default.nix
@@ -24,6 +24,10 @@
   mapNixOS = mapSystems inputs.nixpkgs.lib.nixosSystem;
   inherit (import ./common.nix {inherit inputs self;}) darwin nixos server;
 in {
+  imports = [
+    ./deploy.nix
+  ];
+
   flake = {
     darwinConfigurations = mapDarwin {
       caroline = {
@@ -72,8 +76,4 @@ in {
         inherit (inputs) openwrt-imagebuilder;
       });
   };
-
-  perSystem = {system, ...}: {
-    apps = (inputs.nixinate.nixinate.${system} self).nixinate;
-  };
 }
diff --git a/systems/deploy.nix b/systems/deploy.nix
new file mode 100644
index 0000000..186ff37
--- /dev/null
+++ b/systems/deploy.nix
@@ -0,0 +1,43 @@
+{
+  lib,
+  inputs,
+  self,
+  ...
+}: let
+  targets = ["atlas"];
+
+  getDeploy = pkgs:
+    (import pkgs.path {
+      inherit (pkgs) system;
+      overlays = [
+        inputs.deploy.overlay
+        (_: prev: {
+          deploy-rs = {
+            inherit (pkgs) deploy-rs;
+            inherit (prev.deploy-rs) lib;
+          };
+        })
+      ];
+    })
+    .deploy-rs;
+
+  getType = pkgs:
+    if pkgs.stdenv.isDarwin
+    then "darwin"
+    else "nixos";
+
+  toDeployNode = hostname: system: {
+    sshUser = "root";
+    inherit hostname;
+    profiles.system.path = (getDeploy system.pkgs).lib.activate.${getType system.pkgs} system;
+  };
+in {
+  flake.deploy = {
+    remoteBuild = true;
+    fastConnection = false;
+    nodes = lib.pipe (self.nixosConfigurations // self.darwinConfigurations) [
+      (lib.getAttrs targets)
+      (lib.mapAttrs toDeployNode)
+    ];
+  };
+}