diff options
| -rw-r--r-- | .github/workflows/deploy.yaml | 2 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | ci.nix | 23 | ||||
| -rw-r--r-- | dev.nix | 1 | ||||
| -rw-r--r-- | flake.lock | 50 | ||||
| -rw-r--r-- | flake.nix | 14 | ||||
| -rw-r--r-- | garnix.yaml | 1 | ||||
| -rw-r--r-- | justfile | 17 | ||||
| -rw-r--r-- | systems/atlas/default.nix | 8 | ||||
| -rw-r--r-- | systems/default.nix | 6 | ||||
| -rw-r--r-- | systems/deploy.nix | 43 |
11 files changed, 106 insertions, 61 deletions
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index a1da783..185ea67 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -47,7 +47,7 @@ jobs: - name: Run deploy run: | nix develop --accept-flake-config \ - --command just deploy-all + --command deploy opentofu: name: Apply OpenTofu plan @@ -37,8 +37,8 @@ there are some amazing tools i use to make/manage this flake that i would highly - [garnix](https://garnix.io) - [home-manager](https://github.com/nix-community/home-manager) - [agenix](https://github.com/ryantm/agenix) +- [deploy-rs](https://github.com/serokell/deploy-rs) - [flake-parts](https://github.com/hercules-ci/flake-parts) -- [nixinate](https://github.com/MatthewCroughan/nixinate) - [terranix](https://github.com/terranix/terranix) - [lanzaboote](https://github.com/nix-community/lanzaboote) - [nixos-wsl](https://github.com/nix-community/nixos-wsl) @@ -14,15 +14,20 @@ (lib.filterAttrs (_: v: v.pkgs.system == system)) (lib.mapAttrsToList (_: v: v.config.system.build.toplevel or v.activationPackage)) ]; + + required = lib.concatLists [ + systems + # and other checks + (builtins.attrValues (builtins.removeAttrs config.checks ["ciGate"])) + ]; + + paths = + builtins.foldl' ( + acc: deriv: + acc // {${deriv.pname or deriv.name} = deriv.path or deriv.outPath;} + ) {} + required; in { - checks = { - ciGate = pkgs.runCommand "ci-gate" { - nativeBuildInputs = lib.concatLists [ - systems - # and other checks - (builtins.attrValues (builtins.removeAttrs config.checks ["ciGate"])) - ]; - } "touch $out"; - }; + packages.ciGate = pkgs.linkFarm "ci-gate" paths; }; } @@ -30,6 +30,7 @@ statix # utils + deploy-rs fzf just jq @@ -121,6 +121,34 @@ "type": "github" } }, + "deploy": { + "inputs": { + "flake-compat": [ + "pre-commit", + "flake-compat" + ], + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "pre-commit", + "flake-utils" + ] + }, + "locked": { + "lastModified": 1702460489, + "narHash": "sha256-H6s6oVLvx7PCjUcvfkB89Bb+kbaiJxTAgWfMjiQTjA0=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "915327515f5fd1b7719c06e2f1eb304ee0bdd803", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, "fenix": { "inputs": { "nixpkgs": [ @@ -362,26 +390,6 @@ "type": "github" } }, - "nixinate": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1688141737, - "narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=", - "owner": "MatthewCroughan", - "repo": "nixinate", - "rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9", - "type": "github" - }, - "original": { - "owner": "MatthewCroughan", - "repo": "nixinate", - "type": "github" - } - }, "nixos-hardware": { "locked": { "lastModified": 1701656485, @@ -542,12 +550,12 @@ "arkenfox": "arkenfox", "catppuccin": "catppuccin", "darwin": "darwin", + "deploy": "deploy", "firefox-addons": "firefox-addons", "getchvim": "getchvim", "hm": "hm", "lanzaboote": "lanzaboote", "nix-index-database": "nix-index-database", - "nixinate": "nixinate", "nixos-hardware": "nixos-hardware", "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs", @@ -46,6 +46,15 @@ }; }; + deploy = { + url = "github:serokell/deploy-rs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-compat.follows = "pre-commit/flake-compat"; + utils.follows = "pre-commit/flake-utils"; + }; + }; + firefox-addons = { url = "sourcehut:~rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs = { @@ -79,11 +88,6 @@ }; }; - nixinate = { - url = "github:MatthewCroughan/nixinate"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - nix-index-database = { url = "github:nix-community/nix-index-database"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/garnix.yaml b/garnix.yaml index bb7a2d0..56fb2e4 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -6,3 +6,4 @@ builds: - "devShells.x86_64-linux.default" - "nixosConfigurations.*" - "homeConfigurations.seth" + - "packages.*.*" @@ -25,22 +25,17 @@ rebuild subcmd root="false": [linux] [macos] +boot: + @just rebuild boot {{ asRoot }} + +[linux] +[macos] build: @just rebuild build check: nix flake check -deploy host: - nix run .#{{ host }} - -deploy-all: - nix eval \ - --json ".#apps.x86_64-linux" \ - --apply builtins.attrNames \ - | jq -c '.[]' | grep -v -E "dry-run|apply|destroy|tofu-config|plan" \ - | while read -r c; do nix run ".#$c"; done - [linux] [macos] dry-run: @@ -54,8 +49,6 @@ pre-commit: switch: @just rebuild switch {{ asRoot }} -switch-and-deploy: switch deploy-all - [linux] [macos] test: diff --git a/systems/atlas/default.nix b/systems/atlas/default.nix index bce1a04..2a8346f 100644 --- a/systems/atlas/default.nix +++ b/systems/atlas/default.nix @@ -10,14 +10,6 @@ ./nginx.nix ]; - _module.args.nixinate = { - host = "atlas"; - sshUser = "root"; - buildOn = "remote"; - substituteOnTarget = true; - hermetic = false; - }; - age.secrets.teawiebot.file = secretsDir + "/teawieBot.age"; boot = { diff --git a/systems/default.nix b/systems/default.nix index c442d90..de2f9e1 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -28,6 +28,8 @@ mapNixOS = mapSystems inputs.nixpkgs.lib.nixosSystem; inherit (import ./common.nix {inherit inputs self;}) darwin nixos server; in { + imports = [./deploy.nix]; + flake = { darwinConfigurations = mapDarwin { caroline = { @@ -76,8 +78,4 @@ in { inherit (inputs) openwrt-imagebuilder; }); }; - - perSystem = {system, ...}: { - apps = (inputs.nixinate.nixinate.${system} self).nixinate; - }; } diff --git a/systems/deploy.nix b/systems/deploy.nix new file mode 100644 index 0000000..186ff37 --- /dev/null +++ b/systems/deploy.nix @@ -0,0 +1,43 @@ +{ + lib, + inputs, + self, + ... +}: let + targets = ["atlas"]; + + getDeploy = pkgs: + (import pkgs.path { + inherit (pkgs) system; + overlays = [ + inputs.deploy.overlay + (_: prev: { + deploy-rs = { + inherit (pkgs) deploy-rs; + inherit (prev.deploy-rs) lib; + }; + }) + ]; + }) + .deploy-rs; + + getType = pkgs: + if pkgs.stdenv.isDarwin + then "darwin" + else "nixos"; + + toDeployNode = hostname: system: { + sshUser = "root"; + inherit hostname; + profiles.system.path = (getDeploy system.pkgs).lib.activate.${getType system.pkgs} system; + }; +in { + flake.deploy = { + remoteBuild = true; + fastConnection = false; + nodes = lib.pipe (self.nixosConfigurations // self.darwinConfigurations) [ + (lib.getAttrs targets) + (lib.mapAttrs toDeployNode) + ]; + }; +} |