Zhaofeng Li
86eeeece3c
command: Rename introspect
to eval
2021-10-28 17:27:30 -07:00
Zhaofeng Li
f7eb121260
Disallow uninitialized meta.nixpkgs in Flakes
2021-10-28 17:10:58 -07:00
Zhaofeng Li
765f42fa24
introspect: Support actually instantiating the expression
2021-10-28 14:09:35 -07:00
Zhaofeng Li
fac91c524b
Cargo.lock: Update
2021-10-28 14:09:35 -07:00
Zhaofeng Li
6991c91943
.github: Bump actions
2021-10-28 14:09:35 -07:00
Zhaofeng Li
58f2bf391f
src/util.rs: No need to list
2021-10-28 14:09:35 -07:00
Zhaofeng Li
0e0a1e84f0
Make flake resolution (slightly) less terrible
...
Instead of using `path:` which always copies the entire directory,
we now try to resolve the Flake URI using `nix flake metadata` which
may give us a `git+file:`.
2021-10-25 23:38:10 -07:00
Zhaofeng Li
b48753239a
hive.rs: Canonicalize flake path
...
Relative paths are no longer allowed in newer Nix versions.
2021-10-25 21:53:38 -07:00
Zhaofeng Li
f8feb40cbd
flake.lock: Update nixpkgs
2021-10-25 21:47:43 -07:00
Zhaofeng Li
6d6e33fcd4
nix: Remove unneeded ok()
2021-10-23 20:49:14 -07:00
Zhaofeng Li
d5f5ed6abb
Merge pull request #35 from bjornfor/dynamically-select-user
...
Allow selecting ssh user dynamically
2021-10-23 20:47:56 -07:00
Bjørn Forsman
4106a73e75
Allow selecting ssh user dynamically
...
...by setting `deployment.targetUser = null`.
This allows sharing a deployment file (hive.nix/flake.nix) between
multiple admins, without having to use a shared root account.
2021-10-23 15:06:56 +02:00
Zhaofeng Li
d0c89302be
.github: Fix job :/
2021-09-19 22:05:51 -07:00
Zhaofeng Li
1d6ec530ca
.github: Add job to test flake-compat build
2021-09-19 22:03:39 -07:00
Zhaofeng Li
6f5d7aa29b
flake.nix: Clean up and add overlay
2021-09-19 22:03:39 -07:00
Zhaofeng Li
37b43cd6d7
eval.nix: Support autocall for hive configuration
2021-08-26 19:59:22 -07:00
Zhaofeng Li
7cc6552ee3
hive.rs: Remove unwrap in builder_args()
2021-08-26 19:59:22 -07:00
Zhaofeng Li
886b4c9dea
default.nix: Use cargoLock.lockFile
...
Support for directly passing the Cargo.lock was added in
<https://github.com/NixOS/nixpkgs/pull/122158 >.
2021-08-26 13:21:18 -07:00
Zhaofeng Li
db563caad9
.envrc: Use nix-direnv with use flake
2021-08-26 13:15:04 -07:00
Zhaofeng Li
7b69946d98
Ensure key ownerships are set correctly
...
Depending on when keys are uploaded (`deployment.keys.<name>.uploadAt`):
`pre-activation`:
We set the ownerships in the uploader script opportunistically and
continue if the user/group does not exist. Then, in the activation
script, we set the ownerships of all pre-activation keys.
`post-activation`:
We set the ownerships in the uploader script and fail if the
user/group does not exist.
The ownerships will be correct regardless of which mode is in use.
Fixes #23 . Also a more complete solution to #10 .
2021-08-26 12:54:41 -07:00
Zhaofeng Li
e98a66bc2e
Cargo.lock: Update
2021-08-25 09:51:48 -07:00
Zhaofeng Li
24339bcca7
Add deployment.keys.<name>.uploadAt
...
This mirrors the functionality recently added in morph and allows
for the uploading of keys after system profile activation.
Fixes #10 .
2021-08-24 23:25:46 -07:00
Zhaofeng Li
e788fb02d0
LICENSE: Add contributors
2021-08-01 14:20:14 -07:00
Zhaofeng Li
36fd513740
flake.lock: Update
...
A properly-licensed version of flake-compat is now included:
https://github.com/edolstra/flake-compat/pull/23
2021-08-01 14:18:08 -07:00
Zhaofeng Li
135a42b20f
eval.nix: Add meta.specialArgs
2021-07-16 22:52:23 -07:00
Zhaofeng Li
671cf38796
hive.rs: Pass --builders to nix-instantiate as well
2021-07-13 01:38:52 -07:00
Zhaofeng Li
56aa6bf3ce
README.md: Mention that colmena apply
also builds
2021-06-29 15:09:52 -07:00
Zhaofeng Li
3c86de06d9
README.md: Add deployment.tags to example
2021-06-29 11:31:51 -07:00
Zhaofeng Li
c6ac93152c
flake.nix: Pin <nixpkgs> for dev/CI
2021-06-29 02:04:54 -07:00
Zhaofeng Li
c644f79ad1
cli.rs: Indicate support for flakes
2021-06-29 01:19:13 -07:00
Zhaofeng Li
652c66548d
.github: Update test command
2021-06-29 01:15:36 -07:00
Zhaofeng Li
2d1821b20c
.github: Remove wrong Nix installer option
2021-06-29 01:14:08 -07:00
Zhaofeng Li
67db0e73d1
Add check for Flakes support
2021-06-29 01:02:43 -07:00
Zhaofeng Li
e50ba82bf2
Add basic Flakes support
...
Co-authored-by: Alex Zero <joseph@marsden.space>
2021-06-29 01:02:43 -07:00
Zhaofeng Li
9d8153ee6d
Make dev environment flake-compatible
...
Co-authored-by: Alex Zero <joseph@marsden.space>
2021-06-29 01:02:43 -07:00
Zhaofeng Li
8a95ee87b6
default.nix: Fix shell auto-complete generation
2021-06-29 01:02:43 -07:00
Zhaofeng Li
ac67d87be5
Update vendor checksum after update
2021-05-24 00:26:13 -07:00
Zhaofeng Li
22ae18f5e7
Exit with non-zero code if any node fails to deploy
...
The exit codes are in flux and should not be relied upon.
Fixes #28 .
2021-05-24 00:15:38 -07:00
Zhaofeng Li
960af8f793
Add deployment.privilegeEscalationCommand
...
This adds a NixOps-equivalent option for non-root deployment
on remote hosts.
Fixes #27 .
2021-05-24 00:15:38 -07:00
Zhaofeng Li
2581f33dad
nix: Update Nixpkgs
2021-05-24 00:15:38 -07:00
Zhaofeng Li
6517cd9555
Add .envrc for dev shell
2021-05-24 00:15:38 -07:00
Zhaofeng Li
39d612a5e7
ssh: Remove dead code
2021-05-24 00:15:38 -07:00
Zhaofeng Li
99ba8db335
Merge pull request #21 from jasonrm/machines-file
...
eval.nix: Adds meta.machinesFile option that is passed to Nix as builder option
2021-05-07 16:25:36 -07:00
Zhaofeng Li
16ccdbc700
Better handling of killed processes
2021-04-28 15:09:40 -07:00
Zhaofeng Li
90647ed6e9
README.md: Fix typo (mode -> permissions)
...
Fixes #24 .
2021-04-20 16:55:45 -07:00
Zhaofeng Li
44b421c2c7
key.rs: Fix typo (user -> group)
...
Fixes #22 .
2021-04-19 15:40:19 -07:00
Zhaofeng Li
a165520076
Merge pull request #20 from jasonrm/unknown-profiles
...
Warn on unknown remote profiles replacement, error out if node-level option is explicitly enabled
2021-04-10 20:18:45 -07:00
Jason R. McNeil
3ee97c2a76
apply: Add deployment.replaceUnknownProfiles
option and --force-replace-unknown-profiles
switch
...
If `deployment.replaceUnknownProfiles` is set to false, a diverged hive
config (in a shared git repo for example) won't result in accidentally
undoing another applied configuration profile.
The deployment option is set to true so that fiction is minimized from
aggressive garbage collection, first time profile application and low
contention hives.
2021-04-10 13:42:38 -07:00
Jason R. McNeil
e0465567b2
eval.nix: Adds meta.machinesFile option that is passed to Nix as builders argument
2021-04-09 23:54:13 -07:00
Zhaofeng Li
0927fe9dc1
cli: Add hidden command to generate shell autocompletion
2021-03-23 14:14:04 -07:00