tvl-depot/users/sterni/machines/default.nix

{ depot, lib, pkgs, ... }:

let
  bins = depot.nix.getBins pkgs.nq [ "fq" "nq" ];

  machines = lib.mapAttrs
    (name: _:
      depot.ops.nixos.nixosFor (import (./. + ("/" + name)))
    )
    (lib.filterAttrs (_: type: type == "directory") (builtins.readDir ./.));

  # TODO(sterni): share code with rebuild-system
  localDeployScriptFor = { system, ... }:
    pkgs.writeShellScript "local-deploy-${system.name}" ''
      set -eu
      nix-env -p /nix/var/nix/profiles/system --set "${system}"
      "${system}/bin/switch-to-configuration" switch
    '';

  # Builds the system on the remote machine
  deployScriptFor = { system, ... }@machine:
    pkgs.writeShellScript "remote-deploy-${system.name}" ''
      set -eu

      if [ $# != 1 ]; then
        printf 'usage: %s [USER@]HOST' "$0"
        exit 100
      fi

      readonly TARGET_HOST="$1"
      readonly DEPLOY_DRV="${
        builtins.unsafeDiscardOutputDependency (
          # Wrapper script around localDeployScriptFor that merely starts the
          # local deploy script using and nq and then waits using fq. This means
          # we can't Ctrl-C the deploy and it won't be terminated by a lost
          # connection.
          pkgs.writeShellScript "queue-deploy-${system.name}" ''
            readonly STATE_DIR="''${XDG_STATE_HOME:-$HOME/.local/state}/sterni-deploy"
            mkdir -p "$STATE_DIR"

            export NQDIR="$STATE_DIR"

            "${bins.nq}" "${localDeployScriptFor machine}"
            "${bins.fq}"
          ''
        ).drvPath
      }"

      nix-copy-closure -s --gzip --to "$TARGET_HOST" "$DEPLOY_DRV"

      readonly DEPLOY_OUT="$(ssh "$TARGET_HOST" "nix-store -r '$DEPLOY_DRV'")"

      ssh "$TARGET_HOST" "$DEPLOY_OUT"
    '';

in

depot.nix.readTree.drvTargets (
  # this somehow becomes necessarily ugly with nixpkgs-fmt
  machines // { inherit deployScriptFor; } //

  lib.mapAttrs'
    (name: _: {
      name = "${name}System";
      value = machines.${name}.system;
    })
    machines

    //

  lib.mapAttrs'
    (name: _: {
      name = "${name}Deploy";
      value = deployScriptFor machines.${name};
    })
    machines
)
feat(sterni/machines): add edwin This adds edwin, the machine running sterni.lv, as well as my idiosyncratic deployment solution. It is based on instantiating the system configuration locally (where you'd work on the configuration), copying the derivation files to the remote machine where the system derivation is realised and deployed. Unfortunately, the first step tends to be quite slow (despite gzip compression), so this may not be the definite way despite its advantages. Change-Id: I30f597692338df3981e01a1b7eee9cdad48f94cb Reviewed-on: https://cl.tvl.fyi/c/depot/+/7293 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI 2022-06-06 12:37:11 +02:00			`{ depot, lib, pkgs, ... }:`

			`let`
			`bins = depot.nix.getBins pkgs.nq [ "fq" "nq" ];`

			`machines = lib.mapAttrs`
			`(name: _:`
			`depot.ops.nixos.nixosFor (import (./. + ("/" + name)))`
			`)`
			`(lib.filterAttrs (_: type: type == "directory") (builtins.readDir ./.));`

			`# TODO(sterni): share code with rebuild-system`
			`localDeployScriptFor = { system, ... }:`
			`pkgs.writeShellScript "local-deploy-${system.name}" ''`
			`set -eu`
			`nix-env -p /nix/var/nix/profiles/system --set "${system}"`
			`"${system}/bin/switch-to-configuration" switch`
			`'';`

			`# Builds the system on the remote machine`
			`deployScriptFor = { system, ... }@machine:`
			`pkgs.writeShellScript "remote-deploy-${system.name}" ''`
			`set -eu`

			`if [ $# != 1 ]; then`
			`printf 'usage: %s [USER@]HOST' "$0"`
			`exit 100`
			`fi`

			`readonly TARGET_HOST="$1"`
			`readonly DEPLOY_DRV="${`
			`builtins.unsafeDiscardOutputDependency (`
			`# Wrapper script around localDeployScriptFor that merely starts the`
			`# local deploy script using and nq and then waits using fq. This means`
			`# we can't Ctrl-C the deploy and it won't be terminated by a lost`
			`# connection.`
			`pkgs.writeShellScript "queue-deploy-${system.name}" ''`
			`readonly STATE_DIR="''${XDG_STATE_HOME:-$HOME/.local/state}/sterni-deploy"`
			`mkdir -p "$STATE_DIR"`

			`export NQDIR="$STATE_DIR"`

			`"${bins.nq}" "${localDeployScriptFor machine}"`
			`"${bins.fq}"`
			`''`
			`).drvPath`
			`}"`

			`nix-copy-closure -s --gzip --to "$TARGET_HOST" "$DEPLOY_DRV"`

			`readonly DEPLOY_OUT="$(ssh "$TARGET_HOST" "nix-store -r '$DEPLOY_DRV'")"`

			`ssh "$TARGET_HOST" "$DEPLOY_OUT"`
			`'';`

			`in`

			`depot.nix.readTree.drvTargets (`
			`# this somehow becomes necessarily ugly with nixpkgs-fmt`
			`machines // { inherit deployScriptFor; } //`

			`lib.mapAttrs'`
			`(name: _: {`
			`name = "${name}System";`
			`value = machines.${name}.system;`
			`})`
			`machines`

			`//`

			`lib.mapAttrs'`
			`(name: _: {`
			`name = "${name}Deploy";`
			`value = deployScriptFor machines.${name};`
			`})`
			`machines`
			`)`