feat(ops/nixos): Add generic rebuild-system script
This adds a first crack at one idea for a generic, non-user-specific rebuild-system script to ops.nixos.rebuild-system. The idea here is that we enumerate all the nixos systems stored in the monorepo (similarly to what we do for ci-builds right now) then search through them by hostname to find the one matching the hostname of the current system, which is an attempt at a more generic version of tazjin's rebuilder script which does the same thing but with an explicit case block. As a caveat, it feels like there's a slight possibility that this way of finding systems is going to get slow to evaluate - on my system it feels fine but if it grows out of hand it's probably feasible to just bake this into the built script as a dynamically generated case statement. Change-Id: I2e4c5401913b6f4d936ab48ba2f95f96e0e78eb4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/894 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
This commit is contained in:
parent
8bcdff263c
commit
a73714a93c
7 changed files with 63 additions and 21 deletions
|
@ -52,6 +52,9 @@ case "${TARGET_TOOL}" in
|
|||
hash-password)
|
||||
attr="tools.hash-password"
|
||||
;;
|
||||
rebuild-system)
|
||||
attr="ops.nixos.rebuild-system"
|
||||
;;
|
||||
*)
|
||||
echo "The tool '${TARGET_TOOL}' is currently not installed in this repository."
|
||||
exit 1
|
||||
|
|
1
bin/rebuild-system
Symbolic link
1
bin/rebuild-system
Symbolic link
|
@ -0,0 +1 @@
|
|||
__dispatch.sh
|
|
@ -16,6 +16,10 @@ let
|
|||
owo = lib.generators.toPretty {} exp;
|
||||
};
|
||||
|
||||
systemFor = configuration: (depot.third_party.nixos {
|
||||
inherit configuration;
|
||||
}).system;
|
||||
|
||||
in lib.fix (self: {
|
||||
__apprehendEvaluators = throw ''
|
||||
Do not evaluate this attribute set directly. It exists only to group builds
|
||||
|
@ -28,18 +32,10 @@ in lib.fix (self: {
|
|||
# used to trigger builds for each key.
|
||||
__evaluatable = filter (key: (substring 0 2 key) != "__") (attrNames self);
|
||||
|
||||
# List of non-public targets, these are only used in local builds
|
||||
# and not in CI.
|
||||
__nonpublic = with depot; [
|
||||
users.tazjin.nixos.camdenSystem
|
||||
users.tazjin.nixos.frogSystem
|
||||
];
|
||||
|
||||
# Combined list of all the targets, used for building everything locally.
|
||||
__allTargets =
|
||||
(with depot.nix.yants; list drv)
|
||||
(foldl' (x: y: x ++ y) self.__nonpublic
|
||||
(map (k: getAttr k self) self.__evaluatable));
|
||||
(foldl' (x: y: x ++ y) [] (map (k: getAttr k self) self.__evaluatable));
|
||||
|
||||
fun = with depot.fun; [
|
||||
amsterdump
|
||||
|
@ -57,7 +53,7 @@ in lib.fix (self: {
|
|||
journaldriver
|
||||
kontemplate
|
||||
mq_cli
|
||||
nixos.whitby
|
||||
(systemFor nixos.whitby)
|
||||
];
|
||||
|
||||
third_party = with depot.third_party; [
|
||||
|
@ -98,10 +94,12 @@ in lib.fix (self: {
|
|||
emacs
|
||||
finito
|
||||
homepage
|
||||
(systemFor nixos.camden)
|
||||
(systemFor nixos.frog)
|
||||
];
|
||||
|
||||
glittershark = with depot.users.glittershark; [
|
||||
system.system.chupacabra
|
||||
(systemFor system.system.chupacabra)
|
||||
xanthous
|
||||
];
|
||||
})
|
||||
|
|
14
ops/nixos/all-systems.nix
Normal file
14
ops/nixos/all-systems.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ depot, ... }:
|
||||
|
||||
(with depot.ops.nixos; [
|
||||
whitby
|
||||
]) ++
|
||||
|
||||
(with depot.users.tazjin.nixos; [
|
||||
camden
|
||||
frog
|
||||
]) ++
|
||||
|
||||
(with depot.users.glittershark.system.system; [
|
||||
chupacabra
|
||||
])
|
|
@ -6,8 +6,40 @@
|
|||
#
|
||||
# TODO(tazjin): Find a more elegant solution for the whole module
|
||||
# situation.
|
||||
{ ... }@args:
|
||||
{ lib, pkgs, depot, ... }@args:
|
||||
|
||||
{
|
||||
let
|
||||
inherit (lib) findFirst isAttrs;
|
||||
in
|
||||
|
||||
rec {
|
||||
whitby = import ./whitby/default.nix args;
|
||||
|
||||
# System installation
|
||||
|
||||
allSystems = import ./all-systems.nix args;
|
||||
|
||||
nixosFor = configuration: depot.third_party.nixos {
|
||||
inherit configuration;
|
||||
};
|
||||
|
||||
findSystem = hostname:
|
||||
(findFirst
|
||||
(system: system.config.networking.hostName == hostname)
|
||||
(throw "${hostname} is not a known NixOS host")
|
||||
(map nixosFor allSystems));
|
||||
|
||||
rebuild-system = pkgs.writeShellScriptBin "rebuild-system" ''
|
||||
set -ue
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "Oh no! Only root is allowed to rebuild the system!" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Rebuilding NixOS for $HOSTNAME"
|
||||
system=$(nix-build -E "((import ${toString depot.depotPath} {}).ops.nixos.findSystem \"$HOSTNAME\").system" --no-out-link --show-trace)
|
||||
|
||||
nix-env -p /nix/var/nix/profiles/system --set $system
|
||||
$system/bin/switch-to-configuration switch
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -12,11 +12,7 @@ let
|
|||
mkdir -p $out/bin
|
||||
ln -s ${depot.ops.besadii}/bin/besadii $out/bin/post-command
|
||||
'';
|
||||
|
||||
systemForConfig = configuration: (depot.third_party.nixos {
|
||||
inherit configuration;
|
||||
}).system;
|
||||
in systemForConfig {
|
||||
in {
|
||||
inherit depot;
|
||||
imports = [
|
||||
"${depot.depotPath}/ops/nixos/depot.nix"
|
||||
|
|
|
@ -1,9 +1,7 @@
|
|||
{ depot, ... }:
|
||||
|
||||
rec {
|
||||
chupacabra = (depot.third_party.nixos {
|
||||
configuration = import ./machines/chupacabra.nix;
|
||||
}).system;
|
||||
chupacabra = import ./machines/chupacabra.nix;
|
||||
|
||||
rebuilder =
|
||||
let
|
||||
|
|
Loading…
Reference in a new issue