Commit graph

5 commits

Author SHA1 Message Date
Florian Klink
d32baeff6c chore(ops/terraform): add license information
This is the result of a `"reuse annotate --copyright "The TVL Authors"
--license MIT"` in that directory, making it conformant with the REUSE
Specification:

https://reuse.software/spec

Change-Id: I13e069b4621e8d5ccb7a09c12f772d70dea40a11
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10170
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-05 12:31:25 +00:00
Florian Klink
14a8ea9eab feat(ops/terraform/deploy-nixos): make target_user_ssh_key optional
In case `target_user_ssh_key` points to an empty string, nixos-copy.sh
just doesn't set `IdentityFile=` at all.

This allows using deploy-nixos without any explicitly passed ssh keys,
but picking up whatever ssh setup the user has configured locally.

Change-Id: If335ce8434627e61da13bf6923b9767085af08a5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8576
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-05-16 09:55:23 +00:00
Florian Klink
774194652b feat(ops/terraform): add trigger to deploy-nixos, remove target_name
This allows passing in custom triggers to trigger a (re)deploy.

For example, a caller can put an AWS instance ID into the triggers to
cause a redeploy whenever the instance ID has changed.

The `target_name` terraform variable was doing something similar, but
`triggers` is more generic, allowing multiple triggers, without having
to stringify them.

We also don't need to trigger on the attrpath - it can be changed, and
as long as it still evaluates to the same
`data.external.nixos_system.result.drv` (which is checked on every
plan), no redeploy needs to be made.

Change-Id: I94ce787a50830b87b6f53c08e042e4abe4036bdd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8191
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
2023-03-03 14:53:43 +00:00
Florian Klink
c3750079f7 feat(ops/terraform): allow specifying an entrypoint for the attrset
This adds an additional parameter `entrypoint`, pointing to a .nix file
(or a directory containing a `default.nix` file) that's providing the
attribute path asked for.

If not set / kept at the default (empty string), it falls back to the
root dir of the repository as before.

Change-Id: I2e63114f21660c842153ac15424b3491d66624d2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8190
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
2023-03-03 14:53:43 +00:00
Vincent Ambo
dbca46d052 feat(ops/terraform): add module for deploying NixOS system closures
This module makes it fairly easy to deploy NixOS system closures using
Terraform, while properly separating the evaluation of a
derivation (to determine whether a deploy is needed) from the building
and copying of the closure itself.

This has been on my stack for a while. It was originally developed for
Resoptima, who agreed to open-sourcing it in depot back when we
completed our work with them. Their contribution has been acknowledged
in the README.

Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: Ica4c170658cd25f1fb7072c9a45735fcc4351474
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7950
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-03-03 10:48:13 +00:00