9e9284fc86
This will be an additional web host / fallback git server for whitby incidents. Change-Id: Icd6f7ce574ffd520b5783a50ff317feed7b71fc6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5297 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
55 lines
1.6 KiB
Nix
55 lines
1.6 KiB
Nix
# Helper functions for instantiating depot-compatible NixOS machines.
|
|
{ depot, lib, pkgs, ... }@args:
|
|
|
|
let inherit (lib) findFirst isAttrs;
|
|
in rec {
|
|
# This provides our standard set of arguments to all NixOS modules.
|
|
baseModule = { ... }: {
|
|
# Ensure that pkgs == third_party.nix
|
|
nixpkgs.pkgs = depot.third_party.nixpkgs;
|
|
nix.nixPath = [
|
|
"nixos=${pkgs.path}"
|
|
"nixpkgs=${pkgs.path}"
|
|
];
|
|
};
|
|
|
|
nixosFor = configuration: (depot.third_party.nixos {
|
|
configuration = { ... }: {
|
|
imports = [
|
|
baseModule
|
|
configuration
|
|
];
|
|
};
|
|
|
|
specialArgs = {
|
|
inherit (args) depot;
|
|
};
|
|
});
|
|
|
|
findSystem = hostname:
|
|
(findFirst
|
|
(system: system.config.networking.hostName == hostname)
|
|
(throw "${hostname} is not a known NixOS host")
|
|
(map nixosFor depot.ops.machines.all-systems));
|
|
|
|
rebuild-system = rebuildSystemWith depot.path;
|
|
|
|
rebuildSystemWith = depotPath: pkgs.writeShellScriptBin "rebuild-system" ''
|
|
set -ue
|
|
if [[ $EUID -ne 0 ]]; then
|
|
echo "Oh no! Only root is allowed to rebuild the system!" >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "Rebuilding NixOS for $HOSTNAME"
|
|
system=$(${pkgs.nix}/bin/nix-build -E "((import ${depotPath} {}).ops.nixos.findSystem \"$HOSTNAME\").system" --no-out-link --show-trace)
|
|
|
|
${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set $system
|
|
$system/bin/switch-to-configuration switch
|
|
'';
|
|
|
|
# Systems that should be built in CI
|
|
whitbySystem = (nixosFor depot.ops.machines.whitby).system;
|
|
sandunySystem = (nixosFor depot.ops.machines.sanduny).system;
|
|
meta.ci.targets = [ "sandunySystem" "whitbySystem" ];
|
|
}
|