From de5fd563c3e7f853e5bf538f3f433e12b3d81690 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Thu, 18 Jan 2024 22:37:39 +0100 Subject: [PATCH] nixinate: migrate from deploy-rs --- README.md | 8 +++---- flake.lock | 37 ++++++++++++++++++++++++++++- flake.nix | 22 ++++------------- machines/deploy.nix | 24 ------------------- machines/newton/configuration.nix | 1 + machines/newton/nixinate.nix | 9 +++++++ machines/serverle/configuration.nix | 1 + machines/serverle/nixinate.nix | 9 +++++++ 8 files changed, 65 insertions(+), 46 deletions(-) delete mode 100644 machines/deploy.nix create mode 100644 machines/newton/nixinate.nix create mode 100644 machines/serverle/nixinate.nix diff --git a/README.md b/README.md index 3744f8a..7ceaa94 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ used flakes: - image generation: [nixos-generators](https://github.com/nix-community/nixos-generators) - disk partitioning: [disko](https://github.com/nix-community/disko) - secrets: [sops-nix](https://github.com/Mic92/sops-nix) -- deployment: [deploy-rs](https://github.com/serokell/deploy-rs), see [usage](#usage) +- deployment: [nixinate](https://github.com/MatthewCroughan/nixinate), see [usage](#usage) - formatting: [pre-commit-hooks](https://github.com/cachix/pre-commit-hooks.nix) - install: [nixos-anywhere](https://github.com/numtide/nixos-anywhere/) @@ -32,10 +32,10 @@ used flakes: nix flake update ``` -- deployment: +- deployment/update: ```bash - deploy .# + nix run .#apps.nixinate. ``` - secrets: @@ -137,5 +137,5 @@ used flakes: - [Nix config by ambroisie](https://github.com/ambroisie/nix-config) - [Nix config by pborzenkov](https://github.com/pborzenkov/nix-config) - [Nix config by nyanloutre](https://gitea.nyanlout.re/nyanloutre/nixos-config) -- [deploy-rs by disassembler](https://samleathers.com/posts/2022-02-03-my-new-network-and-deploy-rs.html) +- [Nix config by disassembler](https://github.com/disassembler/network) - [pre-commit config](https://github.com/cachix/pre-commit-hooks.nix/blob/master/template/flake.nix) diff --git a/flake.lock b/flake.lock index e4e0164..be4a90b 100644 --- a/flake.lock +++ b/flake.lock @@ -234,6 +234,24 @@ "type": "github" } }, + "nixinate": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1688141737, + "narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=", + "owner": "matthewcroughan", + "repo": "nixinate", + "rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9", + "type": "github" + }, + "original": { + "owner": "matthewcroughan", + "repo": "nixinate", + "type": "github" + } + }, "nixlib": { "locked": { "lastModified": 1693701915, @@ -435,6 +453,22 @@ } }, "nixpkgs_3": { + "locked": { + "lastModified": 1653060744, + "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dfd82985c273aac6eced03625f454b334daae2e8", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1704420045, "narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=", @@ -500,9 +534,10 @@ "disko": "disko", "flake-parts": "flake-parts", "nix": "nix", + "nixinate": "nixinate", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "passworts": "passworts", "pre-commit-hooks-nix": "pre-commit-hooks-nix", diff --git a/flake.nix b/flake.nix index ad45a6c..4e92ec8 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,7 @@ nixos-hardware.url = "github:NixOS/nixos-hardware"; deploy-rs.url = "github:serokell/deploy-rs"; + nixinate.url = "github:matthewcroughan/nixinate"; sops-nix = { url = "github:Mic92/sops-nix"; @@ -43,7 +44,7 @@ }; }; - outputs = inputs@{ self, flake-parts, deploy-rs, ... }: + outputs = inputs@{ self, flake-parts, nixinate, ... }: flake-parts.lib.mkFlake { inherit inputs; } { imports = [ @@ -58,11 +59,6 @@ # make pkgs available to all `perSystem` functions _module.args.pkgs = import inputs.nixpkgs { inherit system; - # prevent rebuilding deploy-rs everytime when nixpkgs changes - overlays = [ - deploy-rs.overlay - (_self: super: { deploy-rs = { inherit (pkgs) deploy-rs; inherit (super.deploy-rs) lib; }; }) - ]; }; # enable pre-commit checks @@ -90,9 +86,8 @@ devShells.default = pkgs.mkShellNoCC { nativeBuildInputs = [ inputs'.sops-nix.packages.sops-import-keys-hook - inputs'.deploy-rs.packages.deploy-rs inputs'.disko.packages.disko - # formatters + # formatter + linter pkgs.deadnix pkgs.nixpkgs-fmt pkgs.shellcheck @@ -104,14 +99,7 @@ ''; }; }; - - flake = { - # currently disabled, because this causes rebuilds - # checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; - - deploy = import ./machines/deploy.nix (inputs // { - inherit inputs; - }); - }; + # flake = {}; + flake.apps = inputs.nixinate.nixinate."x86_64-linux" self; }; } diff --git a/machines/deploy.nix b/machines/deploy.nix deleted file mode 100644 index f382af0..0000000 --- a/machines/deploy.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ self, ... }: -let - inherit (self.inputs) deploy-rs; - mkNode = server: hostname: system: { - inherit hostname; - fastConnection = true; - profiles.system.path = - deploy-rs.lib.${system}.activate.nixos - self.nixosConfigurations."${server}"; - }; -in -{ - user = "root"; - sshUser = "felix"; - sshOpts = [ "-i" "~/.ssh/keys/local_ed25519" ]; - #sshOpts = [ "-p" "6158" "-i" "~/.ssh/keys/local_ed25519" ]; - remoteBuild = true; - - nodes = { - thinkman = mkNode "thinkman" "localhost" "x86_64-linux"; - newton = mkNode "newton" "buehler.rocks" "x86_64-linux"; - serverle = mkNode "serverle" "serverle.local" "aarch64-linux"; - }; -} diff --git a/machines/newton/configuration.nix b/machines/newton/configuration.nix index ad663da..cd8a954 100644 --- a/machines/newton/configuration.nix +++ b/machines/newton/configuration.nix @@ -5,6 +5,7 @@ ./disko-config.nix ./hardware-configuration.nix ./network.nix + ./nixinate.nix ./services.nix ./syncthing.nix ./system.nix diff --git a/machines/newton/nixinate.nix b/machines/newton/nixinate.nix new file mode 100644 index 0000000..22c452b --- /dev/null +++ b/machines/newton/nixinate.nix @@ -0,0 +1,9 @@ +_: { + _module.args.nixinate = { + host = "buehler.rocks"; + sshUser = "felix"; + buildOn = "remote"; + substituteOnTarget = true; + hermetic = true; + }; +} diff --git a/machines/serverle/configuration.nix b/machines/serverle/configuration.nix index 9ffde07..4f3ed0e 100644 --- a/machines/serverle/configuration.nix +++ b/machines/serverle/configuration.nix @@ -4,6 +4,7 @@ ./disko-config.nix ./hardware-configuration.nix ./network.nix + ./nixinate.nix ./services.nix ./syncthing.nix ./system.nix diff --git a/machines/serverle/nixinate.nix b/machines/serverle/nixinate.nix new file mode 100644 index 0000000..13109f2 --- /dev/null +++ b/machines/serverle/nixinate.nix @@ -0,0 +1,9 @@ +_: { + _module.args.nixinate = { + host = "serverle.local"; + sshUser = "felix"; + buildOn = "remote"; + substituteOnTarget = true; + hermetic = true; + }; +}