felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-24 09:54:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

nixinate: migrate from deploy-rs

Browse source
This commit is contained in:
Felix Buehler 2024-01-18 22:37:39 +01:00
parent 1f940b9852
commit de5fd563c3
8 changed files with 65 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -8,7 +8,7 @@ used flakes:
- image generation: [nixos-generators](https://github.com/nix-community/nixos-generators) - image generation: [nixos-generators](https://github.com/nix-community/nixos-generators)
- disk partitioning: [disko](https://github.com/nix-community/disko) - disk partitioning: [disko](https://github.com/nix-community/disko)
- secrets: [sops-nix](https://github.com/Mic92/sops-nix) - secrets: [sops-nix](https://github.com/Mic92/sops-nix)
- deployment: [deploy-rs](https://github.com/serokell/deploy-rs), see [usage](#usage) - deployment: [nixinate](https://github.com/MatthewCroughan/nixinate), see [usage](#usage)
- formatting: [pre-commit-hooks](https://github.com/cachix/pre-commit-hooks.nix) - formatting: [pre-commit-hooks](https://github.com/cachix/pre-commit-hooks.nix)
- install: [nixos-anywhere](https://github.com/numtide/nixos-anywhere/) - install: [nixos-anywhere](https://github.com/numtide/nixos-anywhere/)
@ -32,10 +32,10 @@ used flakes:
nix flake update nix flake update
``` ```
- deployment: - deployment/update:
```bash ```bash
deploy .#<flake> nix run .#apps.nixinate.<flake>
``` ```
- secrets: - secrets:
@ -137,5 +137,5 @@ used flakes:
- [Nix config by ambroisie](https://github.com/ambroisie/nix-config) - [Nix config by ambroisie](https://github.com/ambroisie/nix-config)
- [Nix config by pborzenkov](https://github.com/pborzenkov/nix-config) - [Nix config by pborzenkov](https://github.com/pborzenkov/nix-config)
- [Nix config by nyanloutre](https://gitea.nyanlout.re/nyanloutre/nixos-config) - [Nix config by nyanloutre](https://gitea.nyanlout.re/nyanloutre/nixos-config)
- [deploy-rs by disassembler](https://samleathers.com/posts/2022-02-03-my-new-network-and-deploy-rs.html) - [Nix config by disassembler](https://github.com/disassembler/network)
- [pre-commit config](https://github.com/cachix/pre-commit-hooks.nix/blob/master/template/flake.nix) - [pre-commit config](https://github.com/cachix/pre-commit-hooks.nix/blob/master/template/flake.nix)

37
flake.lock generated
View file

@ -234,6 +234,24 @@
"type": "github" "type": "github"
} }
}, },
"nixinate": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1688141737,
"narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
"owner": "matthewcroughan",
"repo": "nixinate",
"rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
"type": "github"
},
"original": {
"owner": "matthewcroughan",
"repo": "nixinate",
"type": "github"
}
},
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1693701915, "lastModified": 1693701915,
@ -435,6 +453,22 @@
} }
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": {
"lastModified": 1653060744,
"narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "dfd82985c273aac6eced03625f454b334daae2e8",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1704420045, "lastModified": 1704420045,
"narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=", "narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=",
@ -500,9 +534,10 @@
"disko": "disko", "disko": "disko",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"nix": "nix", "nix": "nix",
"nixinate": "nixinate",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_4",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"passworts": "passworts", "passworts": "passworts",
"pre-commit-hooks-nix": "pre-commit-hooks-nix", "pre-commit-hooks-nix": "pre-commit-hooks-nix",

22
flake.nix
View file

@ -15,6 +15,7 @@
nixos-hardware.url = "github:NixOS/nixos-hardware"; nixos-hardware.url = "github:NixOS/nixos-hardware";
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
nixinate.url = "github:matthewcroughan/nixinate";
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
@ -43,7 +44,7 @@
}; };
}; };
outputs = inputs@{ self, flake-parts, deploy-rs, ... }: outputs = inputs@{ self, flake-parts, nixinate, ... }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ imports = [
@ -58,11 +59,6 @@
# make pkgs available to all `perSystem` functions # make pkgs available to all `perSystem` functions
_module.args.pkgs = import inputs.nixpkgs { _module.args.pkgs = import inputs.nixpkgs {
inherit system; inherit system;
# prevent rebuilding deploy-rs everytime when nixpkgs changes
overlays = [
deploy-rs.overlay
(_self: super: { deploy-rs = { inherit (pkgs) deploy-rs; inherit (super.deploy-rs) lib; }; })
];
}; };
# enable pre-commit checks # enable pre-commit checks
@ -90,9 +86,8 @@
devShells.default = pkgs.mkShellNoCC { devShells.default = pkgs.mkShellNoCC {
nativeBuildInputs = [ nativeBuildInputs = [
inputs'.sops-nix.packages.sops-import-keys-hook inputs'.sops-nix.packages.sops-import-keys-hook
inputs'.deploy-rs.packages.deploy-rs
inputs'.disko.packages.disko inputs'.disko.packages.disko
# formatters # formatter + linter
pkgs.deadnix pkgs.deadnix
pkgs.nixpkgs-fmt pkgs.nixpkgs-fmt
pkgs.shellcheck pkgs.shellcheck
@ -104,14 +99,7 @@
''; '';
}; };
}; };
# flake = {};
flake = { flake.apps = inputs.nixinate.nixinate."x86_64-linux" self;
# currently disabled, because this causes rebuilds
# checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
deploy = import ./machines/deploy.nix (inputs // {
inherit inputs;
});
};
}; };
} }

24
machines/deploy.nix
View file

@ -1,24 +0,0 @@
{ self, ... }:
let
inherit (self.inputs) deploy-rs;
mkNode = server: hostname: system: {
inherit hostname;
fastConnection = true;
profiles.system.path =
deploy-rs.lib.${system}.activate.nixos
self.nixosConfigurations."${server}";
};
in
{
user = "root";
sshUser = "felix";
sshOpts = [ "-i" "~/.ssh/keys/local_ed25519" ];
#sshOpts = [ "-p" "6158" "-i" "~/.ssh/keys/local_ed25519" ];
remoteBuild = true;
nodes = {
thinkman = mkNode "thinkman" "localhost" "x86_64-linux";
newton = mkNode "newton" "buehler.rocks" "x86_64-linux";
serverle = mkNode "serverle" "serverle.local" "aarch64-linux";
};
}

1
machines/newton/configuration.nix
View file

@ -5,6 +5,7 @@
./disko-config.nix ./disko-config.nix
./hardware-configuration.nix ./hardware-configuration.nix
./network.nix ./network.nix
./nixinate.nix
./services.nix ./services.nix
./syncthing.nix ./syncthing.nix
./system.nix ./system.nix

9
machines/newton/nixinate.nix Normal file
View file

@ -0,0 +1,9 @@
_: {
_module.args.nixinate = {
host = "buehler.rocks";
sshUser = "felix";
buildOn = "remote";
substituteOnTarget = true;
hermetic = true;
};
}

1
machines/serverle/configuration.nix
View file

@ -4,6 +4,7 @@
./disko-config.nix ./disko-config.nix
./hardware-configuration.nix ./hardware-configuration.nix
./network.nix ./network.nix
./nixinate.nix
./services.nix ./services.nix
./syncthing.nix ./syncthing.nix
./system.nix ./system.nix

9
machines/serverle/nixinate.nix Normal file
View file

@ -0,0 +1,9 @@
_: {
_module.args.nixinate = {
host = "serverle.local";
sshUser = "felix";
buildOn = "remote";
substituteOnTarget = true;
hermetic = true;
};
}