felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-24 09:54:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

nixinate: migrate from deploy-rs

Browse source
This commit is contained in:
Felix Buehler 2024-01-18 22:37:39 +01:00
parent 1f940b9852
commit de5fd563c3
8 changed files with 65 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -8,7 +8,7 @@ used flakes:
- image generation: [nixos-generators](https://github.com/nix-community/nixos-generators)
- disk partitioning: [disko](https://github.com/nix-community/disko)
- secrets: [sops-nix](https://github.com/Mic92/sops-nix)
- deployment: [deploy-rs](https://github.com/serokell/deploy-rs), see [usage](#usage)
- deployment: [nixinate](https://github.com/MatthewCroughan/nixinate), see [usage](#usage)
- formatting: [pre-commit-hooks](https://github.com/cachix/pre-commit-hooks.nix)
- install: [nixos-anywhere](https://github.com/numtide/nixos-anywhere/)
@ -32,10 +32,10 @@ used flakes:
nix flake update
```
- deployment:
- deployment/update:
```bash
deploy .#<flake>
nix run .#apps.nixinate.<flake>
```
- secrets:
@ -137,5 +137,5 @@ used flakes:
- [Nix config by ambroisie](https://github.com/ambroisie/nix-config)
- [Nix config by pborzenkov](https://github.com/pborzenkov/nix-config)
- [Nix config by nyanloutre](https://gitea.nyanlout.re/nyanloutre/nixos-config)
- [deploy-rs by disassembler](https://samleathers.com/posts/2022-02-03-my-new-network-and-deploy-rs.html)
- [Nix config by disassembler](https://github.com/disassembler/network)
- [pre-commit config](https://github.com/cachix/pre-commit-hooks.nix/blob/master/template/flake.nix)

37
flake.lock generated
View file

@ -234,6 +234,24 @@
"type": "github"
}
},
"nixinate": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1688141737,
"narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
"owner": "matthewcroughan",
"repo": "nixinate",
"rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
"type": "github"
},
"original": {
"owner": "matthewcroughan",
"repo": "nixinate",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1693701915,
@ -435,6 +453,22 @@
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1653060744,
"narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "dfd82985c273aac6eced03625f454b334daae2e8",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1704420045,
"narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=",
@ -500,9 +534,10 @@
"disko": "disko",
"flake-parts": "flake-parts",
"nix": "nix",
"nixinate": "nixinate",
"nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_4",
"nixpkgs-unstable": "nixpkgs-unstable",
"passworts": "passworts",
"pre-commit-hooks-nix": "pre-commit-hooks-nix",

22
flake.nix
View file

@ -15,6 +15,7 @@
nixos-hardware.url = "github:NixOS/nixos-hardware";
deploy-rs.url = "github:serokell/deploy-rs";
nixinate.url = "github:matthewcroughan/nixinate";
sops-nix = {
url = "github:Mic92/sops-nix";
@ -43,7 +44,7 @@
};
};
outputs = inputs@{ self, flake-parts, deploy-rs, ... }:
outputs = inputs@{ self, flake-parts, nixinate, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
@ -58,11 +59,6 @@
# make pkgs available to all `perSystem` functions
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
# prevent rebuilding deploy-rs everytime when nixpkgs changes
overlays = [
deploy-rs.overlay
(_self: super: { deploy-rs = { inherit (pkgs) deploy-rs; inherit (super.deploy-rs) lib; }; })
];
};
# enable pre-commit checks
@ -90,9 +86,8 @@
devShells.default = pkgs.mkShellNoCC {
nativeBuildInputs = [
inputs'.sops-nix.packages.sops-import-keys-hook
inputs'.deploy-rs.packages.deploy-rs
inputs'.disko.packages.disko
# formatters
# formatter + linter
pkgs.deadnix
pkgs.nixpkgs-fmt
pkgs.shellcheck
@ -104,14 +99,7 @@
'';
};
};
flake = {
# currently disabled, because this causes rebuilds
# checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
deploy = import ./machines/deploy.nix (inputs // {
inherit inputs;
});
};
# flake = {};
flake.apps = inputs.nixinate.nixinate."x86_64-linux" self;
};
}

24
machines/deploy.nix
View file

@ -1,24 +0,0 @@
{ self, ... }:
let
inherit (self.inputs) deploy-rs;
mkNode = server: hostname: system: {
inherit hostname;
fastConnection = true;
profiles.system.path =
deploy-rs.lib.${system}.activate.nixos
self.nixosConfigurations."${server}";
};
in
{
user = "root";
sshUser = "felix";
sshOpts = [ "-i" "~/.ssh/keys/local_ed25519" ];
#sshOpts = [ "-p" "6158" "-i" "~/.ssh/keys/local_ed25519" ];
remoteBuild = true;
nodes = {
thinkman = mkNode "thinkman" "localhost" "x86_64-linux";
newton = mkNode "newton" "buehler.rocks" "x86_64-linux";
serverle = mkNode "serverle" "serverle.local" "aarch64-linux";
};
}

1
machines/newton/configuration.nix
View file

@ -5,6 +5,7 @@
./disko-config.nix
./hardware-configuration.nix
./network.nix
./nixinate.nix
./services.nix
./syncthing.nix
./system.nix

9
machines/newton/nixinate.nix Normal file
View file

@ -0,0 +1,9 @@
_: {
_module.args.nixinate = {
host = "buehler.rocks";
sshUser = "felix";
buildOn = "remote";
substituteOnTarget = true;
hermetic = true;
};
}

1
machines/serverle/configuration.nix
View file

@ -4,6 +4,7 @@
./disko-config.nix
./hardware-configuration.nix
./network.nix
./nixinate.nix
./services.nix
./syncthing.nix
./system.nix

9
machines/serverle/nixinate.nix Normal file
View file

@ -0,0 +1,9 @@
_: {
_module.args.nixinate = {
host = "serverle.local";
sshUser = "felix";
buildOn = "remote";
substituteOnTarget = true;
hermetic = true;
};
}