From abbca7a98382f7e958982f03b8f8437c7a3aec50 Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Mon, 27 May 2024 17:51:18 +0000 Subject: [PATCH 1/2] feat(apps): add git-push and deploy scripts for darwin and nixos instead of rsync'ing the flake to the machine, the workflow will be to push the desired repository state to host-specific branches from which they can subsequently be deployed. --- README.md | 23 +++++++----- modules/flake-parts/apps.deploy-/darwin.nix | 10 ++--- modules/flake-parts/apps.deploy-/linux.nix | 8 ++-- .../flake-parts/apps.git-push-/default.nix | 37 +++++++++++++++++++ 4 files changed, 59 insertions(+), 19 deletions(-) create mode 100644 modules/flake-parts/apps.git-push-/default.nix diff --git a/README.md b/README.md index 05d538dd..c5a2728e 100644 --- a/README.md +++ b/README.md @@ -63,24 +63,29 @@ After making changes to the configuration files of a host, a flake app must be e ```command nix flake show ``` - -notice apps prefixed with `deploy-` +notice apps prefixed with `ssh-`, `git-push-`, and `deploy-`. ### Deploy changes to host +Prerequisites: +* all relevant changes are committed to the current branch. +* `git push` access to holochain/holochain-infra +* authorized key for the `deployUser` on the remote host + +The first command will push the current git HEAD to the `origin` git remote at a branch specific to the hostname. +The second command will cause a `nixos-rebuild switch ...` on the host from its branch. + ```command +nix run .\#git-push-{hostname} nix run .#deploy-{hostname} ``` -### Deploy to all hosts +These scripts also have arguments for rudimentary customization. +Here, it pushes to the git remote called `upstream`, and then runs a `build` (instead of a `switch`) on the remote host: ``` -nix run .\#deploy-linux-builder-01 -nix run .\#deploy-dweb-reverse-tls-proxy -nix run .\#deploy-macos-01 -nix run .\#deploy-macos-02 -nix run .\#deploy-macos-03 -nix run .\#deploy-macos-04 +nix run .\#git-push-sbd-0_main_infra_holo_host upstream +nix run .\#deploy-sbd-0_main_infra_holo_host build ``` ### Update dependencies (nixpkgs version) diff --git a/modules/flake-parts/apps.deploy-/darwin.nix b/modules/flake-parts/apps.deploy-/darwin.nix index 85d6964d..820d7d66 100644 --- a/modules/flake-parts/apps.deploy-/darwin.nix +++ b/modules/flake-parts/apps.deploy-/darwin.nix @@ -18,17 +18,17 @@ ])}:$PATH" set -x - rsync -r --delete ${self}/ ${deployUser}@${hostName}:/private/tmp/deploy-flake + flake_base=github:holochain/holochain-infra/deploy/${attrName} ssh ${deployUser}@${hostName} /nix/var/nix/profiles/default/bin/nix \ --extra-experimental-features '"flakes nix-command"' \ - build \ + build --refresh \ -o /private/tmp/next-system \ - /private/tmp/deploy-flake#darwinConfigurations.'"${attrName}"'.system + $flake_base#darwinConfigurations.'"${attrName}"'.system ssh ${deployUser}@${hostName} /private/tmp/next-system/sw/bin/darwin-rebuild \ - -j4 \ - "''${1:-switch}" --flake /private/tmp/deploy-flake#'"${attrName}"' + -j4 --refresh \ + "''${1:-switch}" --flake $flake_base#'"${attrName}"' ''; mkDarwinDeployApp = attrName: config: diff --git a/modules/flake-parts/apps.deploy-/linux.nix b/modules/flake-parts/apps.deploy-/linux.nix index 0be94a85..d3df5eb6 100644 --- a/modules/flake-parts/apps.deploy-/linux.nix +++ b/modules/flake-parts/apps.deploy-/linux.nix @@ -12,16 +12,14 @@ pkgs.writeShellScript "deploy-${hostName}" '' set -Eeo pipefail export PATH="${lib.makeBinPath (with pkgs; [ - nix - rsync + git + coreutils ])}:$PATH" set -x - rsync -r --delete ${self}/ root@${hostName}:/tmp/deploy-flake - ssh root@${hostName} nixos-rebuild \ -j4 \ - "''${1:-switch}" --flake /tmp/deploy-flake#'"${attrName}"' + "''${1:-switch}" --flake github:holochain/holochain-infra/deploy/${attrName}#'"${attrName}"' ''; mkLinuxDeployApp = attrName: config: diff --git a/modules/flake-parts/apps.git-push-/default.nix b/modules/flake-parts/apps.git-push-/default.nix new file mode 100644 index 00000000..5b02d568 --- /dev/null +++ b/modules/flake-parts/apps.git-push-/default.nix @@ -0,0 +1,37 @@ +{ + self, + lib, + ... +}: { + perSystem = {pkgs, ...}: let + mkGitPush = { + attrName, + hostName, + }: + pkgs.writeShellScript "git-push-${hostName}" '' + set -Eeou pipefail + export PATH="${lib.makeBinPath (with pkgs; [ + git + ])}:$PATH" + set -x + + remote=''${1:-origin} + local_branch=''${2:-HEAD} + shift || : + shift || : + + git push $remote $local_branch:refs/heads/deploy/${attrName} ''${@} + ''; + + mkGitPushApp = attrName: config: + lib.nameValuePair "git-push-${attrName}" { + type = "app"; + program = builtins.toString (mkGitPush { + inherit attrName; + inherit (config.config) hostName; + }); + }; + in { + config.apps = lib.mapAttrs' mkGitPushApp (self.darwinConfigurations // self.nixosConfigurations); + }; +} From b5706e0d43845f512589784c3e3a9dd69dc1a300 Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Mon, 27 May 2024 18:53:07 +0000 Subject: [PATCH 2/2] feat(holo-deploy): store a representation of sourceInfo on the filesystem this will allow to verify whether a machine differs from its deploy branch in the repository. --- .../darwinConfigurations.macos-01/default.nix | 2 ++ .../darwinConfigurations.macos-02/default.nix | 2 ++ .../darwinConfigurations.macos-03/default.nix | 2 ++ .../darwinConfigurations.macos-04/default.nix | 2 ++ .../darwinConfigurations.macos-05/default.nix | 2 ++ .../darwinConfigurations.macos-06/default.nix | 2 ++ .../{speicalArgs.nix => specialArgs.nix} | 0 modules/nixos/holo-deploy.nix | 18 +++++++++++++++++- 8 files changed, 29 insertions(+), 1 deletion(-) rename modules/flake-parts/{speicalArgs.nix => specialArgs.nix} (100%) diff --git a/modules/flake-parts/darwinConfigurations.macos-01/default.nix b/modules/flake-parts/darwinConfigurations.macos-01/default.nix index 1c5f2f9d..2c0b25be 100644 --- a/modules/flake-parts/darwinConfigurations.macos-01/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-01/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-01 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/darwinConfigurations.macos-02/default.nix b/modules/flake-parts/darwinConfigurations.macos-02/default.nix index e454dcc4..112914dc 100644 --- a/modules/flake-parts/darwinConfigurations.macos-02/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-02/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-02 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/darwinConfigurations.macos-03/default.nix b/modules/flake-parts/darwinConfigurations.macos-03/default.nix index 2e355d0a..6941bb05 100644 --- a/modules/flake-parts/darwinConfigurations.macos-03/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-03/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-03 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/darwinConfigurations.macos-04/default.nix b/modules/flake-parts/darwinConfigurations.macos-04/default.nix index 9adde8c1..50bd9ff0 100644 --- a/modules/flake-parts/darwinConfigurations.macos-04/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-04/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-04 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/darwinConfigurations.macos-05/default.nix b/modules/flake-parts/darwinConfigurations.macos-05/default.nix index 60e97fe7..bf84099f 100644 --- a/modules/flake-parts/darwinConfigurations.macos-05/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-05/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-05 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/darwinConfigurations.macos-06/default.nix b/modules/flake-parts/darwinConfigurations.macos-06/default.nix index 301155d5..e5d9191f 100644 --- a/modules/flake-parts/darwinConfigurations.macos-06/default.nix +++ b/modules/flake-parts/darwinConfigurations.macos-06/default.nix @@ -1,4 +1,5 @@ { + self, lib, inputs, ... @@ -7,6 +8,7 @@ in { flake.darwinConfigurations.macos-06 = inputs.darwin.lib.darwinSystem { inherit system inputs; + inherit (self) specialArgs; modules = [ ./configuration.nix ../../nixos/macos.nix diff --git a/modules/flake-parts/speicalArgs.nix b/modules/flake-parts/specialArgs.nix similarity index 100% rename from modules/flake-parts/speicalArgs.nix rename to modules/flake-parts/specialArgs.nix diff --git a/modules/nixos/holo-deploy.nix b/modules/nixos/holo-deploy.nix index 1bce3c67..6166737f 100644 --- a/modules/nixos/holo-deploy.nix +++ b/modules/nixos/holo-deploy.nix @@ -1,4 +1,8 @@ -{lib, ...}: { +{ + self, + lib, + ... +}: { options = { deployUser = lib.mkOption { type = lib.types.str; @@ -10,4 +14,16 @@ description = "IP addres or host name to connect to the host"; }; }; + + config = { + environment.etc."nix/sourceInfo.json" = { + enable = true; + text = builtins.toJSON (builtins.removeAttrs self.sourceInfo ["outPath"]); + }; + + environment.etc."nix/source" = { + enable = true; + text = self.sourceInfo.outPath; + }; + }; }