2021-12-15 06:25:58 +00:00
|
|
|
{ self
|
2022-02-04 18:41:53 +00:00
|
|
|
, hosts
|
2021-12-27 18:21:16 +00:00
|
|
|
, modules ? [ ]
|
2021-09-10 03:46:13 +00:00
|
|
|
}:
|
|
|
|
|
|
2021-12-06 23:42:54 +00:00
|
|
|
let
|
2021-12-15 06:25:58 +00:00
|
|
|
inherit (self.inputs) nixpkgs;
|
|
|
|
|
inherit (self) nixosConfigurations;
|
|
|
|
|
|
2021-12-06 23:42:54 +00:00
|
|
|
helpers = system:
|
|
|
|
|
let
|
|
|
|
|
inherit (nixpkgs.lib) concatMapStrings;
|
2021-12-27 18:21:16 +00:00
|
|
|
inherit (nixpkgs.legacyPackages.${system}) pkgs;
|
2021-12-06 23:42:54 +00:00
|
|
|
|
|
|
|
|
sshKnownHostsTxt = pkgs.writeText "known_hosts" (concatMapStrings
|
|
|
|
|
(hostName:
|
2021-12-27 18:21:16 +00:00
|
|
|
let m = nixosConfigurations.${hostName}.config.sconfig;
|
2021-12-06 23:42:54 +00:00
|
|
|
in concatMapStrings (key: "${m.deployment.targetHost} ${key}\n") m.sshPublicKeys
|
|
|
|
|
)
|
|
|
|
|
(builtins.attrNames nixosConfigurations)
|
|
|
|
|
);
|
|
|
|
|
|
2021-12-21 05:39:24 +00:00
|
|
|
hostSshConfigs = concatMapStrings
|
|
|
|
|
(hostName: ''
|
|
|
|
|
Host ${hostName}
|
2021-12-27 18:21:16 +00:00
|
|
|
HostName ${nixosConfigurations.${hostName}.config.sconfig.deployment.targetHost}
|
2021-12-21 05:39:24 +00:00
|
|
|
'')
|
|
|
|
|
(builtins.attrNames nixosConfigurations);
|
|
|
|
|
|
2021-12-06 23:42:54 +00:00
|
|
|
sshConfig = pkgs.writeText "ssh_config" ''
|
|
|
|
|
StrictHostKeyChecking yes
|
|
|
|
|
GlobalKnownHostsFile ${sshKnownHostsTxt}
|
2021-12-21 05:39:24 +00:00
|
|
|
${hostSshConfigs}
|
2021-12-21 15:06:06 +00:00
|
|
|
Host *
|
|
|
|
|
User root
|
2021-12-06 23:42:54 +00:00
|
|
|
'';
|
|
|
|
|
|
2021-12-21 14:58:43 +00:00
|
|
|
livecd-deploy = pkgs.writeShellScript "livecd-deploy" ''
|
|
|
|
|
set -eux
|
|
|
|
|
config=".#nixosConfigurations.\"$1\".config"
|
2021-12-27 18:21:16 +00:00
|
|
|
ip="$(nix eval --raw "$config.sconfig.deployment.targetHost")"
|
2021-12-21 14:58:43 +00:00
|
|
|
ssh-copy-id root@$ip
|
|
|
|
|
sys="$(nix eval --raw "$config.system.build.toplevel")"
|
|
|
|
|
nix build "$config.system.build.toplevel" --out-link "$(mktemp -d)/result"
|
|
|
|
|
nix copy --to ssh://root@$ip?remote-store=local?root=/mnt "$sys"
|
|
|
|
|
ssh root@$ip nix-env --store /mnt -p /mnt/nix/var/nix/profiles/system --set "$sys"
|
|
|
|
|
ssh root@$ip mkdir /mnt/etc
|
|
|
|
|
ssh root@$ip touch /mnt/etc/NIXOS
|
|
|
|
|
ssh root@$ip ln -sfn /proc/mounts /mnt/etc/mtab
|
|
|
|
|
ssh root@$ip NIXOS_INSTALL_BOOTLOADER=1 nixos-enter \
|
|
|
|
|
--root /mnt -- /run/current-system/bin/switch-to-configuration boot
|
|
|
|
|
'';
|
|
|
|
|
|
2021-12-27 18:21:16 +00:00
|
|
|
check-updates = pkgs.writeShellScript "check-updates" ''
|
|
|
|
|
set -eu
|
|
|
|
|
export SSH_CONFIG_FILE=${sshConfig}
|
|
|
|
|
c="${pkgs.colmena}/bin/colmena"
|
2022-01-02 22:34:13 +00:00
|
|
|
j="$($c eval -E '{nodes,...}: builtins.mapAttrs (n: v: v.config.system.build.toplevel) nodes')"
|
2022-01-04 16:54:12 +00:00
|
|
|
$c exec -- '[ "$(echo '"'$j'"' | jq -r .\"$(hostname)\")" = "$(readlink /run/current-system)" ]'
|
2021-12-27 18:21:16 +00:00
|
|
|
'';
|
|
|
|
|
|
2022-01-02 22:40:07 +00:00
|
|
|
check-reboots = pkgs.writeShellScript "check-reboots" ''
|
|
|
|
|
set -eu
|
|
|
|
|
export SSH_CONFIG_FILE=${sshConfig}
|
|
|
|
|
c="${pkgs.colmena}/bin/colmena"
|
|
|
|
|
$c exec -- '[ "$(readlink /run/booted-system/kernel)" = "$(readlink /run/current-system/kernel)" ]'
|
|
|
|
|
'';
|
|
|
|
|
|
2021-12-06 23:42:54 +00:00
|
|
|
in
|
2022-05-31 02:26:30 +00:00
|
|
|
{ inherit check-updates check-reboots livecd-deploy pkgs sshConfig; };
|
2021-12-06 23:42:54 +00:00
|
|
|
|
|
|
|
|
in
|
2021-09-10 03:46:13 +00:00
|
|
|
{
|
2021-12-06 23:42:54 +00:00
|
|
|
devShell = system: with helpers system;
|
|
|
|
|
pkgs.mkShell {
|
2021-12-27 18:21:16 +00:00
|
|
|
buildInputs = [ pkgs.colmena ];
|
2021-12-06 23:42:54 +00:00
|
|
|
shellHook = ''
|
|
|
|
|
export SSH_CONFIG_FILE=${sshConfig}
|
2021-12-21 05:39:24 +00:00
|
|
|
alias ssh='ssh -F${sshConfig}'
|
2021-12-21 06:47:07 +00:00
|
|
|
alias check-updates=${check-updates}
|
2022-01-02 22:40:07 +00:00
|
|
|
alias check-reboots=${check-reboots}
|
2021-12-21 14:58:43 +00:00
|
|
|
alias livecd-deploy=${livecd-deploy}
|
2021-12-27 18:21:16 +00:00
|
|
|
alias c=colmena
|
2021-12-06 23:42:54 +00:00
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
2021-12-27 18:21:16 +00:00
|
|
|
colmena =
|
2022-01-05 22:44:32 +00:00
|
|
|
{ meta.nixpkgs = nixpkgs.legacyPackages."x86_64-linux"; } //
|
2021-12-27 18:21:16 +00:00
|
|
|
builtins.mapAttrs
|
|
|
|
|
(name: value: {
|
2022-02-04 18:41:53 +00:00
|
|
|
imports = value.modules ++ [
|
2021-12-27 18:21:16 +00:00
|
|
|
({ config, ... }: { inherit (config.sconfig) deployment; })
|
2021-09-10 03:46:13 +00:00
|
|
|
];
|
2021-12-27 18:21:16 +00:00
|
|
|
})
|
2022-02-04 18:41:53 +00:00
|
|
|
(hosts);
|
2021-09-10 03:46:13 +00:00
|
|
|
}
|
