seang96/nixos-config
1
0
Fork 0
mirror of https://github.com/buckley310/nixos-config.git synced 2024-11-09 18:47:02 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

morph -> colmena

Browse source
This commit is contained in:
Sean Buckley 2021-12-27 13:21:16 -05:00
parent 913f79a3a9
commit b82b4d92b3
4 changed files with 55 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake.nix
View file

@ -5,12 +5,12 @@
let let
mypkgs = import ./pkgs; mypkgs = import ./pkgs;
morphHosts = import lib/morph.nix; deploy = import lib/deploy.nix;
hardware = import lib/hardware.nix; hardware = import lib/hardware.nix "${nixpkgs}/nixos/modules";
forAllSystems = f: builtins.listToAttrs (map forAllSystems = f: builtins.listToAttrs (map
(name: { inherit name; value = f name; }) (name: { inherit name; value = f name; })
(with nixpkgs.lib.systems.supported; tier1 ++ tier2)); [ "x86_64-linux" "aarch64-linux" ]);
pins = { pins = {
nix.registry.nixpkgs.flake = nixpkgs; nix.registry.nixpkgs.flake = nixpkgs;
@ -23,7 +23,7 @@
in in
{ {
lib = { inherit forAllSystems morphHosts hardware; }; lib = { inherit forAllSystems hardware deploy; };
nixosModules = nixosModules =
{ inherit pins; } // { inherit pins; } //

72
lib/morph.nix → lib/deploy.nix
View file

@ -1,22 +1,20 @@
{ self { self
, extraMorphModules ? [ ] , system ? "x86_64-linux"
, modules ? [ ]
}: }:
# to use this library, add the following to "morph.nix" in your repo:
# (builtins.getFlake (toString ./.)).morph-entrypoint builtins.currentSystem
let let
inherit (self.inputs) nixpkgs; inherit (self.inputs) nixpkgs;
inherit (self) nixosConfigurations; inherit (self) nixosConfigurations;
helpers = system: helpers = system:
let let
pkgs = nixpkgs.legacyPackages.${system};
inherit (nixpkgs.lib) concatMapStrings; inherit (nixpkgs.lib) concatMapStrings;
inherit (nixpkgs.legacyPackages.${system}) pkgs;
sshKnownHostsTxt = pkgs.writeText "known_hosts" (concatMapStrings sshKnownHostsTxt = pkgs.writeText "known_hosts" (concatMapStrings
(hostName: (hostName:
let m = nixosConfigurations.${hostName}.config.sconfig.morph; let m = nixosConfigurations.${hostName}.config.sconfig;
in concatMapStrings (key: "${m.deployment.targetHost} ${key}\n") m.sshPublicKeys in concatMapStrings (key: "${m.deployment.targetHost} ${key}\n") m.sshPublicKeys
) )
(builtins.attrNames nixosConfigurations) (builtins.attrNames nixosConfigurations)
@ -25,7 +23,7 @@ let
hostSshConfigs = concatMapStrings hostSshConfigs = concatMapStrings
(hostName: '' (hostName: ''
Host ${hostName} Host ${hostName}
HostName ${nixosConfigurations.${hostName}.config.sconfig.morph.deployment.targetHost} HostName ${nixosConfigurations.${hostName}.config.sconfig.deployment.targetHost}
'') '')
(builtins.attrNames nixosConfigurations); (builtins.attrNames nixosConfigurations);
@ -40,24 +38,15 @@ let
jump = pkgs.writeShellScript "jump" '' jump = pkgs.writeShellScript "jump" ''
set -eu set -eu
echo ${self} echo ${self}
ip="$(nix eval --raw ".#nixosConfigurations.\"$1\".config.sconfig.morph.deployment.targetHost")" ip="$(nix eval --raw ".#nixosConfigurations.\"$1\".config.sconfig.deployment.targetHost")"
NIX_SSHOPTS="-F${sshConfig}" nix copy --to ssh://root@$ip ${self} NIX_SSHOPTS="-F${sshConfig}" nix copy --to ssh://root@$ip ${self}
exec ssh -oForwardAgent=yes -F"${sshConfig}" "root@$ip" -t "cd ${self}; nix develop" exec ssh -oForwardAgent=yes -F"${sshConfig}" "root@$ip" -t "cd ${self}; nix develop"
''; '';
check-updates = pkgs.writeShellScript "check-updates" ''
set -eu
export SSH_CONFIG_FILE=${sshConfig}
res="$(morph build morph.nix)"
diff \
<(find $res -type l | xargs readlink | sort) \
<(morph exec morph.nix 'readlink /run/current-system' |& grep '^/nix/store/' | sort)
'';
livecd-deploy = pkgs.writeShellScript "livecd-deploy" '' livecd-deploy = pkgs.writeShellScript "livecd-deploy" ''
set -eux set -eux
config=".#nixosConfigurations.\"$1\".config" config=".#nixosConfigurations.\"$1\".config"
ip="$(nix eval --raw "$config.sconfig.morph.deployment.targetHost")" ip="$(nix eval --raw "$config.sconfig.deployment.targetHost")"
ssh-copy-id root@$ip ssh-copy-id root@$ip
sys="$(nix eval --raw "$config.system.build.toplevel")" sys="$(nix eval --raw "$config.system.build.toplevel")"
nix build "$config.system.build.toplevel" --out-link "$(mktemp -d)/result" nix build "$config.system.build.toplevel" --out-link "$(mktemp -d)/result"
@ -70,6 +59,19 @@ let
--root /mnt -- /run/current-system/bin/switch-to-configuration boot --root /mnt -- /run/current-system/bin/switch-to-configuration boot
''; '';
check-updates = pkgs.writeShellScript "check-updates" ''
set -eu
export SSH_CONFIG_FILE=${sshConfig}
c="${pkgs.colmena}/bin/colmena"
diff <(
$c exec -v -- readlink /run/current-system |& grep /nix/store | sed 's/.*| //g' | sort
) <(
$c eval -E '
{ nodes, ... }: map (x: x.config.system.build.toplevel) (builtins.attrValues nodes)
' | jq .[] -r | sort
)
'';
in in
{ inherit check-updates jump livecd-deploy pkgs sshConfig; }; { inherit check-updates jump livecd-deploy pkgs sshConfig; };
@ -77,39 +79,25 @@ in
{ {
devShell = system: with helpers system; devShell = system: with helpers system;
pkgs.mkShell { pkgs.mkShell {
buildInputs = [ pkgs.morph ]; buildInputs = [ pkgs.colmena ];
shellHook = '' shellHook = ''
export SSH_CONFIG_FILE=${sshConfig} export SSH_CONFIG_FILE=${sshConfig}
alias ssh='ssh -F${sshConfig}' alias ssh='ssh -F${sshConfig}'
alias jump=${jump} alias jump=${jump}
alias check-updates=${check-updates} alias check-updates=${check-updates}
alias livecd-deploy=${livecd-deploy} alias livecd-deploy=${livecd-deploy}
alias c=colmena
''; '';
}; };
morph-entrypoint = system: colmena =
let { meta.nixpkgs = nixpkgs.legacyPackages.${system}; } //
globalHealthChecks.cmd = [ builtins.mapAttrs
{ (name: value: {
cmd = [ "nixos-check-reboot" ]; imports = value.extraArgs.modules ++ [
description = "Check for pending reboot"; ({ config, ... }: { inherit (config.sconfig) deployment; })
}
{
cmd = [ "systemctl is-system-running" ];
description = "Check services are running";
}
]; ];
})
getConfig = name: value: { ... }: { (nixosConfigurations);
imports = extraMorphModules ++ nixosConfigurations.${name}.extraArgs.modules;
config = nixpkgs.lib.mkMerge [
{ inherit (value.config.sconfig.morph) deployment; }
{ deployment.healthChecks = globalHealthChecks; }
];
};
in
{ network.pkgs = nixpkgs.legacyPackages.${system}; } //
builtins.mapAttrs getConfig nixosConfigurations;
} }

8
lib/hardware.nix
View file

@ -1,18 +1,18 @@
{ modulesPath: {
physical = { lib, modulesPath, ... }: lib.mkMerge physical = { lib, ... }: lib.mkMerge
[ [
(import "${modulesPath}/installer/scan/not-detected.nix" { inherit lib; }) (import "${modulesPath}/installer/scan/not-detected.nix" { inherit lib; })
{ hardware.cpu.amd.updateMicrocode = true; } { hardware.cpu.amd.updateMicrocode = true; }
{ hardware.cpu.intel.updateMicrocode = true; } { hardware.cpu.intel.updateMicrocode = true; }
]; ];
qemu = { lib, modulesPath, ... }: lib.mkMerge qemu = { lib, ... }: lib.mkMerge
[ [
(import "${modulesPath}/profiles/qemu-guest.nix" { }) (import "${modulesPath}/profiles/qemu-guest.nix" { })
{ services.qemuGuest.enable = true; } { services.qemuGuest.enable = true; }
]; ];
vmware = { lib, modulesPath, ... }: lib.mkMerge vmware = { lib, ... }: lib.mkMerge
[ [
{ virtualisation.vmware.guest.enable = true; } { virtualisation.vmware.guest.enable = true; }
{ boot.initrd.availableKernelModules = [ "mptspi" ]; } { boot.initrd.availableKernelModules = [ "mptspi" ]; }

17
modules/deploy.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, ... }:
with lib.types;
{
options.sconfig = {
sshPublicKeys = lib.mkOption {
type = listOf str;
default = [ ];
};
deployment = lib.mkOption {
type = attrs;
default = { };
};
};
}