remove deploy-rs
This commit is contained in:
parent
e1cb642c8e
commit
6d669d9305
2 changed files with 80 additions and 114 deletions
108
flake.nix
108
flake.nix
|
|
@ -8,15 +8,11 @@
|
|||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
colmena.url = "github:zhaofengli/colmena";
|
||||
colmena.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
serokell-nix.url = "github:serokell/serokell.nix";
|
||||
serokell-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
serokell-nix.inputs.deploy-rs.follows = "deploy-rs";
|
||||
|
||||
vault-secrets.url = "github:serokell/vault-secrets";
|
||||
vault-secrets.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
|
@ -26,13 +22,14 @@
|
|||
};
|
||||
|
||||
outputs =
|
||||
{ self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs:
|
||||
{ self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers, ... }@inputs:
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
inherit (builtins) filter mapAttrs;
|
||||
system = "x86_64-linux";
|
||||
hosts = import ./hosts.nix;
|
||||
|
||||
# TODO: consolidate with mkColmenaHost
|
||||
# Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM.
|
||||
mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: {
|
||||
"${profile}" = lib.nixosSystem {
|
||||
|
|
@ -49,79 +46,53 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Same as above, but for the nodes part of deploy.
|
||||
mkDeploy = { ip, hostname, profile ? hostname, ... }: {
|
||||
# Import all nixos host definitions that are actual nix machines
|
||||
nixHosts = filter ({ nix ? true, ... }: nix) hosts;
|
||||
|
||||
mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }: {
|
||||
"${hostname}" = {
|
||||
hostname = ip;
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile};
|
||||
imports = [
|
||||
vault-secrets.nixosModules.vault-secrets
|
||||
./nixos/common
|
||||
"${./.}/nixos/hosts/${profile}/configuration.nix"
|
||||
] ++ (if lxc then [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./nixos/common/generic-lxc.nix
|
||||
] else [ ./nixos/common/generic-vm.nix ]);
|
||||
|
||||
deployment = {
|
||||
targetHost = ip;
|
||||
targetUser = null; # Defaults to $USER
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Generates hosts.auto.tfvars.json for Terraform
|
||||
genTFVars =
|
||||
let
|
||||
hostToVar = z@{ hostname, mac, ... }: {
|
||||
"${hostname}" = { inherit mac; };
|
||||
};
|
||||
hostSet = lib.foldr (el: acc: acc // hostToVar el) { } hosts;
|
||||
json = builtins.toJSON { hosts = hostSet; };
|
||||
in
|
||||
pkgs.writeScriptBin "gen-tf-vars" ''
|
||||
echo '${json}' | ${pkgs.jq}/bin/jq > terraform/hosts.auto.tfvars.json;
|
||||
echo "Generated Terraform Variables";
|
||||
'';
|
||||
|
||||
# Import all nixos host definitions that are actual nix machines
|
||||
nixHosts = filter ({ nix ? true, ... }: nix) hosts;
|
||||
|
||||
pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ];
|
||||
|
||||
in
|
||||
{
|
||||
# Make the config and deploy sets
|
||||
# nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts;
|
||||
# deploy.nodes = lib.foldr (el: acc: acc // mkDeploy el) { } nixHosts;
|
||||
nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts;
|
||||
|
||||
colmena = {
|
||||
meta = {
|
||||
nixpkgs = import nixpkgs {
|
||||
system = "x86_64-linux";
|
||||
overlays = [
|
||||
(import ./nixos/pkgs)
|
||||
minecraft-servers.overlays.default
|
||||
];
|
||||
colmena = lib.foldr (el: acc: acc // mkColmenaHost el)
|
||||
{
|
||||
meta = {
|
||||
nixpkgs = import nixpkgs {
|
||||
system = "x86_64-linux";
|
||||
overlays = [
|
||||
(import ./nixos/pkgs)
|
||||
vault-secrets.overlay
|
||||
minecraft-servers.overlays.default
|
||||
];
|
||||
};
|
||||
specialArgs = {
|
||||
inherit hosts;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
minecraft = {
|
||||
imports = [
|
||||
vault-secrets.nixosModules.vault-secrets
|
||||
./nixos/common
|
||||
"${./.}/nixos/hosts/minecraft/configuration.nix"
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./nixos/common/generic-lxc.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "10.42.42.21";
|
||||
targetUser = "victor";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
nixHosts;
|
||||
|
||||
apps.${system} = rec {
|
||||
default = deploy;
|
||||
deploy = {
|
||||
type = "app";
|
||||
program = "${deploy-rs.packages.${system}.deploy-rs}/bin/deploy";
|
||||
};
|
||||
vault-push-approles = {
|
||||
type = "app";
|
||||
program = "${pkgs.vault-push-approles self}/bin/vault-push-approles";
|
||||
|
|
@ -131,10 +102,6 @@
|
|||
program =
|
||||
"${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs";
|
||||
};
|
||||
tfvars = {
|
||||
type = "app";
|
||||
program = "${genTFVars}/bin/gen-tf-vars";
|
||||
};
|
||||
};
|
||||
|
||||
# Use by running `nix develop`
|
||||
|
|
@ -144,7 +111,6 @@
|
|||
shellHook = "zsh; exit $?";
|
||||
buildInputs = with pkgs; [
|
||||
colmena
|
||||
deploy-rs.packages.${system}.deploy-rs
|
||||
fluxcd
|
||||
k9s
|
||||
kubectl
|
||||
|
|
@ -153,17 +119,7 @@
|
|||
nixfmt
|
||||
nixUnstable
|
||||
vault
|
||||
# (vault-push-approles self { })
|
||||
# (vault-push-approle-envs self { })
|
||||
genTFVars
|
||||
];
|
||||
};
|
||||
|
||||
# Filter out non-system checks: https://github.com/NixOS/nixpkgs/issues/175875#issuecomment-1152996862
|
||||
checks = lib.filterAttrs
|
||||
(a: _: a == system)
|
||||
(builtins.mapAttrs
|
||||
(system: deployLib: deployLib.deployChecks self.deploy)
|
||||
deploy-rs.lib);
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue