diff options
author | Roman Melnikov | 2023-06-05 14:59:10 +0800 |
---|---|---|
committer | GitHub | 2023-06-05 14:59:10 +0800 |
commit | 65211db63ba1199f09b4c9f27e5eba5ec50d76ac (patch) | |
tree | 0c1b42ffc901315b8ef1671a27d48309e4ec5448 | |
parent | c80189917086e43d49eece2bd86f56813500a0eb (diff) | |
parent | 8ef5b948e308d809cb7882036007e0ef9743acc8 (diff) |
Merge pull request #213 from serokell/rvem/darwin-activation
[#210] Add activation script for darwin system and provide a usage example
-rw-r--r-- | examples/darwin/README.md | 19 | ||||
-rw-r--r-- | examples/darwin/flake.nix | 39 | ||||
-rw-r--r-- | flake.nix | 7 |
3 files changed, 65 insertions, 0 deletions
diff --git a/examples/darwin/README.md b/examples/darwin/README.md new file mode 100644 index 0000000..b377ce8 --- /dev/null +++ b/examples/darwin/README.md @@ -0,0 +1,19 @@ +<!-- +SPDX-FileCopyrightText: 2023 Serokell <https://serokell.io/> + +SPDX-License-Identifier: MPL-2.0 +--> + +# Example nix-darwin system deployment + +## Prerequisites + +1) Install `nix` and `nix-darwin` (the latter creates `/run` sets up `/etc/nix/nix.conf` symlink and so on) + on the target machine. +2) Enable remote login on the mac to allow ssh access. +3) `deploy-rs` doesn't support password provisioning for `sudo`, so the `sshUser` should + have passwordless `sudo` access. + +## Deploying + +Run `nix run github:serokell/deploy-rs -- --ssh-user <user>`.
\ No newline at end of file diff --git a/examples/darwin/flake.nix b/examples/darwin/flake.nix new file mode 100644 index 0000000..d5d7ae8 --- /dev/null +++ b/examples/darwin/flake.nix @@ -0,0 +1,39 @@ +{ + description = "Deploy simple 'darwinSystem' to a darwin machine"; + + inputs.deploy-rs.url = "github:serokell/deploy-rs"; + inputs.darwin.url = "github:LnL7/nix-darwin"; + + outputs = { self, nixpkgs, deploy-rs, darwin }: { + darwinConfigurations.example = darwin.lib.darwinSystem { + system = "x86_64-darwin"; + modules = [ + ({lib, config, pkgs, ...}: { + services.nix-daemon.enable = true; + nix = { + settings = { + trusted-users = [ "rvem" ]; + }; + extraOptions = '' + experimental-features = flakes nix-command + ''; + }; + # nix commands are added to PATH in the zsh config + programs.zsh.enable = true; + }) + ]; + }; + deploy = { + # remoteBuild = true; # Uncomment in case the system you're deploying from is not darwin + nodes.example = { + hostname = "localhost"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-darwin.activate.darwin self.darwinConfigurations.example; + }; + }; + }; + + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + }; +} @@ -106,6 +106,13 @@ home-manager = base: custom base.activationPackage "$PROFILE/activate"; + # Activation script for 'darwinSystem' from nix-darwin. + # 'HOME=/var/root' is needed because 'sudo' on darwin doesn't change 'HOME' directory, + # while 'darwin-rebuild' (which is invoked under the hood) performs some nix-channel + # checks that rely on 'HOME'. As a result, if 'sshUser' is different from root, + # deployment may fail without explicit 'HOME' redefinition. + darwin = base: custom base.config.system.build.toplevel "HOME=/var/root $PROFILE/activate"; + noop = base: custom base ":"; }; |