aboutsummaryrefslogtreecommitdiff
path: root/flake.nix
blob: 2e775ca73daf5036ad78bdf39a7ffb450833e86b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# SPDX-FileCopyrightText: 2020 Serokell <https://serokell.io/>
#
# SPDX-License-Identifier: MPL-2.0

{
  description = "A Simple multi-profile Nix-flake deploy tool.";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    naersk = {
      url = "github:nmattia/naersk/master";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    utils.url = "github:numtide/flake-utils";
    flake-compat = {
      url = "github:edolstra/flake-compat";
      flake = false;
    };
  };

  outputs = { self, nixpkgs, utils, naersk, ... }:
    utils.lib.eachDefaultSystem (system:
      let
        pkgs = import nixpkgs { inherit system; };
        naersk-lib = pkgs.callPackage naersk { };
        isDarwin = pkgs.lib.strings.hasSuffix "-darwin" system;
        darwinOptions = pkgs.lib.optionalAttrs isDarwin {
          nativeBuildInputs = [
            pkgs.darwin.apple_sdk.frameworks.SystemConfiguration
          ];
          singleStep = true; # https://github.com/nmattia/naersk/issues/127
          cargoBuildOptions = opts: opts ++ [ "--bin" "deploy" ]; # The "activate" binary is linux-only.
        };
      in
      {
        defaultPackage = self.packages."${system}".deploy-rs;
        packages.deploy-rs = naersk-lib.buildPackage (darwinOptions // {
          root = ./.;
        });

        defaultApp = self.apps."${system}".deploy-rs;
        apps.deploy-rs = {
          type = "app";
          program = "${self.defaultPackage."${system}"}/bin/deploy";
        };

        devShell = pkgs.mkShell {
          inputsFrom = [ self.packages.${system}.deploy-rs ];
          buildInputs = [ pkgs.nixUnstable ];
        };

        lib = rec {

          setActivate = builtins.trace
            "deploy-rs#lib.setActivate is deprecated, use activate.noop, activate.nixos or activate.custom instead"
            activate.custom;

          activate = rec {
            custom = base: activate: pkgs.buildEnv {
              name = ("activatable-" + base.name);
              paths = [
                base
                (pkgs.writeTextFile {
                  name = base.name + "-activate-path";
                  text = ''
                    #!${pkgs.runtimeShell}
                    ${activate}
                  '';
                  executable = true;
                  destination = "/deploy-rs-activate";
                })
              ];
            };

            nixos = base: custom base.config.system.build.toplevel "$PROFILE/bin/switch-to-configuration switch";

            noop = base: custom base ":";
          };

          deployChecks = deploy: builtins.mapAttrs (_: check: check deploy) {
            schema = deploy: pkgs.runCommandNoCC "jsonschema-deploy-system" { } ''
              ${pkgs.python3.pkgs.jsonschema}/bin/jsonschema -i ${pkgs.writeText "deploy.json" (builtins.toJSON deploy)} ${./interface.json} && touch $out
            '';

            activate = deploy:
              let
                profiles = builtins.concatLists (pkgs.lib.mapAttrsToList (nodeName: node: pkgs.lib.mapAttrsToList (profileName: profile: [ (toString profile.path) nodeName profileName ]) node.profiles) deploy.nodes);
              in
              pkgs.runCommandNoCC "deploy-rs-check-activate" { } ''
                for x in ${builtins.concatStringsSep " " (map (p: builtins.concatStringsSep ":" p) profiles)}; do
                  profile_path=$(echo $x | cut -f1 -d:)
                  node_name=$(echo $x | cut -f2 -d:)
                  profile_name=$(echo $x | cut -f3 -d:)

                  test -f "$profile_path/deploy-rs-activate" || (echo "#$node_name.$profile_name is missing an activation script" && exit 1);
                done

                touch $out
              '';
          };
        };
      });
}