diff options
author | stuebinm | 2021-03-03 00:51:39 +0100 |
---|---|---|
committer | stuebinm | 2021-03-03 00:51:39 +0100 |
commit | d96fbd63510048bf56d3d600a65f7983096c1bb1 (patch) | |
tree | 192afecb97bcdb829e1461bebc283cc86fb99586 /modules |
migrating config
This deploy logic is primarily based on hxchn's deploy lib [1], with some
slight modifications to make it work with my setup. Everything seems to work
fine for now.
However, I am unsure about the usage of niv — the config doesn't seem to gain
much from it, apart from (some) additional complexity.
[1] https://gitlab.com/hexchen/nixfiles
Diffstat (limited to 'modules')
-rw-r--r-- | modules/default.nix | 5 | ||||
-rw-r--r-- | modules/deploy/default.nix | 50 |
2 files changed, 55 insertions, 0 deletions
diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..23a8abc --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,5 @@ +{...}: + +{ + imports = [ ]; +} diff --git a/modules/deploy/default.nix b/modules/deploy/default.nix new file mode 100644 index 0000000..e8bc827 --- /dev/null +++ b/modules/deploy/default.nix @@ -0,0 +1,50 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.hexchen.deploy; + +in { + options = { + hexchen.deploy = { + enable = mkOption { + type = types.bool; + default = true; + }; + ssh.host = mkOption { + type = types.str; + default = "${config.networking.hostName}.${config.networking.domain}"; + }; + ssh.port = mkOption { + type = types.int; + default = head config.services.openssh.ports; + }; + substitute = mkOption { + type = types.bool; + default = true; + }; + groups = mkOption { + type = with types; listOf str; + default = []; + }; + }; + }; + + config = mkIf cfg.enable { + hexchen.deploy.groups = [ "all" ]; + + system.build.deployScript = let + superuser = if config.security.sudo.enable then "sudo" else ""; + in pkgs.writeScript "deploy-${config.networking.hostName}" '' + #!${pkgs.runtimeShell} + set -xeo pipefail + export PATH=${with pkgs; lib.makeBinPath [ coreutils openssh nix ]} + export NIX_SSHOPTS="$NIX_SSHOPTS -p${toString cfg.ssh.port}" + nix copy ${if cfg.substitute then "-s" else ""} --no-check-sigs --to ssh://${cfg.ssh.host} ${config.system.build.toplevel} + ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} nix-env -p /nix/var/nix/profiles/system -i ${config.system.build.toplevel}" + ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} /nix/var/nix/profiles/system/bin/switch-to-configuration $1" + ''; + }; +} + |