diff options
Diffstat (limited to 'modules/deploy/default.nix')
| -rw-r--r-- | modules/deploy/default.nix | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/modules/deploy/default.nix b/modules/deploy/default.nix new file mode 100644 index 0000000..e8bc827 --- /dev/null +++ b/modules/deploy/default.nix @@ -0,0 +1,50 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.hexchen.deploy; + +in { + options = { + hexchen.deploy = { + enable = mkOption { + type = types.bool; + default = true; + }; + ssh.host = mkOption { + type = types.str; + default = "${config.networking.hostName}.${config.networking.domain}"; + }; + ssh.port = mkOption { + type = types.int; + default = head config.services.openssh.ports; + }; + substitute = mkOption { + type = types.bool; + default = true; + }; + groups = mkOption { + type = with types; listOf str; + default = []; + }; + }; + }; + + config = mkIf cfg.enable { + hexchen.deploy.groups = [ "all" ]; + + system.build.deployScript = let + superuser = if config.security.sudo.enable then "sudo" else ""; + in pkgs.writeScript "deploy-${config.networking.hostName}" '' + #!${pkgs.runtimeShell} + set -xeo pipefail + export PATH=${with pkgs; lib.makeBinPath [ coreutils openssh nix ]} + export NIX_SSHOPTS="$NIX_SSHOPTS -p${toString cfg.ssh.port}" + nix copy ${if cfg.substitute then "-s" else ""} --no-check-sigs --to ssh://${cfg.ssh.host} ${config.system.build.toplevel} + ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} nix-env -p /nix/var/nix/profiles/system -i ${config.system.build.toplevel}" + ssh $NIX_SSHOPTS ${cfg.ssh.host} "${superuser} /nix/var/nix/profiles/system/bin/switch-to-configuration $1" + ''; + }; +} + |