uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add deploy-rs and workflow

Browse source
This commit is contained in:
uku 2024-01-19 00:45:43 +01:00
parent ab0244aeb3
commit a7076e8074
Signed by: uku
GPG key ID: 7D01D7B105E77166
5 changed files with 148 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
.github/workflows/build.yml → .github/workflows/ci.yml vendored
View file

@ -1,4 +1,4 @@
name: build overlay
name: nix ci
on:
push:
@ -39,3 +39,28 @@ jobs:
- name: build
run: nix build -L --accept-flake-config .#${{ matrix.pkg }}
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@v9
- name: connect to tailscale
uses: tailscale/github-action@v2
with:
oauth-client-id: ${{ secrets.TS_CLIENT_ID }}
oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
tags: tag:gha
- name: copy known_hosts
run: |
set -eux
[ ! -d ~/.ssh ] && mkdir -p ~/.ssh
cp .known_hosts ~/.ssh/known_hosts
- name: deploy
run: nix run --inputs-from . 'nixpkgs#deploy-rs' -- -s

1
.known_hosts Normal file
View file

@ -0,0 +1 @@
etna ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnkKSd4IV+PM88WKHHfEhSTlknHT0FVXzA0JUcCzOp+

37
deploy.nix Normal file
View file

@ -0,0 +1,37 @@
{
lib,
self,
inputs,
...
}: let
systems = ["etna"];
getDeploy = pkgs:
(pkgs.appendOverlays [
inputs.deploy-rs.overlay
(_: prev: {
deploy-rs = {
inherit (pkgs) deploy-rs;
inherit (prev.deploy-rs) lib;
};
})
])
.deploy-rs;
toDeployNode = hostname: system: {
inherit hostname;
sshUser = "root";
profiles.system.path = let deploy = getDeploy system.pkgs; in deploy.lib.activate.nixos system;
};
in {
flake = {
deploy = {
remoteBuild = true;
fastConnection = false;
nodes = lib.mapAttrs toDeployNode (lib.getAttrs systems self.nixosConfigurations);
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
};
}

94
flake.lock
View file

@ -81,6 +81,28 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1704875591,
"narHash": "sha256-eWRLbqRcrILgztU/m/k7CYLzETKNbv0OsT2GjkaNm8A=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "1776009f1f3fb2b5d236b84d9815f2edee463a9b",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -97,6 +119,22 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -119,7 +157,7 @@
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1705309234,
@ -201,7 +239,7 @@
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-compat": "flake-compat_2",
"flake-parts": [
"flake-parts"
],
@ -257,21 +295,6 @@
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1705331948,
"narHash": "sha256-qjQXfvrAT1/RKDFAMdl8Hw3m4tLVvMCc8fMqzJv0pP4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b8dd8be3c790215716e7c12b247f45ca525867e2",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
@ -307,11 +330,11 @@
"inputs": {
"agenix": "agenix",
"catppuccin": "catppuccin",
"deploy-rs": "deploy-rs",
"flake-parts": "flake-parts",
"home-manager": "home-manager_2",
"lanzaboote": "lanzaboote",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable_2"
"nixpkgs": "nixpkgs"
}
},
"rust-overlay": {
@ -368,6 +391,39 @@
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

7
flake.nix
View file

@ -8,7 +8,6 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
nixpkgs-stable.url = "nixpkgs/nixos-23.11";
flake-parts = {
url = "github:hercules-ci/flake-parts";
@ -34,6 +33,11 @@
url = "github:uku3lig/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {flake-parts, ...} @ inputs:
@ -43,6 +47,7 @@
imports = [
./ci.nix
./dev.nix
./deploy.nix
./systems
];
};