From 0d1bab2a0e39775d7686b02b13786f74c2e65e8e Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 1 Feb 2016 03:00:48 +0100 Subject: make deploy2: deploy using nixos-rebuild switch --- nixpkgs/default.nix | 1 + nixpkgs/nixos/default.nix | 65 +++++++++++++++++++++++++++++++++++++++++++++++ nixpkgs/nixos/modules | 1 + 3 files changed, 67 insertions(+) create mode 100644 nixpkgs/default.nix create mode 100644 nixpkgs/nixos/default.nix create mode 120000 nixpkgs/nixos/modules (limited to 'nixpkgs') diff --git a/nixpkgs/default.nix b/nixpkgs/default.nix new file mode 100644 index 0000000..92da82c --- /dev/null +++ b/nixpkgs/default.nix @@ -0,0 +1 @@ +import diff --git a/nixpkgs/nixos/default.nix b/nixpkgs/nixos/default.nix new file mode 100644 index 0000000..6c5adf3 --- /dev/null +++ b/nixpkgs/nixos/default.nix @@ -0,0 +1,65 @@ +{ configuration ? import "NIXOS_CONFIG" +, system ? builtins.currentSystem +}: + +let + eval-config = modules: import { + inherit system; + modules = modules ++ [({ config, lib, ... }: with lib; { + imports = filter dir.has-default-nix (concatLists [ + (map (p: p + "/2configs") [ ]) + (map (p: p + "/3modules") [ ]) + ]); + + krebs.current = { + enable = true; + host = config.krebs.hosts.${readFile /proc/sys/kernel/hostname}; + user = config.krebs.users.${getEnv "LOGNAME"}; + }; + + nixpkgs.config.packageOverrides = pkgs: let + kpkgs = import { inherit lib pkgs; }; + upkgs = import { inherit lib; pkgs = pkgs // kpkgs; }; + in kpkgs // upkgs; + })]; + specialArgs = { + lib = let + nlib = import // builtins; + klib = nlib // import { lib = nlib; }; + ulib = klib // (with klib; let p = + "/4lib"; in + optionalAttrs (dir.has-default-nix p) + (import p { lib = klib; })); + in ulib; + }; + }; + + eval = eval-config [ + configuration + ]; + + # This is for `nixos-rebuild build-vm'. + vm = eval-config [ + configuration + + ]; + + # This is for `nixos-rebuild build-vm-with-bootloader'. + vm-with-bootloader = eval-config [ + configuration + + { virtualisation.useBootLoader = true; } + ]; +in + +{ + inherit (eval) config options; + + system = eval.config.system.build.toplevel; + + vm = vm.config.system.build.vm; + + vmWithBootLoader = vm-with-bootloader.config.system.build.vm; + + # The following are used by nixos-rebuild. + nixFallback = eval.pkgs.nixUnstable; +} diff --git a/nixpkgs/nixos/modules b/nixpkgs/nixos/modules new file mode 120000 index 0000000..8fbc437 --- /dev/null +++ b/nixpkgs/nixos/modules @@ -0,0 +1 @@ +../../upstream-nixpkgs/nixos/modules \ No newline at end of file -- cgit v1.3.1 From 7f91bf883686accc7abf049c070b76db7450c779 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 2 Feb 2016 01:35:19 +0100 Subject: nixpkgs: symlink upstream-nixpkgs/{default.nix,lib} --- nixpkgs/default.nix | 2 +- nixpkgs/lib | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) mode change 100644 => 120000 nixpkgs/default.nix create mode 120000 nixpkgs/lib (limited to 'nixpkgs') diff --git a/nixpkgs/default.nix b/nixpkgs/default.nix deleted file mode 100644 index 92da82c..0000000 --- a/nixpkgs/default.nix +++ /dev/null @@ -1 +0,0 @@ -import diff --git a/nixpkgs/default.nix b/nixpkgs/default.nix new file mode 120000 index 0000000..74e9d76 --- /dev/null +++ b/nixpkgs/default.nix @@ -0,0 +1 @@ +../upstream-nixpkgs/default.nix \ No newline at end of file diff --git a/nixpkgs/lib b/nixpkgs/lib new file mode 120000 index 0000000..2284ef4 --- /dev/null +++ b/nixpkgs/lib @@ -0,0 +1 @@ +../upstream-nixpkgs/lib \ No newline at end of file -- cgit v1.3.1 From cc712071a0d9f63e92787e5fe8d26058f1349c81 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 2 Feb 2016 04:01:55 +0100 Subject: nixpkgs/nixos/lib -> upstream-nixpkgs/nixos/lib --- nixpkgs/nixos/lib | 1 + 1 file changed, 1 insertion(+) create mode 120000 nixpkgs/nixos/lib (limited to 'nixpkgs') diff --git a/nixpkgs/nixos/lib b/nixpkgs/nixos/lib new file mode 120000 index 0000000..eb942f8 --- /dev/null +++ b/nixpkgs/nixos/lib @@ -0,0 +1 @@ +../../upstream-nixpkgs/nixos/lib \ No newline at end of file -- cgit v1.3.1 From 5a9226531d74ed69da3ae2e8b2206c10a8ca633c Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 2 Feb 2016 13:21:59 +0100 Subject: nixpkgs/pkgs -> upstream-nixpkgs/pkgs --- nixpkgs/pkgs | 1 + 1 file changed, 1 insertion(+) create mode 120000 nixpkgs/pkgs (limited to 'nixpkgs') diff --git a/nixpkgs/pkgs b/nixpkgs/pkgs new file mode 120000 index 0000000..ce5f544 --- /dev/null +++ b/nixpkgs/pkgs @@ -0,0 +1 @@ +../upstream-nixpkgs/pkgs \ No newline at end of file -- cgit v1.3.1 From d23957f9ff4ff5edbc67df16ad4b80c37ca07fc2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 4 Feb 2016 05:40:26 +0100 Subject: krebs.build.populate: init and drop support for v1 --- Makefile | 108 ++++++++++++++++------------------------------ nixpkgs/krebs | 0 nixpkgs/nixos/default.nix | 66 +--------------------------- nixpkgs/nixos/lib | 2 +- nixpkgs/nixos/modules | 2 +- root | 1 + tv/2configs/default.nix | 4 +- 7 files changed, 41 insertions(+), 142 deletions(-) create mode 100644 nixpkgs/krebs create mode 120000 root (limited to 'nixpkgs') diff --git a/Makefile b/Makefile index a1559b4..87a636e 100644 --- a/Makefile +++ b/Makefile @@ -1,87 +1,51 @@ -# -# usage: -# make infest system=foo [target=bar] -# make [deploy] system=foo [target=bar] -# make [deploy] systems='foo bar' -# make eval get=users.tv.wu.config.time.timeZone [filter=json] -# - .ONESHELL: .SHELLFLAGS := -eufc -ifdef systems -$(systems): - @ - unset target - parallel \ - --line-buffer \ - -j0 \ - --no-notice \ - --tagstring {} \ - -q make -s systems= system={} ::: $(systems) -else ifdef system -.PHONY: deploy infest -deploy infest:;@ - export get=krebs.$@ - export filter=json - script=$$(make -s eval) - echo "$$script" | sh - -.PHONY: eval -eval: - @ -ifeq ($(filter),json) - extraArgs='--json --strict' - filter() { jq -r .; } -else - filter() { cat; } +ifndef system +$(error unbound variable: system) endif - result=$$(nix-instantiate \ - $${extraArgs-} \ - --eval \ - -A "$$get" \ - -I stockholm="$$PWD" \ - '' \ - --argstr current-host-name "$$HOSTNAME" \ - --argstr current-user-name "$$LOGNAME" \ - $${system+--argstr system "$$system"} \ - $${target+--argstr target "$$target"}) - echo "$$result" | filter export target_host ?= $(system) export target_user ?= root export target_path ?= /var/src +# usage: make deploy system=foo [target_host=bar] +.PHONY: deploy +deploy: populate ;@set -x + ssh "$$target_user@$$target_host" nixos-rebuild switch -I "$$target_path" + # usage: make populate system=foo [target_host=bar] .PHONY: populate -populate: export lib = \ - let nlib = import ; in \ - nlib // import krebs/4lib { lib = nlib; } // builtins -populate: export source = \ - with builtins; \ - with (import ./. {}).users.$${getEnv "LOGNAME"}.$${getEnv "system"}; \ - assert config.krebs.build.source-version == 2; \ - config.krebs.build.source populate:;@ - result=$$(nix-instantiate \ - --eval \ - --json \ - --arg lib "$$lib" \ - --arg source "$$source" \ - --argstr target-user "$$target_user" \ - --argstr target-host "$$target_host" \ - --argstr target-path "$$target_path" \ - -A populate \ - krebs/v2) - script=$$(echo "$$result" | jq -r .) - echo "$$script" | sh - -# usage: make rebuild system=foo [target_host=bar] [operation=switch] -.PHONY: rebuild -rebuild: populate ;@set -x - ssh "$$target_user@$$target_host" \ - nixos-rebuild "$${operation-switch}" -I "$$target_path" + result=$$(make -s eval get=config.krebs.build.populate filter=json) + echo "$$result" | sh +# usage: make eval system=foo get=config.krebs.build [LOGNAME=tv] [filter=json] +.PHONY: eval +eval:;@ +ifeq ($(filter),json) + extraArgs='--json --strict' + filter() { echo "$$1" | jq -r .; } else -$(error unbound variable: system[s]) + filter() { echo "$$1"; } endif + result=$$(nix-instantiate \ + $${extraArgs-} \ + --show-trace \ + --readonly-mode \ + --eval \ + -A "$$get" \ + --arg configuration "") + filter "$$result" + +## usage: make install system=foo target= +#.PHONY: install +#install: ssh = ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null +#install:;@set -x +# $(ssh) "$$target_user@$$target_host" \ +# env target_path=/var/src \ +# sh -s prepare < krebs/4lib/infest/prepare.sh +# make -s populate target_path=/mnt"$$target_path" +# $(ssh) "$$target_user@$$target_host" \ +# env NIXOS_CONFIG=/var/src/nixos-config \ +# nixos-install diff --git a/nixpkgs/krebs b/nixpkgs/krebs new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/nixos/default.nix b/nixpkgs/nixos/default.nix index 6c5adf3..4fe08ef 100644 --- a/nixpkgs/nixos/default.nix +++ b/nixpkgs/nixos/default.nix @@ -1,65 +1 @@ -{ configuration ? import "NIXOS_CONFIG" -, system ? builtins.currentSystem -}: - -let - eval-config = modules: import { - inherit system; - modules = modules ++ [({ config, lib, ... }: with lib; { - imports = filter dir.has-default-nix (concatLists [ - (map (p: p + "/2configs") [ ]) - (map (p: p + "/3modules") [ ]) - ]); - - krebs.current = { - enable = true; - host = config.krebs.hosts.${readFile /proc/sys/kernel/hostname}; - user = config.krebs.users.${getEnv "LOGNAME"}; - }; - - nixpkgs.config.packageOverrides = pkgs: let - kpkgs = import { inherit lib pkgs; }; - upkgs = import { inherit lib; pkgs = pkgs // kpkgs; }; - in kpkgs // upkgs; - })]; - specialArgs = { - lib = let - nlib = import // builtins; - klib = nlib // import { lib = nlib; }; - ulib = klib // (with klib; let p = + "/4lib"; in - optionalAttrs (dir.has-default-nix p) - (import p { lib = klib; })); - in ulib; - }; - }; - - eval = eval-config [ - configuration - ]; - - # This is for `nixos-rebuild build-vm'. - vm = eval-config [ - configuration - - ]; - - # This is for `nixos-rebuild build-vm-with-bootloader'. - vm-with-bootloader = eval-config [ - configuration - - { virtualisation.useBootLoader = true; } - ]; -in - -{ - inherit (eval) config options; - - system = eval.config.system.build.toplevel; - - vm = vm.config.system.build.vm; - - vmWithBootLoader = vm-with-bootloader.config.system.build.vm; - - # The following are used by nixos-rebuild. - nixFallback = eval.pkgs.nixUnstable; -} +import diff --git a/nixpkgs/nixos/lib b/nixpkgs/nixos/lib index eb942f8..9e69d1a 120000 --- a/nixpkgs/nixos/lib +++ b/nixpkgs/nixos/lib @@ -1 +1 @@ -../../upstream-nixpkgs/nixos/lib \ No newline at end of file +../../../upstream-nixpkgs/nixos/lib \ No newline at end of file diff --git a/nixpkgs/nixos/modules b/nixpkgs/nixos/modules index 8fbc437..8aa2488 120000 --- a/nixpkgs/nixos/modules +++ b/nixpkgs/nixos/modules @@ -1 +1 @@ -../../upstream-nixpkgs/nixos/modules \ No newline at end of file +../../../upstream-nixpkgs/nixos/modules \ No newline at end of file diff --git a/root b/root new file mode 120000 index 0000000..1cd1825 --- /dev/null +++ b/root @@ -0,0 +1 @@ +../stockholm-user \ No newline at end of file diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 46320b7..57c4620 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -8,11 +8,9 @@ with lib; krebs.build = { user = config.krebs.users.tv; target = mkDefault "root@${config.krebs.build.host.name}"; - source-version = 2; source = mapAttrs (_: mkDefault) ({ nixos-config = "symlink:stockholm/tv/1systems/${config.krebs.build.host.name}.nix"; nixpkgs = symlink:stockholm/nixpkgs; - null = "symlink:stockholm/null"; secrets = "/home/tv/secrets/${config.krebs.build.host.name}"; secrets-common = "/home/tv/secrets/common"; stockholm = "/home/tv/stockholm"; @@ -104,7 +102,7 @@ with lib; }; environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/null:/var/src"; + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; }; programs.bash = { -- cgit v1.3.1 [cgit] Unable to lock slot /tmp/cgit/56300000.lock: No such file or directory (2)