william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

removed previous attempts at deployment

Browse source
This commit is contained in:
William 2025-07-26 19:06:50 -03:00
parent 2e09597dc9
commit e49cc9779f
5 changed files with 5 additions and 423 deletions
Download patch file Download diff file Expand all files Collapse all files

82
flake.lock generated
View file

@ -112,28 +112,6 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs-stable"
],
"utils": "utils"
},
"locked": {
"lastModified": 1749105467,
"narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "6bc76b872374845ba9d645a2f012b764fecd765f",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -172,22 +150,6 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1747046372,
@ -203,7 +165,7 @@
"type": "github"
}
},
"flake-compat_3": {
"flake-compat_2": {
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
@ -241,7 +203,7 @@
},
"flake-utils": {
"inputs": {
"systems": "systems_3"
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
@ -476,7 +438,7 @@
},
"nixos-cli": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat",
"nix-options-doc": "nix-options-doc",
"nixpkgs": "nixpkgs_2"
},
@ -587,7 +549,6 @@
"root": {
"inputs": {
"agenix": "agenix",
"deploy-rs": "deploy-rs",
"disko": "disko",
"home-manager": "home-manager_2",
"home-manager-stable": "home-manager-stable",
@ -628,7 +589,7 @@
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell",
@ -637,7 +598,7 @@
"nixpkgs"
],
"nur": "nur",
"systems": "systems_4",
"systems": "systems_3",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
@ -703,21 +664,6 @@
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"locked": {
@ -820,24 +766,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

51
flake.nix
View file

@ -24,11 +24,6 @@
inputs.nixpkgs.follows = "nixpkgs-stable";
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
disko = {
url = "github:nix-community/disko?ref=v1.11.0";
inputs.nixpkgs.follows = "nixpkgs-stable";
@ -51,7 +46,6 @@
stylix,
disko,
agenix,
deploy-rs,
nixos-cli,
nix-flatpak,
impermanence,
@ -83,7 +77,6 @@
nix-flatpak.nixosModules.nix-flatpak
stylix.nixosModules.stylix
nixos-cli.nixosModules.nixos-cli
self.nixosModules.git-pull-timer
{
nixpkgs.overlays = [
agenix.overlays.default
@ -143,7 +136,6 @@
overlay = final: prev: {
};
workstationOverlay = final: prev: {
nixos-deploy = nixpkgs.legacyPackages."x86_64-linux".callPackage ./packages/nixos-deploy.nix { };
plasticity = nixpkgs.legacyPackages."x86_64-linux".callPackage ./packages/plasticity.nix { };
toggleaudiosink =
nixpkgs.legacyPackages."x86_64-linux".callPackage ./packages/toggleaudiosink.nix
@ -153,48 +145,6 @@
};
};
deploy = {
autoRollback = true;
magicRollback = false;
nodes = {
alexandria = {
hostname = "alexandria";
profiles = {
system = {
user = "root";
sshUser = "root";
remoteBuild = true;
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.alexandria;
};
};
};
# trantor = {
# hostname = "trantor";
# profiles = {
# system = {
# user = "root";
# sshUser = "root";
# remoteBuild = true;
# path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.alexandria;
# };
# };
# };
io = {
hostname = "io";
profiles = {
system = {
user = "root";
sshUser = "root";
remoteBuild = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.io;
};
};
};
};
};
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style;
devShells."x86_64-linux".default = nixpkgs.legacyPackages."x86_64-linux".mkShell {
@ -206,7 +156,6 @@
nixosModules = {
qbittorrent = import ./modules/qbittorrent.nix;
git-pull-timer = import ./modules/git-pull-timer.nix;
};
};
}

9
hosts/modules/services.nix
View file

@ -18,15 +18,6 @@
enable = true;
settings.PermitRootLogin = "no";
};
git-pull-timer = {
enable = true;
remoteAddresses = [
"git@github.com:baduhai/nix-config.git"
"https://github.com/baduhai/nix-config.git"
];
user = "user";
group = "users";
};
nixos-cli = {
enable = true;
config = {

158
modules/git-pull-timer.nix
View file

@ -1,158 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.services.git-pull-timer;
in
{
options.services.git-pull-timer = {
enable = mkEnableOption "git pull timer service";
onCalendar = mkOption {
type = types.listOf types.str;
default = [ "daily" ];
description = "OnCalendar options for the timer (systemd calendar format)";
example = [
"hourly"
"daily"
"*:0/30"
];
};
onBoot = mkOption {
type = types.bool;
default = false;
description = "Enable OnBootSec = 5min option for the timer";
};
persistent = mkOption {
type = types.bool;
default = true;
description = "Persistent option for the timer (catch up missed runs)";
};
remoteAddresses = mkOption {
type = types.listOf types.str;
default = null;
description = "List of git remote addresses to try in order";
example = [
"git@github.com:user/repo.git"
"https://github.com/user/repo.git"
];
};
directory = mkOption {
type = types.str;
default = "/etc/nixos";
description = "Directory where the git repository should be located";
};
user = mkOption {
type = types.str;
default = null;
description = "User to run the git operations as";
};
group = mkOption {
type = types.str;
default = null;
description = "Group to run the git operations as";
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.remoteAddresses != null && cfg.remoteAddresses != [ ];
message = "services.git-pull-timer.remoteAddresses must be set and non-empty";
}
{
assertion = cfg.user != null;
message = "services.git-pull-timer.user must be set";
}
{
assertion = cfg.group != null;
message = "services.git-pull-timer.group must be set";
}
];
systemd.services.git-pull-timer = {
description = "Pull git repository";
serviceConfig = {
Type = "oneshot";
ExecStartPre = [
"+${pkgs.coreutils}/bin/mkdir -p ${cfg.directory}"
"+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} ${cfg.directory}"
];
ExecStart = pkgs.writeShellScript "git-pull-script" ''
set -e
cd ${cfg.directory}
# Check if this is a git repository
if ! ${pkgs.git}/bin/git rev-parse --git-dir > /dev/null 2>&1; then
echo "No git repository found, attempting to clone..."
# Try each remote address in order
success=false
${concatMapStringsSep "\n" (addr: ''
if [ "$success" = "false" ]; then
echo "Trying to clone from: ${addr}"
if ${pkgs.git}/bin/git clone ${addr} . 2>/dev/null; then
echo "Successfully cloned from: ${addr}"
success=true
else
echo "Failed to clone from: ${addr}"
fi
fi
'') cfg.remoteAddresses}
if [ "$success" = "false" ]; then
echo "All clone attempts failed"
exit 1
fi
else
echo "Git repository exists, pulling updates..."
# Check if there are unstaged changes
if ! ${pkgs.git}/bin/git diff --quiet; then
echo "Unstaged changes detected, stashing..."
${pkgs.git}/bin/git stash push -m "Auto-stash before pull $(date)"
fi
# Check if there are staged changes
if ! ${pkgs.git}/bin/git diff --cached --quiet; then
echo "Staged changes detected, pulling with rebase..."
${pkgs.git}/bin/git pull --rebase
else
echo "No staged changes, doing regular pull..."
${pkgs.git}/bin/git pull
fi
fi
'';
User = cfg.user;
Group = cfg.group;
};
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
};
systemd.timers.git-pull-timer = {
description = "Timer for git pull service";
timerConfig =
{
OnCalendar = cfg.onCalendar;
Persistent = cfg.persistent;
}
// optionalAttrs cfg.onBoot {
OnBootSec = "5min";
};
wantedBy = [ "timers.target" ];
};
};
}

128
packages/nixos-deploy.nix
View file

@ -1,128 +0,0 @@
{
lib,
stdenv,
writeShellScriptBin,
nixos-rebuild,
coreutils,
}:
stdenv.mkDerivation rec {
pname = "nixos-deploy";
version = "1.0";
passthru.script = writeShellScriptBin "nixos-deploy" ''
set -euo pipefail
LOCAL_BUILD=false
ACTION="switch"
FLAKE_URI=""
TARGET_HOST=""
SSH_USER=""
SSH_HOST=""
show_usage() {
echo -e "Usage: nixos-deploy [--local-build] [--boot] <flake-uri> [user@]host"
echo ""
echo -e "Arguments:"
echo " flake-uri Flake URI (e.g., .#hostname)"
echo " [user@]host Target host, optionally with user"
echo ""
echo -e "Options:"
echo " --local-build Build locally instead of on remote"
echo " --boot Use 'boot' instead of 'switch' action"
echo ""
echo -e "Examples:"
echo " nixos-deploy .#hostname user@192.168.1.10"
echo " nixos-deploy --local-build .#hostname 192.168.1.10"
echo " nixos-deploy --boot .#hostname 192.168.1.10"
echo " nixos-deploy .#hostname 192.168.1.10 # uses current user"
exit 1
}
while [[ $# -gt 0 ]]; do
case $1 in
--local-build)
LOCAL_BUILD=true
shift
;;
--boot)
ACTION="boot"
shift
;;
--help|-h)
show_usage
;;
-*)
echo -e "Unknown option: $1"
show_usage
;;
*)
if [[ -z "$FLAKE_URI" ]]; then
FLAKE_URI="$1"
elif [[ -z "$TARGET_HOST" ]]; then
TARGET_HOST="$1"
else
echo -e "Too many arguments"
show_usage
fi
shift
;;
esac
done
if [[ -z "$FLAKE_URI" ]]; then
echo -e "flake-uri is required"
show_usage
fi
if [[ -z "$TARGET_HOST" ]]; then
echo -e "target host is required"
show_usage
fi
if [[ "$TARGET_HOST" == *"@"* ]]; then
SSH_USER=${"\${TARGET_HOST%@*}"}
SSH_HOST=${"\${TARGET_HOST#*@}"}
else
SSH_USER="$(${coreutils}/bin/whoami)"
SSH_HOST="$TARGET_HOST"
fi
echo "Deploying $FLAKE_URI to $SSH_HOST as user $SSH_USER (action: $ACTION)"
if [[ "$LOCAL_BUILD" != "true" ]]; then
GC_ROOT_PATH="/tmp/nixos-deploy-$SSH_HOST-$$"
fi
REBUILD_CMD="${nixos-rebuild}/bin/nixos-rebuild $ACTION --flake $FLAKE_URI --target-host $TARGET_HOST"
if [[ "$LOCAL_BUILD" == "true" ]]; then
echo -e "Building locally and deploying to remote host"
else
REBUILD_CMD="$REBUILD_CMD --build-host $SSH_HOST"
echo -e "Building on remote host"
fi
if [[ "$SSH_USER" != "root" ]]; then
REBUILD_CMD="$REBUILD_CMD --use-remote-sudo"
echo -e "Using remote sudo for non-root user"
fi
echo -e "Running: $REBUILD_CMD"
exec $REBUILD_CMD
'';
dontUnpack = true;
installPhase = ''
mkdir -p $out/bin
cp ${passthru.script}/bin/nixos-deploy $out/bin/
'';
meta = with lib; {
description = "Deploy a NixOS flake to a remote host using nixos-rebuild";
license = licenses.mit;
platforms = platforms.unix;
maintainers = with maintainers; [ ];
};
}