From dcaecc7229866c334aa525ee03e126f0ceaf2b90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 4 Dec 2022 07:46:56 +0100 Subject: [PATCH] Move flake packages into its own file --- flake.nix | 302 +------------------------------------------------- packages.nix | 305 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 306 insertions(+), 301 deletions(-) create mode 100644 packages.nix diff --git a/flake.nix b/flake.nix index b21ff503..186b5d93 100644 --- a/flake.nix +++ b/flake.nix @@ -177,10 +177,6 @@ let inherit (nixos) lib; - # all the input flakes for `nix copy` to the build machine, - # allowing --override-input - inputPaths = lib.escapeShellArgs (builtins.attrValues inputs); - extractZwHosts = { hosts4, hosts6, ... }: lib.recursiveUpdate ( builtins.foldl' (result: name: @@ -205,16 +201,6 @@ }; extraHostRegistry.hosts = import ./host-registry.nix; hostRegistry = lib.recursiveUpdate zwHostRegistry extraHostRegistry; - - getHostAddr = name: - let - hostConf = hostRegistry.hosts."${name}"; - in - if hostConf ? ip4 - then hostConf.ip4 - else if hostConf ? ip6 - then hostConf.ip6 - else throw "Host ${name} has no ip4 or ip6 address"; in { overlay = import ./overlay { inherit nixos-unstable; @@ -228,293 +214,7 @@ self.overlay ]) nixos.legacyPackages; - packages = lib.attrsets.mapAttrs (system: pkgs: - let overlayPkgs = builtins.intersectAttrs (self.overlay {} {}) pkgs; - in overlayPkgs // - { - host-registry = pkgs.runCommand "host-registry" { - src = builtins.toFile "host-registry.nix" ( - lib.generators.toPretty {} hostRegistry - ); - } '' - ln -s $src $out - ''; - - list-upgradable = pkgs.writeScriptBin "list-upgradable" '' - #! ${pkgs.runtimeShell} - - NORMAL="\033[0m" - RED="\033[0;31m" - YELLOW="\033[0;33m" - GREEN="\033[0;32m" - - ${pkgs.lib.concatMapStringsSep "\n" (name: - let - addr = getHostAddr name; - in nixos.lib.optionalString (addr != null) '' - echo -n -e "${name}: $RED" - RUNNING=$(ssh -o PreferredAuthentications=publickey -o StrictHostKeyChecking=accept-new root@"${addr}" "readlink /run/current-system") - if [ $? = 0 ] && [ -n "$RUNNING" ]; then - CURRENT=$(nix eval --raw ".#nixosConfigurations.${name}.config.system.build.toplevel" 2>/dev/null) - RUNNING_VER=$(basename $RUNNING|rev|cut -d - -f 1|rev) - RUNNING_DATE=$(echo $RUNNING_VER|cut -d . -f 3) - CURRENT_VER=$(basename $CURRENT|rev|cut -d - -f 1|rev) - CURRENT_DATE=$(echo $CURRENT_VER|cut -d . -f 3) - - if [ "$RUNNING" = "$CURRENT" ]; then - echo -e "$GREEN"current"$NORMAL $RUNNING_VER" - elif [ $RUNNING_DATE -gt $CURRENT_DATE ]; then - echo -e "$GREEN"newer"$NORMAL $RUNNING_VER > $CURRENT_VER" - elif [ "$RUNNING_VER" = "$CURRENT_VER" ]; then - echo -e "$YELLOW"modified"$NORMAL $RUNNING_VER" - elif [ -n "$RUNNING_VER" ]; then - echo -e "$RED"outdated"$NORMAL $RUNNING_VER < $CURRENT_VER" - else - echo -e "$RED"error"$NORMAL $RUNNING_VER" - fi - fi - echo -n -e "$NORMAL" - '') (builtins.attrNames self.nixosConfigurations)} - ''; - - prebuild-all = pkgs.runCommand "prebuild-all" { - preferLocalBuild = true; - } '' - mkdir $out - - ${pkgs.lib.concatMapStrings (name: '' - ln -s ${self.nixosConfigurations."${name}".config.system.build.toplevel} name - '') (builtins.attrNames self.nixosConfigurations)} - ''; - - prebuild-all-remote = pkgs.writeScriptBin "prebuild-all" '' - #!${pkgs.runtimeShell} -e - - nix copy --no-check-sigs --to ssh-ng://$1 ${inputPaths} - - set -x - ssh $1 -- nix build -L --no-link ${ - pkgs.lib.concatMapStringsSep " " (name: - "${self}#nixosConfigurations.${name}.config.system.build.toplevel" - ) (builtins.attrNames self.nixosConfigurations) - } - ''; - - } // - - builtins.foldl' (result: host: result // { - # TODO: check if the ethernet address is reachable and if not, - # execute wol on a machine in HQ. - "${host}-wake" = pkgs.writeScriptBin "${host}-wake" '' - #!${pkgs.runtimeShell} - exec ${pkgs.wol}/bin/wol ${hostRegistry.hosts."${host}".ether} - ''; - }) {} (builtins.attrNames (nixos.lib.filterAttrs (_: { wol ? false, ... }: wol) hostRegistry.hosts)) // - - builtins.foldl' (result: name: - let - host = getHostAddr name; - target = ''root@"${host}"''; - rebuildArg = "--flake ${self}#${name} --option extra-substituters https://nix-serve.hq.c3d2.de"; - hostConfig = self.nixosConfigurations."${name}".config; - # let /var/lib/microvm/*/flake point to the flake-update branch so that - # `microvm -u $NAME` updates to what hydra built today. - selfRef = "git+https://gitea.c3d2.de/c3d2/nix-config?ref=flake-update"; - in result // { - # Generate a small script for copying this flake to the - # remote machine and bulding and switching there. - # Can be run with `nix run c3d2#…-nixos-rebuild switch` - "${name}-nixos-rebuild" = pkgs.writeScriptBin "${name}-nixos-rebuild" '' - #!${pkgs.runtimeShell} -ex - [[ $(ssh ${target} cat /etc/hostname) == ${name} ]] - nix copy --no-check-sigs --to ssh-ng://${target} ${inputPaths} - ssh ${target} nixos-rebuild ${rebuildArg} "$@" - ''; - - "${name}-nixos-rebuild-hydra" = pkgs.writeScriptBin "${name}-nixos-rebuild" '' - #!${pkgs.runtimeShell} -e - echo Copying Flakes - nix copy --no-check-sigs --to ssh-ng://root@hydra.serv.zentralwerk.org ${inputPaths} - echo Building on Hydra - ssh root@hydra.serv.zentralwerk.org -- \ - nix build -L -o /tmp/nixos-system-${name} \ - ${self}#nixosConfigurations.${name}.config.system.build.toplevel - echo Built. Obtaining link to data - TOPLEVEL=$(ssh root@hydra.serv.zentralwerk.org \ - readlink /tmp/nixos-system-${name}) - echo Checking target ${name} - ssh ${target} -- bash -e <&2 - exit 1 - ''} - - ${hostConfig.system.build.copyToServer} ${inputPaths} - - ${hostConfig.system.build.runOnServer} bash -e < flake - - [ -e old ] && nix store diff-closures ./old ./current - ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${name} - ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${name} - ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${name} - - systemctl restart microvm@${name}.service - END - ''; - - "microvm-update-${name}-local" = pkgs.writeScriptBin "microvm-update-${name}" '' - #!${pkgs.runtimeShell} -e - - ${lib.optionalString (! builtins.elem (hostConfig.c3d2.deployment.server or null) [ "server9" "server10" ]) '' - echo "MicroVM must be configured to proper server" >&2 - exit 1 - ''} - - ${hostConfig.system.build.copyToServer} ${hostConfig.microvm.declaredRunner} - - ${hostConfig.system.build.runOnServer} bash -e < flake - - [ -e old ] && nix store diff-closures ./old ./current - ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${name} - ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${name} - ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${name} - - systemctl restart microvm@${name}.service - END - ''; - - "nomad-${name}" = pkgs.writeScriptBin "nomad-${name}" '' - #!${pkgs.runtimeShell} -e - - ${lib.optionalString (hostConfig.c3d2.deployment.server or null == "nomad") '' - echo "MicroVM must be configured for nomad" >&2 - exit 1 - ''} - - echo Copying Flakes - nix copy --no-check-sigs --to ssh-ng://root@hydra.serv.zentralwerk.org ${secrets} ${self} - - echo Building on Hydra - ssh root@hydra.serv.zentralwerk.org -- \ - nix build -L -o /tmp/microvm-${name}.job \ - ${self}#nixosConfigurations.${name}.config.system.build.nomadJob - - echo -n Built. Obtaining path... - JOB=$(ssh root@hydra.serv.zentralwerk.org -- \ - readlink /tmp/microvm-${name}.job) - echo \ $JOB - - for h in server9 server10 ; do - echo Sharing with $h - ssh root@$h.cluster.zentralwerk.org -- \ - bash -e </dev/null) + RUNNING_VER=$(basename $RUNNING|rev|cut -d - -f 1|rev) + RUNNING_DATE=$(echo $RUNNING_VER|cut -d . -f 3) + CURRENT_VER=$(basename $CURRENT|rev|cut -d - -f 1|rev) + CURRENT_DATE=$(echo $CURRENT_VER|cut -d . -f 3) + + if [ "$RUNNING" = "$CURRENT" ]; then + echo -e "$GREEN"current"$NORMAL $RUNNING_VER" + elif [ $RUNNING_DATE -gt $CURRENT_DATE ]; then + echo -e "$GREEN"newer"$NORMAL $RUNNING_VER > $CURRENT_VER" + elif [ "$RUNNING_VER" = "$CURRENT_VER" ]; then + echo -e "$YELLOW"modified"$NORMAL $RUNNING_VER" + elif [ -n "$RUNNING_VER" ]; then + echo -e "$RED"outdated"$NORMAL $RUNNING_VER < $CURRENT_VER" + else + echo -e "$RED"error"$NORMAL $RUNNING_VER" + fi + fi + echo -n -e "$NORMAL" + '') (builtins.attrNames self.nixosConfigurations)} + ''; + + prebuild-all = pkgs.runCommand "prebuild-all" { + preferLocalBuild = true; + } '' + mkdir $out + + ${pkgs.lib.concatMapStrings (name: '' + ln -s ${self.nixosConfigurations."${name}".config.system.build.toplevel} name + '') (builtins.attrNames self.nixosConfigurations)} + ''; + + prebuild-all-remote = pkgs.writeScriptBin "prebuild-all" '' + #!${pkgs.runtimeShell} -e + + nix copy --no-check-sigs --to ssh-ng://$1 ${inputPaths} + + set -x + ssh $1 -- nix build -L --no-link ${ + pkgs.lib.concatMapStringsSep " " (name: + "${self}#nixosConfigurations.${name}.config.system.build.toplevel" + ) (builtins.attrNames self.nixosConfigurations) + } + ''; + + } // + + builtins.foldl' (result: host: result // { + # TODO: check if the ethernet address is reachable and if not, + # execute wol on a machine in HQ. + "${host}-wake" = pkgs.writeScriptBin "${host}-wake" '' + #!${pkgs.runtimeShell} + exec ${pkgs.wol}/bin/wol ${hostRegistry.hosts."${host}".ether} + ''; + }) {} (builtins.attrNames (lib.filterAttrs (_: { wol ? false, ... }: wol) hostRegistry.hosts)) // + + builtins.foldl' (result: name: + let + host = getHostAddr name; + target = ''root@"${host}"''; + rebuildArg = "--flake ${self}#${name} --option extra-substituters https://nix-serve.hq.c3d2.de"; + hostConfig = self.nixosConfigurations."${name}".config; + # let /var/lib/microvm/*/flake point to the flake-update branch so that + # `microvm -u $NAME` updates to what hydra built today. + selfRef = "git+https://gitea.c3d2.de/c3d2/nix-config?ref=flake-update"; + in result // { + # Generate a small script for copying this flake to the + # remote machine and bulding and switching there. + # Can be run with `nix run c3d2#…-nixos-rebuild switch` + "${name}-nixos-rebuild" = pkgs.writeScriptBin "${name}-nixos-rebuild" '' + #!${pkgs.runtimeShell} -ex + [[ $(ssh ${target} cat /etc/hostname) == ${name} ]] + nix copy --no-check-sigs --to ssh-ng://${target} ${inputPaths} + ssh ${target} nixos-rebuild ${rebuildArg} "$@" + ''; + + "${name}-nixos-rebuild-hydra" = pkgs.writeScriptBin "${name}-nixos-rebuild" '' + #!${pkgs.runtimeShell} -e + echo Copying Flakes + nix copy --no-check-sigs --to ssh-ng://root@hydra.serv.zentralwerk.org ${inputPaths} + echo Building on Hydra + ssh root@hydra.serv.zentralwerk.org -- \ + nix build -L -o /tmp/nixos-system-${name} \ + ${self}#nixosConfigurations.${name}.config.system.build.toplevel + echo Built. Obtaining link to data + TOPLEVEL=$(ssh root@hydra.serv.zentralwerk.org \ + readlink /tmp/nixos-system-${name}) + echo Checking target ${name} + ssh ${target} -- bash -e <&2 + exit 1 + ''} + + ${hostConfig.system.build.copyToServer} ${inputPaths} + + ${hostConfig.system.build.runOnServer} bash -e < flake + + [ -e old ] && nix store diff-closures ./old ./current + ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${name} + ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${name} + ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${name} + + systemctl restart microvm@${name}.service + END + ''; + + "microvm-update-${name}-local" = pkgs.writeScriptBin "microvm-update-${name}" '' + #!${pkgs.runtimeShell} -e + + ${lib.optionalString (! builtins.elem (hostConfig.c3d2.deployment.server or null) [ "server9" "server10" ]) '' + echo "MicroVM must be configured to proper server" >&2 + exit 1 + ''} + + ${hostConfig.system.build.copyToServer} ${hostConfig.microvm.declaredRunner} + + ${hostConfig.system.build.runOnServer} bash -e < flake + + [ -e old ] && nix store diff-closures ./old ./current + ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${name} + ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${name} + ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${name} + + systemctl restart microvm@${name}.service + END + ''; + + "nomad-${name}" = pkgs.writeScriptBin "nomad-${name}" '' + #!${pkgs.runtimeShell} -e + + ${lib.optionalString (hostConfig.c3d2.deployment.server or null == "nomad") '' + echo "MicroVM must be configured for nomad" >&2 + exit 1 + ''} + + echo Copying Flakes + nix copy --no-check-sigs --to ssh-ng://root@hydra.serv.zentralwerk.org ${secrets} ${self} + + echo Building on Hydra + ssh root@hydra.serv.zentralwerk.org -- \ + nix build -L -o /tmp/microvm-${name}.job \ + ${self}#nixosConfigurations.${name}.config.system.build.nomadJob + + echo -n Built. Obtaining path... + JOB=$(ssh root@hydra.serv.zentralwerk.org -- \ + readlink /tmp/microvm-${name}.job) + echo \ $JOB + + for h in server9 server10 ; do + echo Sharing with $h + ssh root@$h.cluster.zentralwerk.org -- \ + bash -e <