]>
Commit | Line | Data |
---|---|---|
dbcba2ea IB |
1 | nur: |
2 | ./scripts/make-nur | |
845e5a98 | 3 | curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae" |
dbcba2ea | 4 | |
877f7bf7 IB |
5 | push_remote: |
6 | git push origin $$(stg id {base}):master | |
7 | ||
e96787f1 | 8 | shellcheck: |
1a64deeb | 9 | shellcheck scripts/* deploy/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict |
e96787f1 | 10 | |
e94cd212 | 11 | .PHONY: nur shellcheck |
1a64deeb IB |
12 | |
13 | ###### Initial setup | |
14 | setup: | |
15 | ./scripts/setup | |
16 | .PHONY: setup | |
17 | ||
18 | ###### Morph regular tasks | |
19 | PROFILE=./deploy/history | |
20 | TARGET ?= | |
21 | COMMON_COLEMNA_ARGS = -f ./deploy/flake.nix -v | |
22 | #Only enabled in colemna 0.4: --nix-option allow-unsafe-native-code-during-evaluation true --nix-option allow-import-from-derivation true --nix-option substituters https://cache.nixos.org/ | |
23 | MORPH_ARGS ?= | |
24 | ifdef TARGET | |
25 | # multiple targets: --on="{machine1,machine2}" (works with * glob too) | |
26 | override MORPH_ARGS +=--on=$(TARGET) | |
27 | endif | |
28 | SSH_ARGS ?= | |
29 | ||
30 | nodes= dilion eldiron backup-2 monitoring-1 quatresaisons zoldene | |
31 | ||
32 | refresh_flakes: | |
33 | @if [ -n "$(TARGET)" ]; then \ | |
34 | ./scripts/refresh_flakes --no-new-inputs ./systems/$(TARGET)/flake.nix; \ | |
35 | nix --no-warn-dirty flake lock --update-input n-$(TARGET) ./flakes; \ | |
36 | nix --no-warn-dirty flake lock --update-input main-flake ./deploy; \ | |
37 | else \ | |
38 | ./scripts/refresh_flakes --no-new-inputs; \ | |
39 | fi | |
ccae7987 | 40 | (cd deploy ; nix flake lock --update-input secrets || true) |
1a64deeb IB |
41 | (cd deploy ; nix flake lock --update-input secrets-local || true) |
42 | ||
43 | .PHONY: refresh_flakes | |
44 | ||
45 | .PHONY: build $(addprefix build-,$(nodes)) | |
46 | build-dilion build-eldiron build-backup-2 build-monitoring-1 build-quatresaisons build-zoldene: | |
47 | $(MAKE) build TARGET=$(@:build-%=%) | |
48 | build: refresh_flakes | |
49 | colmena build $(COMMON_COLEMNA_ARGS) $(MORPH_ARGS) | |
50 | ||
51 | .PHONY: deploy $(addprefix deploy-,$(nodes)) | |
52 | deploy-dilion deploy-eldiron deploy-backup-2 deploy-monitoring-1 deploy-quatresaisons deploy-zoldene: | |
53 | $(MAKE) deploy TARGET=$(@:deploy-%=%) | |
54 | deploy: refresh_flakes | |
55 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) switch --keep-result $(MORPH_ARGS) | |
56 | $(MAKE) keep-roots | |
57 | ||
58 | .PHONY: ssh $(addprefix ssh-,$(nodes)) | |
59 | ssh-4c: ssh-quatresaisons | |
60 | ssh-dilion ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-quatresaisons ssh-zoldene: | |
61 | $(MAKE) ssh TARGET=$(@:ssh-%=%) | |
62 | ssh: | |
63 | ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)' | |
64 | ||
65 | .PHONY: ssh-decrypt $(addsuffix -decrypt,$(addprefix ssh-,$(nodes))) | |
66 | ssh-zoldene-decrypt: | |
67 | $(MAKE) ssh-decrypt TARGET=$(@:ssh-%-decrypt=%) | |
68 | ssh-decrypt: | |
69 | ./scripts/with_env bash -c 'ssh -p 2222 -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)' | |
70 | ||
71 | .PHONY: debug $(addprefix debug-,$(nodes)) | |
72 | debug-dilion debug-eldiron debug-backup-2 debug-monitoring-1 debug-quatresaisons debug-zoldene: | |
73 | $(MAKE) debug TARGET=$(@:debug-%=%) | |
74 | debug: refresh_flakes | |
75 | colmena build $(COMMON_COLEMNA_ARGS) --show-trace $(MORPH_ARGS) | |
76 | ||
77 | .PHONY: upload $(addprefix upload-,$(nodes)) | |
78 | upload-dilion upload-eldiron upload-backup-2 upload-monitoring-1 upload-quatresaisons upload-zoldene: | |
79 | $(MAKE) upload TARGET=$(@:upload-%=%) | |
80 | upload: refresh_flakes | |
81 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) push $(MORPH_ARGS) | |
82 | ||
83 | .PHONY: test-deploy $(addprefix test-deploy-,$(nodes)) | |
84 | test-deploy-dilion test-deploy-eldiron test-deploy-backup-2 test-deploy-monitoring-1 test-deploy-quatresaisons test-deploy-zoldene: | |
85 | $(MAKE) test-deploy TARGET=$(@:test-deploy-%=%) | |
86 | test-deploy: refresh_flakes | |
87 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) test $(MORPH_ARGS) | |
88 | ||
89 | .PHONY: next-boot $(addprefix next-boot-,$(nodes)) | |
90 | next-boot-dilion next-boot-eldiron next-boot-backup-2 next-boot-monitoring-1 next-boot-quatresaisons next-boot-zoldene: | |
91 | $(MAKE) next-boot TARGET=$(@:next-boot-%=%) | |
92 | next-boot: refresh_flakes | |
93 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot $(MORPH_ARGS) | |
94 | ||
95 | .PHONY: deploy-reboot $(addprefix deploy-reboot-,$(nodes)) | |
96 | deploy-reboot-dilion deploy-reboot-eldiron deploy-reboot-backup-2 deploy-reboot-monitoring-1 deploy-reboot-quatresaisons deploy-reboot-zoldene: | |
97 | $(MAKE) deploy-reboot TARGET=$(@:deploy-reboot-%=%) | |
98 | deploy-reboot: refresh_flakes | |
99 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot --reboot $(MORPH_ARGS) | |
100 | # Run it a second time because first time uploads the secrets | |
101 | # before rebooting | |
102 | $(MAKE) deploy | |
103 | ||
104 | keep-roots: | |
105 | mkdir -p $(PROFILE) | |
106 | for i in deploy/.gcroots/node-*; do nix-env -p $(PROFILE)/$$(basename $$i | sed -e "s/node-//") --set "$$i"; done | |
107 | ||
108 | systems := $(shell find $(PROFILE) -type l -not -name "*link" -printf "%f ") | |
109 | ###### Cleanup generations and garbage collection | |
110 | GEN ?= "+3" | |
111 | ||
112 | list-generations: | |
113 | @$(foreach system, $(systems), echo $(system);\ | |
114 | nix-env -p $(PROFILE)/$(system) --list-generations;\ | |
115 | $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations";\ | |
116 | ) | |
117 | .PHONY: list-generations | |
118 | ||
119 | delete-generations: | |
120 | $(MAKE) keep-roots | |
121 | @$(foreach system, $(systems), echo $(system); \ | |
122 | nix-env -p $(PROFILE)/$(system) --delete-generations $(GEN);\ | |
123 | $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)";\ | |
124 | ) | |
125 | .PHONY: delete-generations | |
126 | ||
127 | cleanup: delete-generations | |
128 | nix-store --gc | |
129 | @$(foreach system, $(systems), echo $(system); \ | |
130 | $(MAKE) ssh-$(system) SSH_ARGS="nix-store --gc";\ | |
131 | ) | |
132 | .PHONY: cleanup |