]>
Commit | Line | Data |
---|---|---|
1 | nur: | |
2 | ./scripts/make-nur | |
3 | curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae" | |
4 | ||
5 | shellcheck: | |
6 | shellcheck scripts/* deploy/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict | |
7 | ||
8 | .PHONY: nur shellcheck | |
9 | ||
10 | ###### Initial setup | |
11 | setup: | |
12 | ./scripts/setup | |
13 | .PHONY: setup | |
14 | ||
15 | ###### Morph regular tasks | |
16 | PROFILE=./deploy/history | |
17 | TARGET ?= | |
18 | COMMON_COLEMNA_ARGS = -f ./deploy/flake.nix -v | |
19 | #Only enabled in colemna 0.4: --nix-option allow-unsafe-native-code-during-evaluation true --nix-option allow-import-from-derivation true --nix-option substituters https://cache.nixos.org/ | |
20 | MORPH_ARGS ?= | |
21 | ifdef TARGET | |
22 | # multiple targets: --on="{machine1,machine2}" (works with * glob too) | |
23 | override MORPH_ARGS +=--on=$(TARGET) | |
24 | endif | |
25 | SSH_ARGS ?= | |
26 | ||
27 | nodes= dilion eldiron backup-2 monitoring-1 quatresaisons zoldene | |
28 | ||
29 | refresh_flakes: | |
30 | @if [ -n "$(TARGET)" ]; then \ | |
31 | ./scripts/refresh_flakes --no-new-inputs ./systems/$(TARGET)/flake.nix; \ | |
32 | nix --no-warn-dirty flake lock --update-input n-$(TARGET) ./flakes; \ | |
33 | nix --no-warn-dirty flake lock --update-input main-flake ./deploy; \ | |
34 | else \ | |
35 | ./scripts/refresh_flakes --no-new-inputs; \ | |
36 | fi | |
37 | (cd deploy ; nix flake lock --update-input secrets || true) | |
38 | (cd deploy ; nix flake lock --update-input secrets-local || true) | |
39 | ||
40 | .PHONY: refresh_flakes | |
41 | ||
42 | .PHONY: build $(addprefix build-,$(nodes)) | |
43 | build-dilion build-eldiron build-backup-2 build-monitoring-1 build-quatresaisons build-zoldene: | |
44 | $(MAKE) build TARGET=$(@:build-%=%) | |
45 | build: refresh_flakes | |
46 | colmena build $(COMMON_COLEMNA_ARGS) $(MORPH_ARGS) | |
47 | ||
48 | .PHONY: deploy $(addprefix deploy-,$(nodes)) | |
49 | deploy-dilion deploy-eldiron deploy-backup-2 deploy-monitoring-1 deploy-quatresaisons deploy-zoldene: | |
50 | $(MAKE) deploy TARGET=$(@:deploy-%=%) | |
51 | deploy: refresh_flakes | |
52 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) switch --keep-result $(MORPH_ARGS) | |
53 | $(MAKE) keep-roots | |
54 | ||
55 | .PHONY: ssh $(addprefix ssh-,$(nodes)) | |
56 | ssh-4c: ssh-quatresaisons | |
57 | ssh-dilion ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-quatresaisons ssh-zoldene: | |
58 | $(MAKE) ssh TARGET=$(@:ssh-%=%) | |
59 | ssh: | |
60 | ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)' | |
61 | ||
62 | .PHONY: ssh-decrypt $(addsuffix -decrypt,$(addprefix ssh-,$(nodes))) | |
63 | ssh-zoldene-decrypt: | |
64 | $(MAKE) ssh-decrypt TARGET=$(@:ssh-%-decrypt=%) | |
65 | ssh-decrypt: | |
66 | ./scripts/with_env bash -c 'ssh -p 2222 -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)' | |
67 | ||
68 | .PHONY: debug $(addprefix debug-,$(nodes)) | |
69 | debug-dilion debug-eldiron debug-backup-2 debug-monitoring-1 debug-quatresaisons debug-zoldene: | |
70 | $(MAKE) debug TARGET=$(@:debug-%=%) | |
71 | debug: refresh_flakes | |
72 | colmena build $(COMMON_COLEMNA_ARGS) --show-trace $(MORPH_ARGS) | |
73 | ||
74 | .PHONY: upload $(addprefix upload-,$(nodes)) | |
75 | upload-dilion upload-eldiron upload-backup-2 upload-monitoring-1 upload-quatresaisons upload-zoldene: | |
76 | $(MAKE) upload TARGET=$(@:upload-%=%) | |
77 | upload: refresh_flakes | |
78 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) push $(MORPH_ARGS) | |
79 | ||
80 | .PHONY: test-deploy $(addprefix test-deploy-,$(nodes)) | |
81 | test-deploy-dilion test-deploy-eldiron test-deploy-backup-2 test-deploy-monitoring-1 test-deploy-quatresaisons test-deploy-zoldene: | |
82 | $(MAKE) test-deploy TARGET=$(@:test-deploy-%=%) | |
83 | test-deploy: refresh_flakes | |
84 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) test $(MORPH_ARGS) | |
85 | ||
86 | .PHONY: next-boot $(addprefix next-boot-,$(nodes)) | |
87 | next-boot-dilion next-boot-eldiron next-boot-backup-2 next-boot-monitoring-1 next-boot-quatresaisons next-boot-zoldene: | |
88 | $(MAKE) next-boot TARGET=$(@:next-boot-%=%) | |
89 | next-boot: refresh_flakes | |
90 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot $(MORPH_ARGS) | |
91 | ||
92 | .PHONY: deploy-reboot $(addprefix deploy-reboot-,$(nodes)) | |
93 | deploy-reboot-dilion deploy-reboot-eldiron deploy-reboot-backup-2 deploy-reboot-monitoring-1 deploy-reboot-quatresaisons deploy-reboot-zoldene: | |
94 | $(MAKE) deploy-reboot TARGET=$(@:deploy-reboot-%=%) | |
95 | deploy-reboot: refresh_flakes | |
96 | ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot --reboot $(MORPH_ARGS) | |
97 | # Run it a second time because first time uploads the secrets | |
98 | # before rebooting | |
99 | $(MAKE) deploy | |
100 | ||
101 | keep-roots: | |
102 | mkdir -p $(PROFILE) | |
103 | for i in deploy/.gcroots/node-*; do nix-env -p $(PROFILE)/$$(basename $$i | sed -e "s/node-//") --set "$$i"; done | |
104 | ||
105 | systems := $(shell find $(PROFILE) -type l -not -name "*link" -printf "%f ") | |
106 | ###### Cleanup generations and garbage collection | |
107 | GEN ?= "+3" | |
108 | ||
109 | list-generations: | |
110 | @$(foreach system, $(systems), echo $(system);\ | |
111 | nix-env -p $(PROFILE)/$(system) --list-generations;\ | |
112 | $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations";\ | |
113 | ) | |
114 | .PHONY: list-generations | |
115 | ||
116 | delete-generations: | |
117 | $(MAKE) keep-roots | |
118 | @$(foreach system, $(systems), echo $(system); \ | |
119 | nix-env -p $(PROFILE)/$(system) --delete-generations $(GEN);\ | |
120 | $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)";\ | |
121 | ) | |
122 | .PHONY: delete-generations | |
123 | ||
124 | cleanup: delete-generations | |
125 | nix-store --gc | |
126 | @$(foreach system, $(systems), echo $(system); \ | |
127 | $(MAKE) ssh-$(system) SSH_ARGS="nix-store --gc";\ | |
128 | ) | |
129 | .PHONY: cleanup |