[perso/Immae/Config/Nix.git] / Makefile

nur:
	./scripts/make-nur
	curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae"

push_remote:
	git push origin $$(stg id {base}):master

shellcheck:
	shellcheck scripts/* deploy/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict

.PHONY: nur shellcheck

###### Initial setup
setup:
	./scripts/setup
.PHONY: setup

###### Morph regular tasks
PROFILE=./deploy/history
TARGET ?=
COMMON_COLEMNA_ARGS = -f ./deploy/flake.nix -v
#Only enabled in colemna 0.4: --nix-option allow-unsafe-native-code-during-evaluation true --nix-option allow-import-from-derivation true --nix-option substituters https://cache.nixos.org/
MORPH_ARGS ?=
ifdef TARGET
  # multiple targets: --on="{machine1,machine2}" (works with * glob too)
  override MORPH_ARGS +=--on=$(TARGET)
endif
SSH_ARGS ?=

nodes= dilion eldiron backup-2 monitoring-1 quatresaisons zoldene

refresh_flakes:
	@if [ -n "$(TARGET)" ]; then \
		./scripts/refresh_flakes --no-new-inputs ./systems/$(TARGET)/flake.nix; \
		nix --no-warn-dirty flake lock --update-input n-$(TARGET) ./flakes; \
		nix --no-warn-dirty flake lock --update-input main-flake ./deploy; \
		else \
		./scripts/refresh_flakes --no-new-inputs; \
		fi
	(cd deploy ; nix flake lock --update-input secrets || true)
	(cd deploy ; nix flake lock --update-input secrets-local || true)

.PHONY: refresh_flakes

.PHONY: build $(addprefix build-,$(nodes))
build-dilion build-eldiron build-backup-2 build-monitoring-1 build-quatresaisons build-zoldene:
	$(MAKE) build TARGET=$(@:build-%=%)
build: refresh_flakes
	colmena build $(COMMON_COLEMNA_ARGS) $(MORPH_ARGS)

.PHONY: deploy $(addprefix deploy-,$(nodes))
deploy-dilion deploy-eldiron deploy-backup-2 deploy-monitoring-1 deploy-quatresaisons deploy-zoldene:
	$(MAKE) deploy TARGET=$(@:deploy-%=%)
deploy: refresh_flakes
	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) switch --keep-result $(MORPH_ARGS)
	$(MAKE) keep-roots

.PHONY: ssh $(addprefix ssh-,$(nodes))
ssh-4c: ssh-quatresaisons
ssh-dilion ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-quatresaisons ssh-zoldene:
	$(MAKE) ssh TARGET=$(@:ssh-%=%)
ssh:
	./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'

.PHONY: ssh-decrypt $(addsuffix -decrypt,$(addprefix ssh-,$(nodes)))
ssh-zoldene-decrypt:
	$(MAKE) ssh-decrypt TARGET=$(@:ssh-%-decrypt=%)
ssh-decrypt:
	until ping -c1 $(TARGET); do :; done
	./scripts/with_env bash -c 'ssh -p 2222 -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'

.PHONY: debug $(addprefix debug-,$(nodes))
debug-dilion debug-eldiron debug-backup-2 debug-monitoring-1 debug-quatresaisons debug-zoldene:
	$(MAKE) debug TARGET=$(@:debug-%=%)
debug: refresh_flakes
	colmena build $(COMMON_COLEMNA_ARGS) --show-trace $(MORPH_ARGS)

.PHONY: upload $(addprefix upload-,$(nodes))
upload-dilion upload-eldiron upload-backup-2 upload-monitoring-1 upload-quatresaisons upload-zoldene:
	$(MAKE) upload TARGET=$(@:upload-%=%)
upload: refresh_flakes
	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) push $(MORPH_ARGS)

.PHONY: test-deploy $(addprefix test-deploy-,$(nodes))
test-deploy-dilion test-deploy-eldiron test-deploy-backup-2 test-deploy-monitoring-1 test-deploy-quatresaisons test-deploy-zoldene:
	$(MAKE) test-deploy TARGET=$(@:test-deploy-%=%)
test-deploy: refresh_flakes
	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) test $(MORPH_ARGS)

.PHONY: next-boot $(addprefix next-boot-,$(nodes))
next-boot-dilion next-boot-eldiron next-boot-backup-2 next-boot-monitoring-1 next-boot-quatresaisons next-boot-zoldene:
	$(MAKE) next-boot TARGET=$(@:next-boot-%=%)
next-boot: refresh_flakes
	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot $(MORPH_ARGS)

.PHONY: deploy-reboot $(addprefix deploy-reboot-,$(nodes))
deploy-reboot-dilion deploy-reboot-eldiron deploy-reboot-backup-2 deploy-reboot-monitoring-1 deploy-reboot-quatresaisons deploy-reboot-zoldene:
	$(MAKE) deploy-reboot TARGET=$(@:deploy-reboot-%=%)
deploy-reboot: refresh_flakes
	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot --reboot $(MORPH_ARGS)
	# Run it a second time because first time uploads the secrets
	# before rebooting
	$(MAKE) deploy

keep-roots:
	mkdir -p $(PROFILE)
	for i in deploy/.gcroots/node-*; do nix-env -p $(PROFILE)/$$(basename $$i | sed -e "s/node-//") --set "$$i"; done

systems := $(shell find $(PROFILE) -type l -not -name "*link" -printf "%f ")
###### Cleanup generations and garbage collection
GEN ?= "+3"

list-generations:
	@$(foreach system, $(systems), echo $(system);\
		nix-env -p $(PROFILE)/$(system) --list-generations;\
		$(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations";\
		)
.PHONY: list-generations

delete-generations:
	$(MAKE) keep-roots
	@$(foreach system, $(systems), echo $(system); \
		nix-env -p $(PROFILE)/$(system) --delete-generations $(GEN);\
		$(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)";\
		)
.PHONY: delete-generations

cleanup: delete-generations
	nix-store --gc
	@$(foreach system, $(systems), echo $(system); \
		$(MAKE) ssh-$(system) SSH_ARGS="nix-store --gc";\
		)
.PHONY: cleanup
Commit	Line	Data
dbcba2ea IB	1	nur:
dbcba2ea IB	2	./scripts/make-nur
845e5a98	3	curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae"
dbcba2ea	4
877f7bf7 IB	5	push_remote:
	6	git push origin $$(stg id {base}):master
	7
e96787f1	8	shellcheck:
1a64deeb	9	shellcheck scripts/* deploy/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict
e96787f1	10
e94cd212	11	.PHONY: nur shellcheck
1a64deeb IB	12
	13	###### Initial setup
	14	setup:
	15	./scripts/setup
	16	.PHONY: setup
	17
	18	###### Morph regular tasks
	19	PROFILE=./deploy/history
	20	TARGET ?=
	21	COMMON_COLEMNA_ARGS = -f ./deploy/flake.nix -v
	22	#Only enabled in colemna 0.4: --nix-option allow-unsafe-native-code-during-evaluation true --nix-option allow-import-from-derivation true --nix-option substituters https://cache.nixos.org/
	23	MORPH_ARGS ?=
	24	ifdef TARGET
	25	# multiple targets: --on="{machine1,machine2}" (works with * glob too)
	26	override MORPH_ARGS +=--on=$(TARGET)
	27	endif
	28	SSH_ARGS ?=
	29
	30	nodes= dilion eldiron backup-2 monitoring-1 quatresaisons zoldene
	31
	32	refresh_flakes:
	33	@if [ -n "$(TARGET)" ]; then \
	34	./scripts/refresh_flakes --no-new-inputs ./systems/$(TARGET)/flake.nix; \
	35	nix --no-warn-dirty flake lock --update-input n-$(TARGET) ./flakes; \
	36	nix --no-warn-dirty flake lock --update-input main-flake ./deploy; \
	37	else \
	38	./scripts/refresh_flakes --no-new-inputs; \
	39	fi
ccae7987	40	(cd deploy ; nix flake lock --update-input secrets \|\| true)
1a64deeb IB	41	(cd deploy ; nix flake lock --update-input secrets-local \|\| true)
	42
	43	.PHONY: refresh_flakes
	44
	45	.PHONY: build $(addprefix build-,$(nodes))
	46	build-dilion build-eldiron build-backup-2 build-monitoring-1 build-quatresaisons build-zoldene:
	47	$(MAKE) build TARGET=$(@:build-%=%)
	48	build: refresh_flakes
	49	colmena build $(COMMON_COLEMNA_ARGS) $(MORPH_ARGS)
	50
	51	.PHONY: deploy $(addprefix deploy-,$(nodes))
	52	deploy-dilion deploy-eldiron deploy-backup-2 deploy-monitoring-1 deploy-quatresaisons deploy-zoldene:
	53	$(MAKE) deploy TARGET=$(@:deploy-%=%)
	54	deploy: refresh_flakes
	55	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) switch --keep-result $(MORPH_ARGS)
	56	$(MAKE) keep-roots
	57
	58	.PHONY: ssh $(addprefix ssh-,$(nodes))
	59	ssh-4c: ssh-quatresaisons
	60	ssh-dilion ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-quatresaisons ssh-zoldene:
	61	$(MAKE) ssh TARGET=$(@:ssh-%=%)
	62	ssh:
	63	./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'
	64
	65	.PHONY: ssh-decrypt $(addsuffix -decrypt,$(addprefix ssh-,$(nodes)))
	66	ssh-zoldene-decrypt:
	67	$(MAKE) ssh-decrypt TARGET=$(@:ssh-%-decrypt=%)
	68	ssh-decrypt:
d1527470	69	until ping -c1 $(TARGET); do :; done
1a64deeb IB	70	./scripts/with_env bash -c 'ssh -p 2222 -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'
	71
	72	.PHONY: debug $(addprefix debug-,$(nodes))
	73	debug-dilion debug-eldiron debug-backup-2 debug-monitoring-1 debug-quatresaisons debug-zoldene:
	74	$(MAKE) debug TARGET=$(@:debug-%=%)
	75	debug: refresh_flakes
	76	colmena build $(COMMON_COLEMNA_ARGS) --show-trace $(MORPH_ARGS)
	77
	78	.PHONY: upload $(addprefix upload-,$(nodes))
	79	upload-dilion upload-eldiron upload-backup-2 upload-monitoring-1 upload-quatresaisons upload-zoldene:
	80	$(MAKE) upload TARGET=$(@:upload-%=%)
	81	upload: refresh_flakes
	82	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) push $(MORPH_ARGS)
	83
	84	.PHONY: test-deploy $(addprefix test-deploy-,$(nodes))
	85	test-deploy-dilion test-deploy-eldiron test-deploy-backup-2 test-deploy-monitoring-1 test-deploy-quatresaisons test-deploy-zoldene:
	86	$(MAKE) test-deploy TARGET=$(@:test-deploy-%=%)
	87	test-deploy: refresh_flakes
	88	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) test $(MORPH_ARGS)
	89
	90	.PHONY: next-boot $(addprefix next-boot-,$(nodes))
	91	next-boot-dilion next-boot-eldiron next-boot-backup-2 next-boot-monitoring-1 next-boot-quatresaisons next-boot-zoldene:
	92	$(MAKE) next-boot TARGET=$(@:next-boot-%=%)
	93	next-boot: refresh_flakes
	94	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot $(MORPH_ARGS)
	95
	96	.PHONY: deploy-reboot $(addprefix deploy-reboot-,$(nodes))
	97	deploy-reboot-dilion deploy-reboot-eldiron deploy-reboot-backup-2 deploy-reboot-monitoring-1 deploy-reboot-quatresaisons deploy-reboot-zoldene:
	98	$(MAKE) deploy-reboot TARGET=$(@:deploy-reboot-%=%)
	99	deploy-reboot: refresh_flakes
	100	./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot --reboot $(MORPH_ARGS)
	101	# Run it a second time because first time uploads the secrets
	102	# before rebooting
	103	$(MAKE) deploy
	104
	105	keep-roots:
	106	mkdir -p $(PROFILE)
	107	for i in deploy/.gcroots/node-*; do nix-env -p $(PROFILE)/$$(basename $$i \| sed -e "s/node-//") --set "$$i"; done
	108
	109	systems := $(shell find $(PROFILE) -type l -not -name "*link" -printf "%f ")
	110	###### Cleanup generations and garbage collection
	111	GEN ?= "+3"
	112
	113	list-generations:
	114	@$(foreach system, $(systems), echo $(system);\
	115	nix-env -p $(PROFILE)/$(system) --list-generations;\
	116	$(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations";\
	117	)
	118	.PHONY: list-generations
	119
	120	delete-generations:
	121	$(MAKE) keep-roots
	122	@$(foreach system, $(systems), echo $(system); \
	123	nix-env -p $(PROFILE)/$(system) --delete-generations $(GEN);\
	124	$(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)";\
	125	)
	126	.PHONY: delete-generations
	127
	128	cleanup: delete-generations
	129	nix-store --gc
	130	@$(foreach system, $(systems), echo $(system); \
	131	$(MAKE) ssh-$(system) SSH_ARGS="nix-store --gc";\
	132	)
	133	.PHONY: cleanup