export
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_PATH
- $(error Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path)
-endif
-
+PASSWORD_STORE_DIR = $(shell pwd)/secrets
NIXOPS_STATE ?= ./state/eldiron.nixops
NIXOPS_DEPLOYMENT = cef694f3-081d-11e9-b31f-0242ec186adf
-nixpkgs ?= https://releases.nixos.org/nixos/19.03/nixos-19.03.172754.0728c3e026e/nixexprs.tar.xz
-NIX_PATH = nixpkgs=${nixpkgs}:nixpkgsNext=${nixpkgs}:nixpkgsPrevious=${nixpkgs}
+nixpkgs ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops".url')
+nixpkgsNext ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops-next".url')
+nixpkgsPrevious ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops-previous".url')
+NIX_PATH = nixpkgs=${nixpkgs}:nixpkgsNext=${nixpkgsNext}:nixpkgsPrevious=${nixpkgsPrevious}
NIXOPS := $(shell NIX_PATH=$(NIX_PATH) nix-build --no-out-link -E "with import <nixpkgs> { overlays = builtins.attrValues (import ../overlays); }; nixops")/bin/nixops
NIXOPS_PRIV = ./scripts/with_env $(NIXOPS)
.PHONY: setup
###### Nixops regular tasks
+TARGET ?=
NIXOPS_ARGS ?=
+ifdef TARGET
+ override NIXOPS_ARGS +=--include=$(TARGET)
+endif
+SSH_ARGS ?=
+
+edit_env:
+ pass edit Nixops/files/environment.nix || true
+
nixops:
$(NIXOPS_PRIV) $(NIXOPS_ARGS)
-SSH_ARGS ?=
ssh-eldiron:
$(NIXOPS_PRIV) ssh eldiron -- $(SSH_ARGS)
+ssh-dilion:
+ $(NIXOPS_PRIV) ssh dilion -- $(SSH_ARGS)
+
+ssh-backup-2:
+ $(NIXOPS_PRIV) ssh backup-2 -- $(SSH_ARGS)
+
+ssh-monitoring-1:
+ $(NIXOPS_PRIV) ssh monitoring-1 -- $(SSH_ARGS)
+
info:
$(NIXOPS_PRIV) list
$(NIXOPS_PRIV) info
debug:
- $(NIXOPS_PRIV) deploy --build-only --show-trace
+ $(NIXOPS_PRIV) deploy --build-only --show-trace $(NIXOPS_ARGS)
dry-run:
- $(NIXOPS_PRIV) deploy --dry-run
+ $(NIXOPS_PRIV) deploy --dry-run $(NIXOPS_ARGS)
build:
- $(NIXOPS_PRIV) deploy --build-only
+ $(NIXOPS_PRIV) deploy --build-only $(NIXOPS_ARGS)
upload:
- $(NIXOPS_PRIV) deploy --copy-only
+ $(NIXOPS_PRIV) deploy --copy-only $(NIXOPS_ARGS)
deploy:
- $(NIXOPS_PRIV) deploy
+ $(NIXOPS_PRIV) deploy $(NIXOPS_ARGS)
deploy-reboot:
- $(NIXOPS_PRIV) deploy --force-reboot
+ $(NIXOPS_PRIV) deploy --force-reboot $(NIXOPS_ARGS)
reboot:
- $(NIXOPS_PRIV) reboot --include=eldiron
+ $(NIXOPS_PRIV) reboot --include=$(TARGET)
.PHONY: nixops ssh-eldiron info debug dry-run build upload deploy deploy-reboot reboot
###### Cleanup generations and garbage collection
delete-generations:
nix-env -p $(profile) --delete-generations $(GEN)
$(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
+ $(NIXOPS_PRIV) ssh dilion -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
+ $(NIXOPS_PRIV) ssh backup-2 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
+ $(NIXOPS_PRIV) ssh monitoring-1 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
.PHONY: delete-generations
cleanup: delete-generations
nix-store --gc
$(NIXOPS_PRIV) ssh eldiron -- nix-store --gc
+ $(NIXOPS_PRIV) ssh dilion -- nix-store --gc
+ $(NIXOPS_PRIV) ssh backup-2 -- nix-store --gc
+ $(NIXOPS_PRIV) ssh monitoring-1 -- nix-store --gc
.PHONY: cleanup
###### Pull environment and deployment from remote
-# Don't include pull_deployment by default as this should happen only rarely
-pull: pull_environment;
-.PHONY: pull
-
-pull_environment:
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
- $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
-endif
- pass git subtree pull --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
-.PHONY: pull_environment
-
pull_deployment:
@if $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null ; then \
echo "This will remove your current deployment file and recreate it!. Continue? [y/N]" && \
[ "$$y" = "y" -o "$$y" = "Y" ] && \
$(NIXOPS) delete --force -d $(NIXOPS_DEPLOYMENT); \
fi
- pass show $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment | $(NIXOPS) import
+ pass show Nixops/Deployment | $(NIXOPS) import
$(NIXOPS) modify -d $(NIXOPS_DEPLOYMENT) "$$(pwd)/default.nix"
.PHONY: pull_deployment
$(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null
.PHONY: deployment_is_set
-###### Push environment and deployment information to password store
-push: push_deployment push_environment;
-.PHONY: push
-
+###### Push deployment information to password store
push_deployment:
- $(NIXOPS) export | pass insert -m $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment
-.PHONY: push_deployment
-
-push_environment:
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
- $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
-endif
- pass git subtree push --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
-.PHONY: push_environment
+ $(NIXOPS) export | pass insert -m Nixops/Deployment
+.PHONY: push
projects / perso / Immae / Config / Nix.git / blobdiff