X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=nixops%2FMakefile;h=27d8d959c1363771b73b689e58180bca7a0e4d6f;hp=e52e973e3d5399852b016aadbc2c44a21b44a93a;hb=75489e72e379af8aeac64bc4967717d9ae776ff0;hpb=b639cc33725fed62988b616909843bea7f7aebe3 diff --git a/nixops/Makefile b/nixops/Makefile index e52e973..27d8d95 100644 --- a/nixops/Makefile +++ b/nixops/Makefile @@ -1,18 +1,7 @@ -export -ifndef NIXOPS_CONFIG_PASS_SUBTREE_PATH - $(error Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path) +ifndef NIXOPS_ENV_LOADED + $(error "Please load environment with direnv") endif -NIXOPS_STATE ?= ./state/eldiron.nixops -NIXOPS_DEPLOYMENT = cef694f3-081d-11e9-b31f-0242ec186adf -nixpkgs ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops".url') -nixpkgsNext ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops-next".url') -nixpkgsPrevious ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops-previous".url') -NIX_PATH = nixpkgs=${nixpkgs}:nixpkgsNext=${nixpkgsNext}:nixpkgsPrevious=${nixpkgsPrevious} - -NIXOPS := $(shell NIX_PATH=$(NIX_PATH) nix-build --no-out-link -E "with import { overlays = builtins.attrValues (import ../overlays); }; nixops")/bin/nixops -NIXOPS_PRIV = ./scripts/with_env $(NIXOPS) - ###### Current channel information nix-info: @version=$$(nix eval --raw nixpkgs.lib.version) && \ @@ -26,113 +15,75 @@ setup: ./scripts/setup .PHONY: setup -###### Nixops regular tasks -NIXOPS_ARGS ?= -nixops: - $(NIXOPS_PRIV) $(NIXOPS_ARGS) - +###### Morph regular tasks +PROFILE=/nix/var/nix/profiles/per-user/immae/morph/immaeEu +TARGET ?= +MORPH_ARGS ?= +ifdef TARGET + # multiple targets: --on="{machine1,machine2}" (works with * glob too) + override MORPH_ARGS +=--on=$(TARGET) +endif SSH_ARGS ?= + +edit_env: + pass edit Nixops/files/environment.nix || true + ssh-eldiron: - $(NIXOPS_PRIV) ssh eldiron -- $(SSH_ARGS) + ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@eldiron $(SSH_ARGS)' ssh-dilion: - $(NIXOPS_PRIV) ssh dilion -- $(SSH_ARGS) + ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@dilion $(SSH_ARGS)' ssh-backup-2: - $(NIXOPS_PRIV) ssh backup-2 -- $(SSH_ARGS) + ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@backup-2 $(SSH_ARGS)' ssh-monitoring-1: - $(NIXOPS_PRIV) ssh monitoring-1 -- $(SSH_ARGS) + ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@monitoring-1 $(SSH_ARGS)' -info: - $(NIXOPS_PRIV) list - $(NIXOPS_PRIV) info +ssh-4c: + ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@quatresaisons $(SSH_ARGS)' debug: - $(NIXOPS_PRIV) deploy --build-only --show-trace - -dry-run: - $(NIXOPS_PRIV) deploy --dry-run + ./scripts/with_env morph build --show-trace default.nix $(MORPH_ARGS) build: - $(NIXOPS_PRIV) deploy --build-only --max-jobs 1 + ./scripts/with_env morph build default.nix $(MORPH_ARGS) + +dry-run: + ./scripts/with_env morph build --dry-run default.nix $(MORPH_ARGS) upload: - $(NIXOPS_PRIV) deploy --copy-only + ./scripts/with_env morph push default.nix $(MORPH_ARGS) deploy: - $(NIXOPS_PRIV) deploy + ./scripts/with_env morph deploy default.nix switch --keep-result --upload-secrets $(MORPH_ARGS) + nix-env -p $(PROFILE) --set .gcroots/default.nix deploy-reboot: - $(NIXOPS_PRIV) deploy --force-reboot + ./scripts/with_env morph deploy default.nix boot --reboot --upload-secrets $(MORPH_ARGS) -reboot: - $(NIXOPS_PRIV) reboot --include=eldiron -.PHONY: nixops ssh-eldiron info debug dry-run build upload deploy deploy-reboot reboot +.PHONY: ssh-eldiron ssh-dilion ssh-monitoring-1 ssh-backup-2 debug build upload deploy deploy-reboot ###### Cleanup generations and garbage collection -profile := $$($(NIXOPS_PRIV) info | grep "^Nix profile: " | sed -e "s/^Nix profile: //") GEN ?= "+3" list-generations: - nix-env -p $(profile) --list-generations - $(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --list-generations + nix-env -p $(PROFILE) --list-generations + $(MAKE) ssh-eldiron SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations" .PHONY: list-generations delete-generations: - nix-env -p $(profile) --delete-generations $(GEN) - $(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN) - $(NIXOPS_PRIV) ssh dilion -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN) - $(NIXOPS_PRIV) ssh backup-2 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN) - $(NIXOPS_PRIV) ssh monitoring-1 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN) + nix-env -p $(PROFILE) --delete-generations $(GEN) + $(MAKE) ssh-eldiron SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" + $(MAKE) ssh-dilion SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" + $(MAKE) ssh-backup-2 SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" + $(MAKE) ssh-monitoring-1 SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" .PHONY: delete-generations cleanup: delete-generations nix-store --gc - $(NIXOPS_PRIV) ssh eldiron -- nix-store --gc - $(NIXOPS_PRIV) ssh dilion -- nix-store --gc - $(NIXOPS_PRIV) ssh backup-2 -- nix-store --gc - $(NIXOPS_PRIV) ssh monitoring-1 -- nix-store --gc + $(MAKE) ssh-eldiron SSH_ARGS="nix-store --gc" + $(MAKE) ssh-dilion SSH_ARGS="nix-store --gc" + $(MAKE) ssh-backup-2 SSH_ARGS="nix-store --gc" + $(MAKE) ssh-monitoring-1 SSH_ARGS="nix-store --gc" .PHONY: cleanup - -###### Pull environment and deployment from remote -# Don't include pull_deployment by default as this should happen only rarely -pull: pull_environment; -.PHONY: pull - -pull_environment: -ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE - $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name") -endif - pass git subtree pull --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master -.PHONY: pull_environment - -pull_deployment: - @if $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null ; then \ - echo "This will remove your current deployment file and recreate it!. Continue? [y/N]" && \ - read y && \ - [ "$$y" = "y" -o "$$y" = "Y" ] && \ - $(NIXOPS) delete --force -d $(NIXOPS_DEPLOYMENT); \ - fi - pass show $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment | $(NIXOPS) import - $(NIXOPS) modify -d $(NIXOPS_DEPLOYMENT) "$$(pwd)/default.nix" -.PHONY: pull_deployment - -deployment_is_set: - $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null -.PHONY: deployment_is_set - -###### Push environment and deployment information to password store -push: push_deployment push_environment; -.PHONY: push - -push_deployment: - $(NIXOPS) export | pass insert -m $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment -.PHONY: push_deployment - -push_environment: -ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE - $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name") -endif - pass git subtree push --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master -.PHONY: push_environment