aboutsummaryrefslogtreecommitdiff
path: root/Makefile
diff options
context:
space:
mode:
Diffstat (limited to 'Makefile')
-rw-r--r--Makefile130
1 files changed, 121 insertions, 9 deletions
diff --git a/Makefile b/Makefile
index 50fa09f..6282df2 100644
--- a/Makefile
+++ b/Makefile
@@ -1,16 +1,128 @@
1subrecipes = setup nix-info edit_env edit_vars
2subrecipes += ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-4c
3subrecipes += debug build dry-run upload deploy next-boot deploy-reboot
4subrecipes += list-generations delete-generations cleanup
5${subrecipes}:
6 @$(MAKE) --no-print-directory -C nixops/ $@
7.PHONY: ${subrecipes}
8
9nur: 1nur:
10 ./scripts/make-nur 2 ./scripts/make-nur
11 curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae" 3 curl -o /dev/null -XPOST "https://nur-update.herokuapp.com/update?repo=immae"
12 4
13shellcheck: 5shellcheck:
14 shellcheck scripts/* nixops/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict 6 shellcheck scripts/* deploy/scripts/* modules/private/gitolite/gitolite_ldap_groups.sh modules/private/ssh/ldap_authorized_keys.sh modules/private/pub/restrict
15 7
16.PHONY: nur shellcheck 8.PHONY: nur shellcheck
9
10###### Initial setup
11setup:
12 ./scripts/setup
13.PHONY: setup
14
15###### Morph regular tasks
16PROFILE=./deploy/history
17TARGET ?=
18COMMON_COLEMNA_ARGS = -f ./deploy/flake.nix -v
19#Only enabled in colemna 0.4: --nix-option allow-unsafe-native-code-during-evaluation true --nix-option allow-import-from-derivation true --nix-option substituters https://cache.nixos.org/
20MORPH_ARGS ?=
21ifdef TARGET
22 # multiple targets: --on="{machine1,machine2}" (works with * glob too)
23 override MORPH_ARGS +=--on=$(TARGET)
24endif
25SSH_ARGS ?=
26
27nodes= dilion eldiron backup-2 monitoring-1 quatresaisons zoldene
28
29refresh_flakes:
30 @if [ -n "$(TARGET)" ]; then \
31 ./scripts/refresh_flakes --no-new-inputs ./systems/$(TARGET)/flake.nix; \
32 nix --no-warn-dirty flake lock --update-input n-$(TARGET) ./flakes; \
33 nix --no-warn-dirty flake lock --update-input main-flake ./deploy; \
34 else \
35 ./scripts/refresh_flakes --no-new-inputs; \
36 fi
37 (cd deploy ; nix flake lock --update-input secrets-local || true)
38
39.PHONY: refresh_flakes
40
41.PHONY: build $(addprefix build-,$(nodes))
42build-dilion build-eldiron build-backup-2 build-monitoring-1 build-quatresaisons build-zoldene:
43 $(MAKE) build TARGET=$(@:build-%=%)
44build: refresh_flakes
45 colmena build $(COMMON_COLEMNA_ARGS) $(MORPH_ARGS)
46
47.PHONY: deploy $(addprefix deploy-,$(nodes))
48deploy-dilion deploy-eldiron deploy-backup-2 deploy-monitoring-1 deploy-quatresaisons deploy-zoldene:
49 $(MAKE) deploy TARGET=$(@:deploy-%=%)
50deploy: refresh_flakes
51 ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) switch --keep-result $(MORPH_ARGS)
52 $(MAKE) keep-roots
53
54.PHONY: ssh $(addprefix ssh-,$(nodes))
55ssh-4c: ssh-quatresaisons
56ssh-dilion ssh-eldiron ssh-backup-2 ssh-monitoring-1 ssh-quatresaisons ssh-zoldene:
57 $(MAKE) ssh TARGET=$(@:ssh-%=%)
58ssh:
59 ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'
60
61.PHONY: ssh-decrypt $(addsuffix -decrypt,$(addprefix ssh-,$(nodes)))
62ssh-zoldene-decrypt:
63 $(MAKE) ssh-decrypt TARGET=$(@:ssh-%-decrypt=%)
64ssh-decrypt:
65 ./scripts/with_env bash -c 'ssh -p 2222 -i $$SSH_IDENTITY_FILE root@$(TARGET) $(SSH_ARGS)'
66
67.PHONY: debug $(addprefix debug-,$(nodes))
68debug-dilion debug-eldiron debug-backup-2 debug-monitoring-1 debug-quatresaisons debug-zoldene:
69 $(MAKE) debug TARGET=$(@:debug-%=%)
70debug: refresh_flakes
71 colmena build $(COMMON_COLEMNA_ARGS) --show-trace $(MORPH_ARGS)
72
73.PHONY: upload $(addprefix upload-,$(nodes))
74upload-dilion upload-eldiron upload-backup-2 upload-monitoring-1 upload-quatresaisons upload-zoldene:
75 $(MAKE) upload TARGET=$(@:upload-%=%)
76upload: refresh_flakes
77 ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) push $(MORPH_ARGS)
78
79.PHONY: test-deploy $(addprefix test-deploy-,$(nodes))
80test-deploy-dilion test-deploy-eldiron test-deploy-backup-2 test-deploy-monitoring-1 test-deploy-quatresaisons test-deploy-zoldene:
81 $(MAKE) test-deploy TARGET=$(@:test-deploy-%=%)
82test-deploy: refresh_flakes
83 ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) test $(MORPH_ARGS)
84
85.PHONY: next-boot $(addprefix next-boot-,$(nodes))
86next-boot-dilion next-boot-eldiron next-boot-backup-2 next-boot-monitoring-1 next-boot-quatresaisons next-boot-zoldene:
87 $(MAKE) next-boot TARGET=$(@:next-boot-%=%)
88next-boot: refresh_flakes
89 ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot $(MORPH_ARGS)
90
91.PHONY: deploy-reboot $(addprefix deploy-reboot-,$(nodes))
92deploy-reboot-dilion deploy-reboot-eldiron deploy-reboot-backup-2 deploy-reboot-monitoring-1 deploy-reboot-quatresaisons deploy-reboot-zoldene:
93 $(MAKE) deploy-reboot TARGET=$(@:deploy-reboot-%=%)
94deploy-reboot: refresh_flakes
95 ./scripts/with_env colmena apply $(COMMON_COLEMNA_ARGS) boot --reboot $(MORPH_ARGS)
96 # Run it a second time because first time uploads the secrets
97 # before rebooting
98 $(MAKE) deploy
99
100keep-roots:
101 mkdir -p $(PROFILE)
102 for i in deploy/.gcroots/node-*; do nix-env -p $(PROFILE)/$$(basename $$i | sed -e "s/node-//") --set "$$i"; done
103
104systems := $(shell find $(PROFILE) -type l -not -name "*link" -printf "%f ")
105###### Cleanup generations and garbage collection
106GEN ?= "+3"
107
108list-generations:
109 @$(foreach system, $(systems), echo $(system);\
110 nix-env -p $(PROFILE)/$(system) --list-generations;\
111 $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations";\
112 )
113.PHONY: list-generations
114
115delete-generations:
116 $(MAKE) keep-roots
117 @$(foreach system, $(systems), echo $(system); \
118 nix-env -p $(PROFILE)/$(system) --delete-generations $(GEN);\
119 $(MAKE) ssh-$(system) SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)";\
120 )
121.PHONY: delete-generations
122
123cleanup: delete-generations
124 nix-store --gc
125 @$(foreach system, $(systems), echo $(system); \
126 $(MAKE) ssh-$(system) SSH_ARGS="nix-store --gc";\
127 )
128.PHONY: cleanup