aboutsummaryrefslogtreecommitdiff
path: root/nixops
diff options
context:
space:
mode:
Diffstat (limited to 'nixops')
-rw-r--r--nixops/Makefile117
-rwxr-xr-xnixops/scripts/pull_deployment33
-rwxr-xr-xnixops/scripts/pull_environment13
-rwxr-xr-xnixops/scripts/push_deployment13
-rwxr-xr-xnixops/scripts/push_environment13
-rwxr-xr-xnixops/scripts/setup20
-rwxr-xr-xnixops/scripts/with_env (renamed from nixops/scripts/nixops_wrap)16
7 files changed, 106 insertions, 119 deletions
diff --git a/nixops/Makefile b/nixops/Makefile
index cce57ff..69603a0 100644
--- a/nixops/Makefile
+++ b/nixops/Makefile
@@ -1,54 +1,121 @@
1export
2ifndef NIXOPS_CONFIG_PASS_SUBTREE_PATH
3 $(error Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path)
4endif
5
6NIXOPS_STATE ?= ./state/eldiron.nixops
7NIXOPS_DEPLOYMENT = cef694f3-081d-11e9-b31f-0242ec186adf
8nixpkgs ?= https://releases.nixos.org/nixos/19.03/nixos-19.03.172731.3efdf45dbd1/nixexprs.tar.xz
9NIX_PATH = nixpkgs=${nixpkgs}:nixpkgsNext=${nixpkgs}:nixpkgsPrevious=${nixpkgs}
10
11NIXOPS := $(shell NIX_PATH=$(NIX_PATH) nix-build --no-out-link -E "with import <nixpkgs> { overlays = builtins.attrValues (import ../overlays); }; nixops")/bin/nixops
12NIXOPS_PRIV = ./scripts/with_env $(NIXOPS)
13
14###### Current channel information
15nix-info:
16 @version=$$(nix eval --raw nixpkgs.lib.version) && \
17 mainversion=$$(echo $$version | cut -d"." -f -2) && \
18 echo "https://releases.nixos.org/nixos/$$mainversion/nixos-$$version/nixexprs.tar.xz" && \
19 nix eval --raw nixpkgs.bc.meta.position | cut -d"/" -f-4
20.PHONY: nix-info
21
22###### Initial setup
1setup: 23setup:
2 ./scripts/setup 24 ./scripts/setup
25.PHONY: setup
3 26
27###### Nixops regular tasks
28NIXOPS_ARGS ?=
29nixops:
30 $(NIXOPS_PRIV) $(NIXOPS_ARGS)
31
32SSH_ARGS ?=
4ssh-eldiron: 33ssh-eldiron:
5 ./scripts/nixops_wrap ssh eldiron 34 $(NIXOPS_PRIV) ssh eldiron -- $(SSH_ARGS)
6 35
7info: 36info:
8 ./scripts/nixops_wrap list 37 $(NIXOPS_PRIV) list
9 ./scripts/nixops_wrap info 38 $(NIXOPS_PRIV) info
10 39
11debug: 40debug:
12 ./scripts/nixops_wrap deploy --build-only --show-trace 41 $(NIXOPS_PRIV) deploy --build-only --show-trace
13 42
14dry-run: 43dry-run:
15 ./scripts/nixops_wrap deploy --dry-run 44 $(NIXOPS_PRIV) deploy --dry-run
16 45
17build: 46build:
18 ./scripts/nixops_wrap deploy --build-only 47 $(NIXOPS_PRIV) deploy --build-only
19 48
20upload: 49upload:
21 ./scripts/nixops_wrap deploy --copy-only 50 $(NIXOPS_PRIV) deploy --copy-only
22 51
23deploy: 52deploy:
24 ./scripts/nixops_wrap deploy 53 $(NIXOPS_PRIV) deploy
25
26reboot:
27 ./scripts/nixops_wrap reboot --include=eldiron
28 54
29push: 55deploy-reboot:
30 ./scripts/push_deployment 56 $(NIXOPS_PRIV) deploy --force-reboot
31 ./scripts/push_environment
32 57
33pull: 58reboot:
34 ./scripts/pull_environment 59 $(NIXOPS_PRIV) reboot --include=eldiron
35 60.PHONY: nixops ssh-eldiron info debug dry-run build upload deploy deploy-reboot reboot
36pull-deployment:
37 ./scripts/pull_deployment
38 61
39profile = $(shell ./scripts/nixops_wrap info | grep "^Nix profile: " | sed -e "s/^Nix profile: //") 62###### Cleanup generations and garbage collection
63profile := $$($(NIXOPS_PRIV) info | grep "^Nix profile: " | sed -e "s/^Nix profile: //")
40GEN ?= "+3" 64GEN ?= "+3"
41 65
42list-generations: 66list-generations:
43 nix-env -p $(profile) --list-generations 67 nix-env -p $(profile) --list-generations
44 ./scripts/nixops_wrap ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --list-generations 68 $(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --list-generations
69.PHONY: list-generations
45 70
46delete-generations: 71delete-generations:
47 nix-env -p $(profile) --delete-generations $(GEN) 72 nix-env -p $(profile) --delete-generations $(GEN)
48 ./scripts/nixops_wrap ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN) 73 $(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
74.PHONY: delete-generations
49 75
50cleanup: delete-generations 76cleanup: delete-generations
51 nix-store --gc 77 nix-store --gc
52 ./scripts/nixops_wrap ssh eldiron -- nix-store --gc 78 $(NIXOPS_PRIV) ssh eldiron -- nix-store --gc
53 79.PHONY: cleanup
54.PHONY: setup ssh-eldiron info debug dry-run build upload deploy push pull pull-deployment list-generations delete-generations cleanup 80
81###### Pull environment and deployment from remote
82# Don't include pull_deployment by default as this should happen only rarely
83pull: pull_environment;
84.PHONY: pull
85
86pull_environment:
87ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
88 $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
89endif
90 pass git subtree pull --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
91.PHONY: pull_environment
92
93pull_deployment:
94 @if $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null ; then \
95 echo "This will remove your current deployment file and recreate it!. Continue? [y/N]" && \
96 read y && \
97 [ "$$y" = "y" -o "$$y" = "Y" ] && \
98 $(NIXOPS) delete --force -d $(NIXOPS_DEPLOYMENT); \
99 fi
100 pass show $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment | $(NIXOPS) import
101 $(NIXOPS) modify -d $(NIXOPS_DEPLOYMENT) "$$(pwd)/default.nix"
102.PHONY: pull_deployment
103
104deployment_is_set:
105 $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null
106.PHONY: deployment_is_set
107
108###### Push environment and deployment information to password store
109push: push_deployment push_environment;
110.PHONY: push
111
112push_deployment:
113 $(NIXOPS) export | pass insert -m $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment
114.PHONY: push_deployment
115
116push_environment:
117ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
118 $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
119endif
120 pass git subtree push --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
121.PHONY: push_environment
diff --git a/nixops/scripts/pull_deployment b/nixops/scripts/pull_deployment
deleted file mode 100755
index 08b9915..0000000
--- a/nixops/scripts/pull_deployment
+++ /dev/null
@@ -1,33 +0,0 @@
1#!/bin/bash
2
3DeploymentUuid="cef694f3-081d-11e9-b31f-0242ec186adf"
4if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
5 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path"
6 exit 1;
7fi
8DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
9export NIXOPS_STATE="$(dirname $DIR)/state/eldiron.nixops"
10export NIXOPS_DEPLOYMENT="$DeploymentUuid"
11source $(dirname $(dirname $DIR))/scripts/nix_env
12
13export NIXOPS_STATE="$(dirname $DIR)/state/eldiron.nixops"
14
15if nixops_custom info -d $DeploymentUuid 2>/dev/null >/dev/null; then
16 cat <<EOF
17This will remove your current deployment file and recreate it!
18Continue? [y/N]
19EOF
20 read y
21 if [ "$y" = "y" -o "$y" = "Y" ]; then
22 nixops_custom delete --force -d $DeploymentUuid
23 else
24 echo "Aborting"
25 exit 1
26 fi
27fi
28
29deployment=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/Deployment)
30
31echo "$deployment" | nixops_custom import
32
33nixops_custom modify -d "$DeploymentUuid" "$(dirname $DIR)/default.nix"
diff --git a/nixops/scripts/pull_environment b/nixops/scripts/pull_environment
deleted file mode 100755
index e508a2e..0000000
--- a/nixops/scripts/pull_environment
+++ /dev/null
@@ -1,13 +0,0 @@
1#!/bin/bash
2
3if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
4 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path"
5 exit 1;
6fi
7
8if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" ]; then
9 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name"
10 exit 1;
11fi
12
13pass git subtree pull --prefix=$NIXOPS_CONFIG_PASS_SUBTREE_PATH $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE master
diff --git a/nixops/scripts/push_deployment b/nixops/scripts/push_deployment
deleted file mode 100755
index f2d25f9..0000000
--- a/nixops/scripts/push_deployment
+++ /dev/null
@@ -1,13 +0,0 @@
1#!/bin/bash
2
3DeploymentUuid="cef694f3-081d-11e9-b31f-0242ec186adf"
4if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
5 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path"
6 exit 1;
7fi
8DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
9export NIXOPS_STATE="$(dirname $DIR)/state/eldiron.nixops"
10export NIXOPS_DEPLOYMENT="$DeploymentUuid"
11source $(dirname $(dirname $DIR))/scripts/nix_env
12
13nixops_custom export | pass insert -m $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/Deployment
diff --git a/nixops/scripts/push_environment b/nixops/scripts/push_environment
deleted file mode 100755
index 8b59240..0000000
--- a/nixops/scripts/push_environment
+++ /dev/null
@@ -1,13 +0,0 @@
1#!/bin/bash
2
3if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
4 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path"
5 exit 1;
6fi
7
8if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" ]; then
9 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name"
10 exit 1;
11fi
12
13pass git subtree push --prefix=$NIXOPS_CONFIG_PASS_SUBTREE_PATH $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE master
diff --git a/nixops/scripts/setup b/nixops/scripts/setup
index 793b7c3..3b364ac 100755
--- a/nixops/scripts/setup
+++ b/nixops/scripts/setup
@@ -3,7 +3,7 @@
3set -euo pipefail 3set -euo pipefail
4 4
5RemoteRepo="gitolite@git.immae.eu:perso/Immae/Prive/Password_store/Sites" 5RemoteRepo="gitolite@git.immae.eu:perso/Immae/Prive/Password_store/Sites"
6DeploymentUuid="cef694f3-081d-11e9-b31f-0242ec186adf" 6MAKEFILE_DIR="$( cd "$( dirname $( dirname "${BASH_SOURCE[0]}" ))" >/dev/null 2>&1 && pwd )"
7 7
8if ! which nix 2>/dev/null >/dev/null; then 8if ! which nix 2>/dev/null >/dev/null; then
9 cat <<-EOF 9 cat <<-EOF
@@ -52,8 +52,8 @@ if ! pass $NIXOPS_CONFIG_PASS_SUBTREE_PATH > /dev/null 2>/dev/null; then
52 fi 52 fi
53fi 53fi
54 54
55# Repull it before using it, just in case 55# Repull it before adding keys, just in case
56pass git subtree pull --prefix=$NIXOPS_CONFIG_PASS_SUBTREE_PATH $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE master 56make -C $MAKEFILE_DIR pull_environment
57 57
58gpg_keys=$(pass ls $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/GPGKeys | sed -e "1d" | cut -d" " -f2) 58gpg_keys=$(pass ls $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/GPGKeys | sed -e "1d" | cut -d" " -f2)
59for key in $gpg_keys; do 59for key in $gpg_keys; do
@@ -97,29 +97,21 @@ if nix show-config --json | jq -e '.sandbox.value == "true"' >/dev/null; then
97 read y 97 read y
98fi 98fi
99 99
100DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" 100if ! make -C $MAKEFILE_DIR deployment_is_set 2>/dev/null >/dev/null; then
101export NIXOPS_STATE="$(dirname $DIR)/state/eldiron.nixops"
102export NIXOPS_DEPLOYMENT="$DeploymentUuid"
103source $(dirname $(dirname $DIR))/scripts/nix_env
104
105if ! nixops_custom info 2>/dev/null >/dev/null; then
106 cat <<-EOF 101 cat <<-EOF
107 Importing deployment file into nixops: 102 Importing deployment file into nixops:
108 Continue? [y/N] 103 Continue? [y/N]
109 EOF 104 EOF
110 read y 105 read y
111 if [ "$y" = "y" -o "$y" = "Y" ]; then 106 if [ "$y" = "y" -o "$y" = "Y" ]; then
112 deployment=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/Deployment) 107 make -C $MAKEFILE_DIR pull_deployment
113 echo "$deployment" | nixops_custom import
114 else 108 else
115 echo "Aborting" 109 echo "Aborting"
116 exit 1 110 exit 1
117 fi 111 fi
118fi 112fi
119 113
120nixops_custom modify "$(dirname $DIR)/default.nix"
121
122cat <<-EOF 114cat <<-EOF
123 All set up. 115 All set up.
124 Please make sure you’re using scripts/nixops_wrap when deploying 116 Please make sure you’re using make commands when deploying
125 EOF 117 EOF
diff --git a/nixops/scripts/nixops_wrap b/nixops/scripts/with_env
index 28aa917..a442ced 100755
--- a/nixops/scripts/nixops_wrap
+++ b/nixops/scripts/with_env
@@ -1,21 +1,21 @@
1#!/bin/bash 1#!/bin/bash
2 2
3DeploymentUuid="cef694f3-081d-11e9-b31f-0242ec186adf" 3if [ -z "$NIXOPS" ]; then
4 echo "Please set NIXOPS to the nixops command"
5 exit 1;
6fi
7
4if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then 8if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
5 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path" 9 echo "Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path"
6 exit 1; 10 exit 1;
7fi 11fi
8DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
9export NIXOPS_STATE="$(dirname $DIR)/state/eldiron.nixops"
10export NIXOPS_DEPLOYMENT="$DeploymentUuid"
11source $(dirname $(dirname $DIR))/scripts/nix_env
12 12
13TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files) 13TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
14chmod go-rwx $TEMP 14chmod go-rwx $TEMP
15 15
16finish() { 16finish() {
17 rm -rf "$TEMP" 17 rm -rf "$TEMP"
18 nixops_custom set-args --unset privateFiles 18 $NIXOPS set-args --unset privateFiles
19} 19}
20 20
21trap finish EXIT 21trap finish EXIT
@@ -26,6 +26,6 @@ files=$(pass ls $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/files | sed -e '1d' -e '
26for file in $files; do 26for file in $files; do
27 pass show "$NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/files/$file" > $TEMP/$file 27 pass show "$NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/files/$file" > $TEMP/$file
28done 28done
29nixops_custom set-args --argstr privateFiles "$TEMP" 29$NIXOPS set-args --argstr privateFiles "$TEMP"
30 30
31nixops_custom "$@" 31"$@"