blob: 02d34f80094c7a4efdb1be52eaec50b596b99193 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
export
ifndef NIXOPS_CONFIG_PASS_SUBTREE_PATH
$(error Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path)
endif
NIXOPS_STATE ?= ./state/eldiron.nixops
NIXOPS_DEPLOYMENT = cef694f3-081d-11e9-b31f-0242ec186adf
nixpkgs ?= https://releases.nixos.org/nixos/19.03/nixos-19.03.173677.daf861a810d/nixexprs.tar.xz
NIX_PATH = nixpkgs=${nixpkgs}:nixpkgsNext=${nixpkgs}:nixpkgsPrevious=${nixpkgs}
NIXOPS := $(shell NIX_PATH=$(NIX_PATH) nix-build --no-out-link -E "with import <nixpkgs> { overlays = builtins.attrValues (import ../overlays); }; nixops")/bin/nixops
NIXOPS_PRIV = ./scripts/with_env $(NIXOPS)
###### Current channel information
nix-info:
@version=$$(nix eval --raw nixpkgs.lib.version) && \
mainversion=$$(echo $$version | cut -d"." -f -2) && \
echo "https://releases.nixos.org/nixos/$$mainversion/nixos-$$version/nixexprs.tar.xz" && \
nix-instantiate --find-file nixpkgs
.PHONY: nix-info
###### Initial setup
setup:
./scripts/setup
.PHONY: setup
###### Nixops regular tasks
NIXOPS_ARGS ?=
nixops:
$(NIXOPS_PRIV) $(NIXOPS_ARGS)
SSH_ARGS ?=
ssh-eldiron:
$(NIXOPS_PRIV) ssh eldiron -- $(SSH_ARGS)
ssh-backup-2:
$(NIXOPS_PRIV) ssh backup-2 -- $(SSH_ARGS)
ssh-monitoring-1:
$(NIXOPS_PRIV) ssh monitoring-1 -- $(SSH_ARGS)
info:
$(NIXOPS_PRIV) list
$(NIXOPS_PRIV) info
debug:
$(NIXOPS_PRIV) deploy --build-only --show-trace
dry-run:
$(NIXOPS_PRIV) deploy --dry-run
build:
$(NIXOPS_PRIV) deploy --build-only
upload:
$(NIXOPS_PRIV) deploy --copy-only
deploy:
$(NIXOPS_PRIV) deploy
deploy-reboot:
$(NIXOPS_PRIV) deploy --force-reboot
reboot:
$(NIXOPS_PRIV) reboot --include=eldiron
.PHONY: nixops ssh-eldiron info debug dry-run build upload deploy deploy-reboot reboot
###### Cleanup generations and garbage collection
profile := $$($(NIXOPS_PRIV) info | grep "^Nix profile: " | sed -e "s/^Nix profile: //")
GEN ?= "+3"
list-generations:
nix-env -p $(profile) --list-generations
$(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --list-generations
.PHONY: list-generations
delete-generations:
nix-env -p $(profile) --delete-generations $(GEN)
$(NIXOPS_PRIV) ssh eldiron -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
$(NIXOPS_PRIV) ssh backup-2 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
$(NIXOPS_PRIV) ssh monitoring-1 -- nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)
.PHONY: delete-generations
cleanup: delete-generations
nix-store --gc
$(NIXOPS_PRIV) ssh eldiron -- nix-store --gc
$(NIXOPS_PRIV) ssh backup-2 -- nix-store --gc
$(NIXOPS_PRIV) ssh monitoring-1 -- nix-store --gc
.PHONY: cleanup
###### Pull environment and deployment from remote
# Don't include pull_deployment by default as this should happen only rarely
pull: pull_environment;
.PHONY: pull
pull_environment:
ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
$(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
endif
pass git subtree pull --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
.PHONY: pull_environment
pull_deployment:
@if $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null ; then \
echo "This will remove your current deployment file and recreate it!. Continue? [y/N]" && \
read y && \
[ "$$y" = "y" -o "$$y" = "Y" ] && \
$(NIXOPS) delete --force -d $(NIXOPS_DEPLOYMENT); \
fi
pass show $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment | $(NIXOPS) import
$(NIXOPS) modify -d $(NIXOPS_DEPLOYMENT) "$$(pwd)/default.nix"
.PHONY: pull_deployment
deployment_is_set:
$(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null
.PHONY: deployment_is_set
###### Push environment and deployment information to password store
push: push_deployment push_environment;
.PHONY: push
push_deployment:
$(NIXOPS) export | pass insert -m $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment
.PHONY: push_deployment
push_environment:
ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
$(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
endif
pass git subtree push --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
.PHONY: push_environment
|