diff options
| -rwxr-xr-x | bin/nixos-build | 24 | ||||
| -rwxr-xr-x | bin/nixos-deploy | 16 | ||||
| -rwxr-xr-x | bin/prefetch | 88 | ||||
| -rwxr-xr-x | deploy | 14 | ||||
| -rw-r--r-- | modules/cd/default.nix | 6 | ||||
| -rw-r--r-- | modules/cd/paths.nix | 12 | ||||
| -rw-r--r-- | modules/mkdir/default.nix | 6 | ||||
| -rw-r--r-- | modules/mkdir/paths.nix | 12 | ||||
| -rw-r--r-- | modules/mu/default.nix | 6 | ||||
| -rw-r--r-- | modules/mu/paths.nix | 12 | ||||
| -rw-r--r-- | modules/rmdir/default.nix | 6 | ||||
| -rw-r--r-- | modules/rmdir/paths.nix | 12 | ||||
| -rw-r--r-- | modules/wu/default.nix | 6 | ||||
| -rw-r--r-- | modules/wu/paths.nix | 12 |
14 files changed, 66 insertions, 166 deletions
diff --git a/bin/nixos-build b/bin/nixos-build deleted file mode 100755 index 3e902fd..0000000 --- a/bin/nixos-build +++ /dev/null @@ -1,24 +0,0 @@ -#! /bin/sh -# -# nixos-build system_name -> system_path -# -set -euf - -system_name=$1 - -NIXOS_CONFIG=$config_root/modules/$system_name -export NIXOS_CONFIG - -# Notice how host's NIX_PATH is used to prefetch nixpkgs. -prefetch nixpkgs "$nixpkgs_root/$system_name" - -NIX_PATH=$nixpkgs_root/$system_name -NIX_PATH=$NIX_PATH:secrets=$secrets_root/$system_name/nix -NIX_PATH=$NIX_PATH:pubkeys=$config_root/pubkeys -NIX_PATH=$NIX_PATH:retiolum-hosts=$retiolum_hosts -export NIX_PATH - -exec nix-build \ - -A system \ - --no-out-link \ - '<nixos>' diff --git a/bin/nixos-deploy b/bin/nixos-deploy deleted file mode 100755 index fa86a8c..0000000 --- a/bin/nixos-deploy +++ /dev/null @@ -1,16 +0,0 @@ -#! /bin/sh -# -# nixos-deploy system_name target -# -set -euf - -system_name=$1 -target=$2 - -system=$(nixos-build "$system_name") - -nix-copy-closure --gzip --to "$target" "$system" - -copy-secrets "$system_name" "$target" - -ssh ${NIX_SSHOPTS-} "$target" "$system/bin/switch-to-configuration" switch diff --git a/bin/prefetch b/bin/prefetch deleted file mode 100755 index a87dd18..0000000 --- a/bin/prefetch +++ /dev/null @@ -1,88 +0,0 @@ -#! /bin/sh -# -# usage: prefetch repo_name out_link -# -# Make the specified repository available as out_link. -# -set -euf - -repo_name=$1 -out_link=$2 - -if test "$repo_name" != nixpkgs; then - echo "prefetch: cannot fetch $repo_name, yet" >&2 - exit -1 -fi - -git_rev=$(nixos-query nixpkgs.rev) -git_url=$(nixos-query nixpkgs.url) -dirty=$(nixos-query nixpkgs.dirty) - -case $dirty in true) - ln -snf "$git_url" "$out_link" - echo "prefetch: using $git_url as it is" >&2 - exit -esac - -# Put all bases in the same place as out_link. -# Notice how out_link must not clash with cache_dir and work_dir. -cache_base=$(dirname "$out_link") -work_base=$(dirname "$out_link") - -# cache_dir points to a (maybe non-existent) directory, where a shared cache of -# the repository should be maintained. The shared cache is used to create -# multiple working trees of the repository. -cache_dir=$cache_base/$(echo "$git_url" | urlencode) - -# work_dir points to a (maybe non-existent) directory, where a specific -# revision of the repository is checked out. -work_dir=$work_base/$(echo "$git_rev" | urlencode) - -cache_git() { - git --git-dir="$cache_dir" "$@" -} - -work_git() { - git -C "$work_dir" "$@" -} - -is_up_to_date() { - test -d "$cache_dir" && - test -d "$work_dir" && - test "$(cache_git rev-parse --verify "$git_rev")" = "$git_rev" && - test "$(work_git rev-parse --verify HEAD)" = "$git_rev" -} - -# Notice how the remote name "origin" has been chosen arbitrarily, but must be -# kept in sync with the default value of nixpkgs.rev. -if ! is_up_to_date; then - if ! test -d "$cache_dir"; then - mkdir -p "$cache_dir" - cache_git init --bare - fi - if ! cache_git_url=$(cache_git config remote.origin.url); then - cache_git remote add origin "$git_url" - elif test "$cache_git_url" != "$git_url"; then - cache_git remote set-url origin "$git_url" - fi - cache_git fetch origin - if ! test -d "$work_dir"; then - git clone -n --shared "$cache_dir" "$work_dir" - fi - commit_name=$(cache_git rev-parse --verify "$git_rev") - work_git checkout "$commit_name" -- "$(readlink -f "$work_dir")" - work_git checkout -q "$commit_name" - work_git submodule init - work_git submodule update -fi -work_git clean -dxf - -# Relative links are nicer, and actually we know that work_dir and out_link are -# the same. But, for robustness, check anyway.. :) -if test "$(dirname "$work_dir")" = "$(dirname "$out_link")"; then - ln -snf "$(basename "$work_dir")" "$out_link" -else - ln -snf "$work_dir" "$out_link" -fi - -echo "prefetch: using $git_url $(work_git log --oneline -n1)" >&2 @@ -7,11 +7,9 @@ set -euf system_name=$1 target=${2-root@$system_name} -export PATH="$PWD/bin:$PATH" -#export nixpkgs=/var/nixpkgs -export nixpkgs_root=$PWD/tmp/nixpkgs -export config_root=$PWD -export retiolum_hosts=$PWD/hosts -export secrets_root=$PWD/secrets - -exec nixos-deploy "$system_name" "$target" +nix-instantiate \ + --argstr system-name "$system_name" \ + --argstr deploy-target "$target" \ + --eval --json . \ + | jq -r . \ + | sh diff --git a/modules/cd/default.nix b/modules/cd/default.nix index d57d46b..45b798e 100644 --- a/modules/cd/default.nix +++ b/modules/cd/default.nix @@ -10,7 +10,6 @@ in { users.extraUsers = import <secrets/extraUsers.nix>; } ./networking.nix ./users.nix - ../common/nixpkgs.nix ../tv/base.nix ../tv/base-cac-CentOS-7-64bit.nix ../tv/ejabberd.nix # XXX echtes modul @@ -50,11 +49,6 @@ in # "Developer 2" plan has two vCPUs. nix.maxJobs = 2; - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs"; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - }; - environment.systemPackages = with pkgs; [ git # required for ./deploy, clone_or_update htop diff --git a/modules/cd/paths.nix b/modules/cd/paths.nix new file mode 100644 index 0000000..f873912 --- /dev/null +++ b/modules/cd/paths.nix @@ -0,0 +1,12 @@ +{ + lib.file.url = ../../lib; + modules.file.url = ../../modules; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + cache = ../../tmp/git-cache; + }; + pubkeys.file.url = ../../pubkeys; + retiolum-hosts.file.url = ../../hosts; + secrets.file.url = ../../secrets/cd/nix; +} diff --git a/modules/mkdir/default.nix b/modules/mkdir/default.nix index 5427a45..e764192 100644 --- a/modules/mkdir/default.nix +++ b/modules/mkdir/default.nix @@ -10,7 +10,6 @@ in { users.extraUsers = import <secrets/extraUsers.nix>; } ./networking.nix ./users.nix - ../common/nixpkgs.nix ../tv/base.nix ../tv/base-cac-CentOS-7-64bit.nix ../tv/exim-smarthost.nix @@ -49,11 +48,6 @@ in nix.maxJobs = 1; - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs"; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - }; - environment.systemPackages = with pkgs; [ git # required for ./deploy, clone_or_update htop diff --git a/modules/mkdir/paths.nix b/modules/mkdir/paths.nix new file mode 100644 index 0000000..f873912 --- /dev/null +++ b/modules/mkdir/paths.nix @@ -0,0 +1,12 @@ +{ + lib.file.url = ../../lib; + modules.file.url = ../../modules; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + cache = ../../tmp/git-cache; + }; + pubkeys.file.url = ../../pubkeys; + retiolum-hosts.file.url = ../../hosts; + secrets.file.url = ../../secrets/cd/nix; +} diff --git a/modules/mu/default.nix b/modules/mu/default.nix index 8b37d9c..8490c84 100644 --- a/modules/mu/default.nix +++ b/modules/mu/default.nix @@ -11,7 +11,6 @@ in { imports = [ <secrets/mu.hashedPasswords.nix> - ../common/nixpkgs.nix ../tv/base.nix ../tv/exim-retiolum.nix ../tv/retiolum.nix @@ -20,11 +19,6 @@ in nix.maxJobs = 2; - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs"; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - }; - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0" SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0" diff --git a/modules/mu/paths.nix b/modules/mu/paths.nix new file mode 100644 index 0000000..1c4ce52 --- /dev/null +++ b/modules/mu/paths.nix @@ -0,0 +1,12 @@ +{ + lib.file.url = ../../lib; + modules.file.url = ../../modules; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + cache = ../../tmp/git-cache; + }; + pubkeys.file.url = ../../pubkeys; + retiolum-hosts.file.url = ../../hosts; + secrets.file.url = ../../secrets/wu/nix; +} diff --git a/modules/rmdir/default.nix b/modules/rmdir/default.nix index 62fbd84..d24ad57 100644 --- a/modules/rmdir/default.nix +++ b/modules/rmdir/default.nix @@ -10,7 +10,6 @@ in { users.extraUsers = import <secrets/extraUsers.nix>; } ./networking.nix ./users.nix - ../common/nixpkgs.nix ../tv/base.nix ../tv/base-cac-CentOS-7-64bit.nix ../tv/exim-smarthost.nix @@ -50,11 +49,6 @@ in nix.maxJobs = 1; - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs"; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - }; - environment.systemPackages = with pkgs; [ git # required for ./deploy, clone_or_update htop diff --git a/modules/rmdir/paths.nix b/modules/rmdir/paths.nix new file mode 100644 index 0000000..f873912 --- /dev/null +++ b/modules/rmdir/paths.nix @@ -0,0 +1,12 @@ +{ + lib.file.url = ../../lib; + modules.file.url = ../../modules; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + cache = ../../tmp/git-cache; + }; + pubkeys.file.url = ../../pubkeys; + retiolum-hosts.file.url = ../../hosts; + secrets.file.url = ../../secrets/cd/nix; +} diff --git a/modules/wu/default.nix b/modules/wu/default.nix index 37bf758..2271798 100644 --- a/modules/wu/default.nix +++ b/modules/wu/default.nix @@ -11,7 +11,6 @@ in { imports = [ ./hosts.nix - ../common/nixpkgs.nix ../tv/base.nix ../tv/exim-retiolum.nix ../tv/sanitize.nix @@ -63,11 +62,6 @@ in daemonNiceLevel = 1; }; - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs"; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - }; - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0" SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0" diff --git a/modules/wu/paths.nix b/modules/wu/paths.nix new file mode 100644 index 0000000..2d2ff7b --- /dev/null +++ b/modules/wu/paths.nix @@ -0,0 +1,12 @@ +{ + lib.file.url = ../../lib; + modules.file.url = ../../modules; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + rev = "e1af50c4c4c0332136283e9231f0a32ac11f2b90"; + cache = ../../tmp/git-cache; + }; + pubkeys.file.url = ../../pubkeys; + retiolum-hosts.file.url = ../../hosts; + secrets.file.url = ../../secrets/wu/nix; +} |