From d23957f9ff4ff5edbc67df16ad4b80c37ca07fc2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 4 Feb 2016 05:40:26 +0100 Subject: krebs.build.populate: init and drop support for v1 --- Makefile | 108 ++++++++++++++++------------------------------ nixpkgs/krebs | 0 nixpkgs/nixos/default.nix | 66 +--------------------------- nixpkgs/nixos/lib | 2 +- nixpkgs/nixos/modules | 2 +- root | 1 + tv/2configs/default.nix | 4 +- 7 files changed, 41 insertions(+), 142 deletions(-) create mode 100644 nixpkgs/krebs create mode 120000 root diff --git a/Makefile b/Makefile index a1559b4..87a636e 100644 --- a/Makefile +++ b/Makefile @@ -1,87 +1,51 @@ -# -# usage: -# make infest system=foo [target=bar] -# make [deploy] system=foo [target=bar] -# make [deploy] systems='foo bar' -# make eval get=users.tv.wu.config.time.timeZone [filter=json] -# - .ONESHELL: .SHELLFLAGS := -eufc -ifdef systems -$(systems): - @ - unset target - parallel \ - --line-buffer \ - -j0 \ - --no-notice \ - --tagstring {} \ - -q make -s systems= system={} ::: $(systems) -else ifdef system -.PHONY: deploy infest -deploy infest:;@ - export get=krebs.$@ - export filter=json - script=$$(make -s eval) - echo "$$script" | sh - -.PHONY: eval -eval: - @ -ifeq ($(filter),json) - extraArgs='--json --strict' - filter() { jq -r .; } -else - filter() { cat; } +ifndef system +$(error unbound variable: system) endif - result=$$(nix-instantiate \ - $${extraArgs-} \ - --eval \ - -A "$$get" \ - -I stockholm="$$PWD" \ - '' \ - --argstr current-host-name "$$HOSTNAME" \ - --argstr current-user-name "$$LOGNAME" \ - $${system+--argstr system "$$system"} \ - $${target+--argstr target "$$target"}) - echo "$$result" | filter export target_host ?= $(system) export target_user ?= root export target_path ?= /var/src +# usage: make deploy system=foo [target_host=bar] +.PHONY: deploy +deploy: populate ;@set -x + ssh "$$target_user@$$target_host" nixos-rebuild switch -I "$$target_path" + # usage: make populate system=foo [target_host=bar] .PHONY: populate -populate: export lib = \ - let nlib = import ; in \ - nlib // import krebs/4lib { lib = nlib; } // builtins -populate: export source = \ - with builtins; \ - with (import ./. {}).users.$${getEnv "LOGNAME"}.$${getEnv "system"}; \ - assert config.krebs.build.source-version == 2; \ - config.krebs.build.source populate:;@ - result=$$(nix-instantiate \ - --eval \ - --json \ - --arg lib "$$lib" \ - --arg source "$$source" \ - --argstr target-user "$$target_user" \ - --argstr target-host "$$target_host" \ - --argstr target-path "$$target_path" \ - -A populate \ - krebs/v2) - script=$$(echo "$$result" | jq -r .) - echo "$$script" | sh - -# usage: make rebuild system=foo [target_host=bar] [operation=switch] -.PHONY: rebuild -rebuild: populate ;@set -x - ssh "$$target_user@$$target_host" \ - nixos-rebuild "$${operation-switch}" -I "$$target_path" + result=$$(make -s eval get=config.krebs.build.populate filter=json) + echo "$$result" | sh +# usage: make eval system=foo get=config.krebs.build [LOGNAME=tv] [filter=json] +.PHONY: eval +eval:;@ +ifeq ($(filter),json) + extraArgs='--json --strict' + filter() { echo "$$1" | jq -r .; } else -$(error unbound variable: system[s]) + filter() { echo "$$1"; } endif + result=$$(nix-instantiate \ + $${extraArgs-} \ + --show-trace \ + --readonly-mode \ + --eval \ + -A "$$get" \ + --arg configuration "") + filter "$$result" + +## usage: make install system=foo target= +#.PHONY: install +#install: ssh = ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null +#install:;@set -x +# $(ssh) "$$target_user@$$target_host" \ +# env target_path=/var/src \ +# sh -s prepare < krebs/4lib/infest/prepare.sh +# make -s populate target_path=/mnt"$$target_path" +# $(ssh) "$$target_user@$$target_host" \ +# env NIXOS_CONFIG=/var/src/nixos-config \ +# nixos-install diff --git a/nixpkgs/krebs b/nixpkgs/krebs new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/nixos/default.nix b/nixpkgs/nixos/default.nix index 6c5adf3..4fe08ef 100644 --- a/nixpkgs/nixos/default.nix +++ b/nixpkgs/nixos/default.nix @@ -1,65 +1 @@ -{ configuration ? import "NIXOS_CONFIG" -, system ? builtins.currentSystem -}: - -let - eval-config = modules: import { - inherit system; - modules = modules ++ [({ config, lib, ... }: with lib; { - imports = filter dir.has-default-nix (concatLists [ - (map (p: p + "/2configs") [ ]) - (map (p: p + "/3modules") [ ]) - ]); - - krebs.current = { - enable = true; - host = config.krebs.hosts.${readFile /proc/sys/kernel/hostname}; - user = config.krebs.users.${getEnv "LOGNAME"}; - }; - - nixpkgs.config.packageOverrides = pkgs: let - kpkgs = import { inherit lib pkgs; }; - upkgs = import { inherit lib; pkgs = pkgs // kpkgs; }; - in kpkgs // upkgs; - })]; - specialArgs = { - lib = let - nlib = import // builtins; - klib = nlib // import { lib = nlib; }; - ulib = klib // (with klib; let p = + "/4lib"; in - optionalAttrs (dir.has-default-nix p) - (import p { lib = klib; })); - in ulib; - }; - }; - - eval = eval-config [ - configuration - ]; - - # This is for `nixos-rebuild build-vm'. - vm = eval-config [ - configuration - - ]; - - # This is for `nixos-rebuild build-vm-with-bootloader'. - vm-with-bootloader = eval-config [ - configuration - - { virtualisation.useBootLoader = true; } - ]; -in - -{ - inherit (eval) config options; - - system = eval.config.system.build.toplevel; - - vm = vm.config.system.build.vm; - - vmWithBootLoader = vm-with-bootloader.config.system.build.vm; - - # The following are used by nixos-rebuild. - nixFallback = eval.pkgs.nixUnstable; -} +import diff --git a/nixpkgs/nixos/lib b/nixpkgs/nixos/lib index eb942f8..9e69d1a 120000 --- a/nixpkgs/nixos/lib +++ b/nixpkgs/nixos/lib @@ -1 +1 @@ -../../upstream-nixpkgs/nixos/lib \ No newline at end of file +../../../upstream-nixpkgs/nixos/lib \ No newline at end of file diff --git a/nixpkgs/nixos/modules b/nixpkgs/nixos/modules index 8fbc437..8aa2488 120000 --- a/nixpkgs/nixos/modules +++ b/nixpkgs/nixos/modules @@ -1 +1 @@ -../../upstream-nixpkgs/nixos/modules \ No newline at end of file +../../../upstream-nixpkgs/nixos/modules \ No newline at end of file diff --git a/root b/root new file mode 120000 index 0000000..1cd1825 --- /dev/null +++ b/root @@ -0,0 +1 @@ +../stockholm-user \ No newline at end of file diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 46320b7..57c4620 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -8,11 +8,9 @@ with lib; krebs.build = { user = config.krebs.users.tv; target = mkDefault "root@${config.krebs.build.host.name}"; - source-version = 2; source = mapAttrs (_: mkDefault) ({ nixos-config = "symlink:stockholm/tv/1systems/${config.krebs.build.host.name}.nix"; nixpkgs = symlink:stockholm/nixpkgs; - null = "symlink:stockholm/null"; secrets = "/home/tv/secrets/${config.krebs.build.host.name}"; secrets-common = "/home/tv/secrets/common"; stockholm = "/home/tv/stockholm"; @@ -104,7 +102,7 @@ with lib; }; environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/null:/var/src"; + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; }; programs.bash = { -- cgit v1.2.3