From 20e8d98ea1815c6a898958caab2bb838dd0c97f1 Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Sun, 17 Sep 2023 16:59:42 +0200 Subject: [PATCH] deployment with Colmena --- README.md | 34 ++++++++++++++++++ hive.nix | 60 ++++++++++++++++++++++++++++++++ hosts/yodaTab/configuration.nix | 2 +- hosts/yodaTux/configuration.nix | 2 +- hosts/yodaYoga/configuration.nix | 2 +- 5 files changed, 97 insertions(+), 3 deletions(-) create mode 100644 hive.nix diff --git a/README.md b/README.md index 7a9894e..ad7c0fb 100644 --- a/README.md +++ b/README.md @@ -190,6 +190,40 @@ niv add nix-community/NUR -n NUR # TODO (!) ``` +## Deployment and secrets + +Install Colmena: + +```shell +nix-shell -p colmena +``` + +Configuration is done inside [hive.nix](hive.nix). + +Build config: + +```shell +colmena build +``` + +Apply to all non-local nodes: + +```shell +colmena apply switch +#colmena apply boot +``` + +Apply to local node: + +```shell +colmena apply-local --sudo switch +#colmena apply-local --sudo boot +``` + +Filtering: +- You can filter hosts by tags with `--on @tag-a,@tag-b`. +- You can use globs in tag matching as well: `colmena apply --on '@infra-*'` + ## BTRFS Swap file * https://nixos.wiki/wiki/Btrfs#Swap_file diff --git a/hive.nix b/hive.nix new file mode 100644 index 0000000..cfab144 --- /dev/null +++ b/hive.nix @@ -0,0 +1,60 @@ +let + sources = import ./nix/sources.nix; +in +{ + # Colmena config: https://colmena.cli.rs/0.4/tutorial/index.html#basic-configuration + # Colmena local node: https://colmena.cli.rs/0.4/features/apply-local.html + + meta = { + # Override to pin the Nixpkgs version. + # Note: You can also override Nixpkgs by node. + nixpkgs = import sources.nixpkgs {}; + }; + + defaults = { ... }: { + # This module will be imported by all hosts. + }; + + # + # LOCAL DEPLOYMENT + # + + yodaTux = { name, nodes, ... }: { + # Import the per-host configuration file. + imports = [ ./hosts/${name}/configuration.nix ]; + + deployment = { + # Local deployment. + allowLocalDeployment = true; + targetHost = null; + }; + }; + + yodaTab = { name, nodes, ... }: { + # Import the per-host configuration file. + imports = [ ./hosts/${name}/configuration.nix ]; + + deployment = { + # Local deployment. + allowLocalDeployment = true; + targetHost = null; + }; + }; + + # + # SSH DEPLOYMENT + # + + yodaYoga = { name, nodes, ... }: { + # Import the per-host configuration file. + imports = [ ./hosts/${name}/configuration.nix ]; + + deployment = { + # SSH deployment. + targetHost = "p1st.de"; + targetPort = 2224; + + # tags = [ "production" ]; + }; + }; +} diff --git a/hosts/yodaTab/configuration.nix b/hosts/yodaTab/configuration.nix index 7a2e97e..52cbf79 100644 --- a/hosts/yodaTab/configuration.nix +++ b/hosts/yodaTab/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). -{ config, sources ? import ../../nix/sources.nix, pkgs ? import sources.nixpkgs {}, ... }: +{ config, pkgs, ... }: let # Import Home Manager with niv. home-manager = (import ../../nix/sources.nix).home-manager; diff --git a/hosts/yodaTux/configuration.nix b/hosts/yodaTux/configuration.nix index 2474001..c33bd1e 100644 --- a/hosts/yodaTux/configuration.nix +++ b/hosts/yodaTux/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). -{ config, sources ? import ../../nix/sources.nix, pkgs ? import sources.nixpkgs {}, ... }: +{ config, pkgs, ... }: let # Import Home Manager with niv. home-manager = (import ../../nix/sources.nix).home-manager; diff --git a/hosts/yodaYoga/configuration.nix b/hosts/yodaYoga/configuration.nix index ebe8cdd..6b1f4f3 100644 --- a/hosts/yodaYoga/configuration.nix +++ b/hosts/yodaYoga/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). -{ config, sources ? import ../../nix/sources.nix, pkgs ? import sources.nixpkgs {}, ... }: +{ config, pkgs, ... }: let # Import Home Manager with niv. home-manager = (import ../../nix/sources.nix).home-manager;