feat: integrate deploy-rs

2025-03-20 14:44:12 -05:00 · 2025-03-20 14:44:12 -05:00 · 014c690336
commit 014c690336
parent e1d8b4b673
6 changed files with 117 additions and 152 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,28 +1,24 @@
 {
  "nodes": {
-    "colmena": {
+    "deploy-rs": {
      "inputs": {
        "flake-compat": "flake-compat",
-        "flake-utils": "flake-utils",
-        "nix-github-actions": "nix-github-actions",
        "nixpkgs": [
          "nixpkgs-unstable"
        ],
-        "stable": [
-          "nixpkgs"
-        ]
+        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1739900653,
-        "narHash": "sha256-hPSLvw6AZQYrZyGI6Uq4XgST7benF/0zcCpugn/P0yM=",
-        "owner": "zhaofengli",
-        "repo": "colmena",
-        "rev": "2370d4336eda2a9ef29fce10fa7076ae011983ab",
+        "lastModified": 1727447169,
+        "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=",
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76",
        "type": "github"
      },
      "original": {
-        "owner": "zhaofengli",
-        "repo": "colmena",
+        "owner": "serokell",
+        "repo": "deploy-rs",
        "type": "github"
      }
    },
@ -50,11 +46,11 @@
    "flake-compat": {
      "flake": false,
      "locked": {
-        "lastModified": 1650374568,
-        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
        "type": "github"
      },
      "original": {
@ -112,23 +108,8 @@
      }
    },
    "flake-utils": {
-      "locked": {
-        "lastModified": 1659877975,
-        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_2": {
      "inputs": {
-        "systems": "systems"
+        "systems": "systems_2"
      },
      "locked": {
        "lastModified": 1731533236,
@ -144,9 +125,9 @@
        "type": "github"
      }
    },
-    "flake-utils_3": {
+    "flake-utils_2": {
      "inputs": {
-        "systems": "systems_2"
+        "systems": "systems_3"
      },
      "locked": {
        "lastModified": 1731533236,
@ -165,7 +146,7 @@
    "ghostty": {
      "inputs": {
        "flake-compat": "flake-compat_2",
-        "flake-utils": "flake-utils_2",
+        "flake-utils": "flake-utils",
        "nixpkgs-stable": [
          "nixpkgs"
        ],
@ -295,7 +276,7 @@
    },
    "helix": {
      "inputs": {
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_2",
        "nixpkgs": [
          "nixpkgs-unstable"
        ],
@ -373,27 +354,6 @@
        "type": "github"
      }
    },
-    "nix-github-actions": {
-      "inputs": {
-        "nixpkgs": [
-          "colmena",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1729742964,
-        "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
-        "owner": "nix-community",
-        "repo": "nix-github-actions",
-        "rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nix-github-actions",
-        "type": "github"
-      }
-    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1741600792,
@ -444,7 +404,7 @@
    },
    "root": {
      "inputs": {
-        "colmena": "colmena",
+        "deploy-rs": "deploy-rs",
        "disko": "disko",
        "ghostty": "ghostty",
        "git-hooks": "git-hooks",
@ -554,6 +514,39 @@
        "type": "github"
      }
    },
+    "systems_3": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
+    "utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1701680307,
+        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
    "zig": {
      "inputs": {
        "flake-compat": [
--- a/flake.nix
+++ b/flake.nix
@ -4,6 +4,12 @@
    let
      flakeLib = import ./lib inputs;
      uGenPkgs = flakeLib.genPkgs inputs.nixpkgs-unstable;
+
+      deployChecks = (
+        builtins.mapAttrs (
+          system: deployLib: deployLib.deployChecks inputs.self.deploy
+        ) inputs.deploy-rs.lib
+      );
    in
    {
      inherit flakeLib;
@ -15,7 +21,7 @@
      templates = import ./lib/templates;

      diskoConfigurations = import ./lib/disko inputs;
-      checks = uGenPkgs (import ./packages/checks inputs);
+      checks = deployChecks // (uGenPkgs (import ./packages/checks inputs));
      devShells = uGenPkgs (import ./packages/shells inputs);

      nixosModules = import ./lib/modules/nixos inputs;
@ -25,8 +31,7 @@

      formatter = uGenPkgs (p: p.nixfmt-rfc-style);

-      colmena = import ./lib/colmena inputs;
-      colmenaHive = inputs.colmena.lib.makeHive inputs.self.outputs.colmena;
+      deploy = import ./lib/deploy inputs;

      /*
        TODO: nix-on-droid for phone terminal usage? mobile-nixos?
@ -73,9 +78,8 @@
    ghostty.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable";
    ghostty.inputs.nixpkgs-stable.follows = "nixpkgs";

-    colmena.url = "github:zhaofengli/colmena";
-    colmena.inputs.nixpkgs.follows = "nixpkgs-unstable";
-    colmena.inputs.stable.follows = "nixpkgs";
+    deploy-rs.url = "github:serokell/deploy-rs";
+    deploy-rs.inputs.nixpkgs.follows = "nixpkgs-unstable";

    # nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";

--- a/lib/colmena/default.nix
+++ b/lib/colmena/default.nix
@ -1,70 +0,0 @@
-{
-  home-manager,
-  nixpkgs-unstable,
-  self,
-  ...
-}@inputs:
-{
-  meta =
-    let
-      nixpkgsSet =
-        nixpkgs:
-        (import nixpkgs {
-          system = "x86_64-linux";
-          overlays = [ self.outputs.flakeLib.forSelfOverlay ];
-        });
-      nixpkgs = nixpkgsSet nixpkgs-unstable;
-      stable = nixpkgsSet nixpkgs;
-    in
-    {
-      inherit nixpkgs;
-      nodeNixpkgs = {
-        # router = stable;
-        beefcake = stable;
-      };
-      specialArgs = {
-        inherit home-manager;
-        hardware = inputs.hardware.outputs.nixosModules;
-        diskoConfigurations = inputs.self.outputs.diskoConfigurations;
-      };
-    };
-
-  # TODO: setup builders?
-  foxtrot =
-    {
-      # name,
-      # nodes,
-      # pkgs,
-      ...
-    }:
-    {
-      deployment = {
-        # Allow local deployment with `colmena apply-local`
-        allowLocalDeployment = true;
-
-        # Disable SSH deployment. This node will be skipped in a
-        # normal`colmena apply`.
-        targetHost = null;
-      };
-
-      imports = [
-        inputs.self.outputs.nixosModules.default
-        (import ./../../packages/hosts/foxtrot.nix)
-      ];
-
-      # boot.isContainer = true;
-      # time.timeZone = nodes.host-b.config.time.timeZone;
-    };
-  beefcake =
-    { ... }:
-    {
-      deployment = {
-        buildOnTarget = true;
-      };
-
-      imports = [
-        inputs.self.outputs.nixosModules.default
-        (import ./../../packages/hosts/beefcake.nix)
-      ];
-    };
-}
--- a/lib/deploy/default.nix
+++ b/lib/deploy/default.nix
@ -0,0 +1,31 @@
+{ deploy-rs, self, ... }:
+let
+  deployer =
+    host: opts:
+    {
+      hostname = "${host}.hare-cod.ts.net";
+      remoteBuild = true; # should pull from cache # TODO: verify this
+      fastConnection = true;
+      interactiveSudo = true;
+      profiles.system = {
+        user = "root";
+        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${host};
+      };
+    }
+    // opts;
+in
+{
+  nodes = {
+    beefcake = deployer "beefcake" { };
+    dragon = deployer "dragon" { };
+    htpc = deployer "htpc" { };
+    bigtower = deployer "bigtower" { };
+    rascal = deployer "rascal" { };
+    router = (deployer "router") {
+      sshOpts = [
+        "-p"
+        "2201"
+      ];
+    };
+  };
+}
--- a/lib/overlays/default.nix
+++ b/lib/overlays/default.nix
@ -20,12 +20,11 @@ rec {
  modifications =
    final: prev:
    let
-      inherit (inputs) helix ghostty colmena;
+      inherit (inputs) helix ghostty;
    in
    {
      ghostty = ghostty.outputs.packages.${prev.system}.default;
      helix = helix.outputs.packages.${prev.system}.default;
-      colmena = colmena.outputs.packages.${prev.system}.colmena;

      bitwarden = prev.bitwarden.overrideAttrs (old: {
        preBuild = ''
--- a/packages/checks/default.nix
+++ b/packages/checks/default.nix
@ -1,18 +1,26 @@
-{ git-hooks, ... }:
-{ pkgs, ... }:
 {
-  git-hooks = git-hooks.lib.${pkgs.system}.run {
-    src = ./.;
-    hooks = {
-      convco.enable = true;
-      nixfmt-rfc-style.enable = true;
-      # nix-flake-check = {
-      #   enable = true;
-      #   name = "nix flake check";
-      #   entry = "${pkgs.nix}/bin/nix --extra-experimental-features 'nix-command flakes' flake check";
-      #   pass_filenames = false;
-      #   stages = [ "pre-commit" ];
-      # };
+  deploy-rs,
+  git-hooks,
+  self,
+  ...
+}:
+{ pkgs, ... }:
+(
+  {
+    git-hooks = git-hooks.lib.${pkgs.system}.run {
+      src = ./.;
+      hooks = {
+        convco.enable = true;
+        nixfmt-rfc-style.enable = true;
+        # nix-flake-check = {
+        #   enable = true;
+        #   name = "nix flake check";
+        #   entry = "${pkgs.nix}/bin/nix --extra-experimental-features 'nix-command flakes' flake check";
+        #   pass_filenames = false;
+        #   stages = [ "pre-commit" ];
+        # };
+      };
    };
-  };
-}
+  }
+  // deploy-rs.lib.${pkgs.system}.deployChecks self.deploy
+)