Modules: add deploy-rs config

modules/flake/programs/default.nix

@@ -2,6 +2,6 @@
   imports = [
     ./shell.nix
     ./formatter.nix
-    # ./deploy.nix
+    ./deploy.nix
   ];
 }

modules/flake/programs/deploy.nix

@@ -0,0 +1,44 @@
+{
+  lib,
+  self,
+  inputs,
+  config,
+  ...
+}: let
+  inherit (builtins) elem mapAttrs attrNames;
+  inherit (lib.attrsets) filterAttrs;
+
+  # extract the names of the systems that we want to deploy
+  deployableSystems = attrNames (filterAttrs (_: attrs: attrs.deployable) config.easyHosts.hosts);
+
+  easyHostsFromDeployableSystems =
+    filterAttrs (
+      name: _: elem name deployableSystems
+    )
+    self.nixosConfigurations;
+in {
+  flake = {
+    checks = {
+      x86_64-linux = inputs.deploy-rs.lib.x86_64-linux.deployChecks self.deploy;
+      # aarch64-linux = inputs.deploy-rs.lib.aarch64-linux.deployChecks self.deploy;
+    };
+
+    deploy = {
+      autoRollback = true;
+      magicRollback = true;
+      interactiveSudo = true;
+
+      # then create a list of nodes that we want to deploy that we can pass to the deploy configuration
+      nodes =
+        mapAttrs (name: node: {
+          hostname = name;
+          profiles.system = {
+            user = "root";
+            sshUser = node.config.olympus.system.mainUser or "root";
+            path = inputs.deploy-rs.lib.${config.easyHosts.hosts.${name}.system}.activate.nixos node;
+          };
+        })
+        easyHostsFromDeployableSystems;
+    };
+  };
+}

secrets/default.nix

@@ -1,8 +0,0 @@
-let
-  pingu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu";
-  elissa = "";
-  users = [pingu elissa];
-in {
-  "forgejo-runner-token.age".publicKeys = [pingu];
-  "vaultwarden-env.age".publicKeys = [pingu];
-}