diff --git a/modules/flake/programs/default.nix b/modules/flake/programs/default.nix index d7d5d95..59d226c 100644 --- a/modules/flake/programs/default.nix +++ b/modules/flake/programs/default.nix @@ -2,6 +2,6 @@ imports = [ ./shell.nix ./formatter.nix - # ./deploy.nix + ./deploy.nix ]; } diff --git a/modules/flake/programs/deploy.nix b/modules/flake/programs/deploy.nix new file mode 100644 index 0000000..7b71fe1 --- /dev/null +++ b/modules/flake/programs/deploy.nix @@ -0,0 +1,44 @@ +{ + lib, + self, + inputs, + config, + ... +}: let + inherit (builtins) elem mapAttrs attrNames; + inherit (lib.attrsets) filterAttrs; + + # extract the names of the systems that we want to deploy + deployableSystems = attrNames (filterAttrs (_: attrs: attrs.deployable) config.easyHosts.hosts); + + easyHostsFromDeployableSystems = + filterAttrs ( + name: _: elem name deployableSystems + ) + self.nixosConfigurations; +in { + flake = { + checks = { + x86_64-linux = inputs.deploy-rs.lib.x86_64-linux.deployChecks self.deploy; + # aarch64-linux = inputs.deploy-rs.lib.aarch64-linux.deployChecks self.deploy; + }; + + deploy = { + autoRollback = true; + magicRollback = true; + interactiveSudo = true; + + # then create a list of nodes that we want to deploy that we can pass to the deploy configuration + nodes = + mapAttrs (name: node: { + hostname = name; + profiles.system = { + user = "root"; + sshUser = node.config.olympus.system.mainUser or "root"; + path = inputs.deploy-rs.lib.${config.easyHosts.hosts.${name}.system}.activate.nixos node; + }; + }) + easyHostsFromDeployableSystems; + }; + }; +} diff --git a/secrets/default.nix b/secrets/default.nix deleted file mode 100644 index b49380b..0000000 --- a/secrets/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -let - pingu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu"; - elissa = ""; - users = [pingu elissa]; -in { - "forgejo-runner-token.age".publicKeys = [pingu]; - "vaultwarden-env.age".publicKeys = [pingu]; -}