From 8a4c10140ee5a217df2a90f338b8b1a93754b211 Mon Sep 17 00:00:00 2001
From: blahai <github@blahai.gay>
Date: Mon, 27 Jan 2025 16:04:51 +0200
Subject: [PATCH] Modules: add deploy-rs config

---
 modules/flake/programs/default.nix |  2 +-
 modules/flake/programs/deploy.nix  | 44 ++++++++++++++++++++++++++++++
 secrets/default.nix                |  8 ------
 3 files changed, 45 insertions(+), 9 deletions(-)
 create mode 100644 modules/flake/programs/deploy.nix
 delete mode 100644 secrets/default.nix

diff --git a/modules/flake/programs/default.nix b/modules/flake/programs/default.nix
index d7d5d95..59d226c 100644
--- a/modules/flake/programs/default.nix
+++ b/modules/flake/programs/default.nix
@@ -2,6 +2,6 @@
   imports = [
     ./shell.nix
     ./formatter.nix
-    # ./deploy.nix
+    ./deploy.nix
   ];
 }
diff --git a/modules/flake/programs/deploy.nix b/modules/flake/programs/deploy.nix
new file mode 100644
index 0000000..7b71fe1
--- /dev/null
+++ b/modules/flake/programs/deploy.nix
@@ -0,0 +1,44 @@
+{
+  lib,
+  self,
+  inputs,
+  config,
+  ...
+}: let
+  inherit (builtins) elem mapAttrs attrNames;
+  inherit (lib.attrsets) filterAttrs;
+
+  # extract the names of the systems that we want to deploy
+  deployableSystems = attrNames (filterAttrs (_: attrs: attrs.deployable) config.easyHosts.hosts);
+
+  easyHostsFromDeployableSystems =
+    filterAttrs (
+      name: _: elem name deployableSystems
+    )
+    self.nixosConfigurations;
+in {
+  flake = {
+    checks = {
+      x86_64-linux = inputs.deploy-rs.lib.x86_64-linux.deployChecks self.deploy;
+      # aarch64-linux = inputs.deploy-rs.lib.aarch64-linux.deployChecks self.deploy;
+    };
+
+    deploy = {
+      autoRollback = true;
+      magicRollback = true;
+      interactiveSudo = true;
+
+      # then create a list of nodes that we want to deploy that we can pass to the deploy configuration
+      nodes =
+        mapAttrs (name: node: {
+          hostname = name;
+          profiles.system = {
+            user = "root";
+            sshUser = node.config.olympus.system.mainUser or "root";
+            path = inputs.deploy-rs.lib.${config.easyHosts.hosts.${name}.system}.activate.nixos node;
+          };
+        })
+        easyHostsFromDeployableSystems;
+    };
+  };
+}
diff --git a/secrets/default.nix b/secrets/default.nix
deleted file mode 100644
index b49380b..0000000
--- a/secrets/default.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-let
-  pingu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu";
-  elissa = "";
-  users = [pingu elissa];
-in {
-  "forgejo-runner-token.age".publicKeys = [pingu];
-  "vaultwarden-env.age".publicKeys = [pingu];
-}