summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/build.nix218
-rw-r--r--krebs/default.nix95
-rw-r--r--krebs/v2/default.nix132
3 files changed, 150 insertions, 295 deletions
diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix
index 0f8aec89d..00142acdd 100644
--- a/krebs/3modules/build.nix
+++ b/krebs/3modules/build.nix
@@ -28,81 +28,157 @@ let
type = types.user;
};
- options.krebs.build.source-version = mkOption {
- type = types.enum [ 1 2 ];
- default = 1;
+ options.krebs.build.source = let
+ raw = types.either types.str types.path;
+ url = types.submodule {
+ options = {
+ url = mkOption {
+ type = types.str;
+ };
+ rev = mkOption {
+ type = types.str;
+ };
+ dev = mkOption {
+ type = types.str;
+ };
+ };
+ };
+ in mkOption {
+ type = types.attrsOf (types.either types.str url);
+ apply = let f = mapAttrs (_: value: {
+ string = value;
+ path = toString value;
+ set = f value;
+ }.${typeOf value}); in f;
+ default = {};
};
- options.krebs.build.source = getAttr "v${toString config.krebs.build.source-version}" {
- v1 = {
- dir = mkOption {
- type = let
- default-host = config.krebs.current.host;
- in types.attrsOf (types.submodule ({ config, ... }: {
- options = {
- host = mkOption {
- type = types.host;
- default = default-host;
- };
- path = mkOption {
- type = types.str;
- };
- target-path = mkOption {
- type = types.str;
- default = "/root/${config._module.args.name}";
- };
- url = mkOption {
- type = types.str;
- default = "file://${config.host.name}${config.path}";
- };
- };
- }));
- default = {};
- };
+ options.krebs.build.populate = mkOption {
+ type = types.str;
+ default = let
+ source = config.krebs.build.source;
+ target-user = maybeEnv "target_user" "root";
+ target-host = maybeEnv "target_host" config.krebs.build.host.name;
+ target-path = maybeEnv "target_path" "/var/src";
+ out = ''
+ #! /bin/sh
+ set -eu
- git = mkOption {
- type = with types; attrsOf (submodule ({ config, ... }: {
- options = {
- url = mkOption {
- type = types.str; # TODO must be shell safe
- };
- rev = mkOption {
- type = types.str;
- };
- target-path = mkOption {
- type = types.str;
- default = "/root/${config._module.args.name}";
- };
- };
- }));
- default = {};
- };
- };
+ verbose() {
+ printf '+%s\n' "$(printf ' %q' "$@")" >&2
+ "$@"
+ }
- v2 = let
- raw = types.either types.str types.path;
- url = types.submodule {
- options = {
- url = mkOption {
- type = types.str;
- };
- rev = mkOption {
- type = types.str;
- };
- dev = mkOption {
- type = types.str;
- };
- };
- };
- in mkOption {
- type = types.attrsOf (types.either types.str url);
- apply = let f = mapAttrs (_: value: {
- string = value;
- path = toString value;
- set = f value;
- }.${typeOf value}); in f;
- default = {};
- };
+ echo ${shell.escape git-script} \
+ | ssh ${shell.escape "${target-user}@${target-host}"} -T
+
+ unset tmpdir
+ trap '
+ rm "$tmpdir"/*
+ rmdir "$tmpdir"
+ trap - EXIT INT QUIT
+ ' EXIT INT QUIT
+ tmpdir=$(mktemp -dt stockholm.XXXXXXXX)
+ chmod 0755 "$tmpdir"
+
+ ${concatStringsSep "\n"
+ (mapAttrsToList
+ (name: spec: let dst = removePrefix "symlink:" (get-url spec); in
+ "verbose ln -s ${shell.escape dst} $tmpdir/${shell.escape name}")
+ symlink-specs)}
+
+ verbose proot \
+ -b $tmpdir:${shell.escape target-path} \
+ ${concatStringsSep " \\\n "
+ (mapAttrsToList
+ (name: spec:
+ "-b ${shell.escape "${get-url spec}:${target-path}/${name}"}")
+ file-specs)} \
+ rsync \
+ -f ${shell.escape "P /*"} \
+ ${concatMapStringsSep " \\\n "
+ (name: "-f ${shell.escape "R /${name}"}")
+ (attrNames file-specs)} \
+ --delete \
+ -vFrlptD \
+ ${shell.escape target-path}/ \
+ ${shell.escape "${target-user}@${target-host}:${target-path}"}
+ '';
+
+ get-schema = uri:
+ if substring 0 1 uri == "/"
+ then "file"
+ else head (splitString ":" uri);
+
+ has-schema = schema: uri: get-schema uri == schema;
+
+ get-url = spec: {
+ string = spec;
+ path = toString spec;
+ set = get-url spec.url;
+ }.${typeOf spec};
+
+ git-specs =
+ filterAttrs (_: spec: has-schema "https" (get-url spec)) source //
+ filterAttrs (_: spec: has-schema "http" (get-url spec)) source //
+ filterAttrs (_: spec: has-schema "git" (get-url spec)) source;
+
+ file-specs =
+ filterAttrs (_: spec: has-schema "file" (get-url spec)) source;
+
+ symlink-specs =
+ filterAttrs (_: spec: has-schema "symlink" (get-url spec)) source;
+
+ git-script = ''
+ #! /bin/sh
+ set -efu
+
+ verbose() {
+ printf '+%s\n' "$(printf ' %q' "$@")" >&2
+ "$@"
+ }
+
+ fetch_git() {(
+ dst_dir=$1
+ src_url=$2
+ src_ref=$3
+
+ if ! test -e "$dst_dir"; then
+ git clone "$src_url" "$dst_dir"
+ fi
+
+ cd "$dst_dir"
+
+ if ! url=$(git config remote.origin.url); then
+ git remote add origin "$src_url"
+ elif test "$url" != "$src_url"; then
+ git remote set-url origin "$src_url"
+ fi
+
+ # TODO resolve src_ref to commit hash
+ hash=$src_ref
+
+ if ! test "$(git log --format=%H -1)" = "$hash"; then
+ git fetch origin
+ git checkout "$hash" -- "$dst_dir"
+ git checkout "$hash"
+ fi
+
+ git clean -dxf
+ )}
+
+ ${concatStringsSep "\n"
+ (mapAttrsToList
+ (name: spec: toString (map shell.escape [
+ "verbose"
+ "fetch_git"
+ "${target-path}/${name}"
+ spec.url
+ spec.rev
+ ]))
+ git-specs)}
+ '';
+ in out;
};
};
diff --git a/krebs/default.nix b/krebs/default.nix
index e9ee71b34..17c035896 100644
--- a/krebs/default.nix
+++ b/krebs/default.nix
@@ -1,3 +1,5 @@
+assert false;
+
{ current-host-name
, current-user-name
, lib
@@ -6,30 +8,11 @@
}:
let out = {
- inherit deploy;
inherit infest;
inherit init;
inherit nixos-install;
- inherit populate;
};
- deploy =
- { system ? current-host-name
- , target ? system
- }@args: let
- config = get-config system;
- in ''
- #! /bin/sh
- # krebs.deploy
- set -efu
- (${populate args})
- ${rootssh target ''
- ${nix-install args}
- ${config.krebs.build.profile}/bin/switch-to-configuration switch
- ''}
- echo OK
- '';
-
infest =
{ system ? current-host-name
, target ? system
@@ -45,9 +28,6 @@ let out = {
${builtins.readFile ./4lib/infest/install-nix.sh}
''}
- # Prepare target source via bind-mounting
-
-
(${nixos-install args})
${rootssh target ''
@@ -169,9 +149,7 @@ let out = {
get-config = system: let
config = stockholm.users.${current-user-name}.${system}.config
or (abort "unknown system: ${system}, user: ${current-user-name}");
- in
- assert config.krebs.build.source-version == 1;
- config;
+ in config;
nix-install =
{ system ? current-host-name
@@ -203,73 +181,6 @@ let out = {
])}
'';
- populate =
- { system ? current-host-name
- , target ? system
- , root ? ""
- }@args:
- let out = ''
- #! /bin/sh
- set -efu
- ${lib.concatStringsSep "\n"
- (lib.concatMap
- (type: lib.mapAttrsToList (_: methods.${type})
- config.krebs.build.source.${type})
- ["dir" "git"])}
- '';
-
-
- config = get-config system;
-
- current-host = config.krebs.hosts.${current-host-name};
- current-user = config.krebs.users.${current-user-name};
-
- methods.dir = config:
- let
- can-push = config.host.name == current-host.name;
- target-path = root + config.target-path;
- push-method = ''
- rsync \
- --exclude .git \
- --exclude .graveyard \
- --exclude old \
- --exclude tmp \
- --rsync-path='mkdir -p ${target-path} && rsync' \
- --delete-excluded \
- -vrlptD \
- ${config.path}/ \
- root@${target}:${target-path}
- '';
- in
- if can-push then push-method else
- let dir = "file://${config.host.name}${config.path}"; in
- # /!\ revise this message when using more than just push-method
- throw "No way to push ${dir} from ${current-host.name} to ${target}";
-
- methods.git = config:
- let target-path = root + config.target-path;
- in rootssh target ''
- mkdir -p ${target-path}
- cd ${target-path}
- if ! test -e .git; then
- git init
- fi
- if ! cur_url=$(git config remote.origin.url 2>/dev/null); then
- git remote add origin ${config.url}
- elif test "$cur_url" != ${config.url}; then
- git remote set-url origin ${config.url}
- fi
- if test "$(git rev-parse --verify HEAD 2>/dev/null)" != ${config.rev}; then
- git fetch origin
- git checkout ${config.rev} -- .
- git checkout -q ${config.rev}
- git submodule init
- git submodule update
- fi
- git clean -dxf
- '';
- in out;
-
rootssh = target: script:
let
flags = "-o StrictHostKeyChecking=${StrictHostKeyChecking}";
diff --git a/krebs/v2/default.nix b/krebs/v2/default.nix
deleted file mode 100644
index cba7a75ff..000000000
--- a/krebs/v2/default.nix
+++ /dev/null
@@ -1,132 +0,0 @@
-{ lib
-, source
-, target-user ? "root"
-, target-host
-, target-path ? "/var/src"
-}:
-with lib;
-let
- out = {
- inherit populate;
- };
-
- populate = ''
- #! /bin/sh
- set -eu
-
- verbose() {
- printf '+%s\n' "$(printf ' %q' "$@")" >&2
- "$@"
- }
-
- echo ${shell.escape git-script} \
- | ssh ${shell.escape "${target-user}@${target-host}"} -T
-
- unset tmpdir
- trap '
- rm "$tmpdir"/*
- rmdir "$tmpdir"
- trap - EXIT INT QUIT
- ' EXIT INT QUIT
- tmpdir=$(mktemp -dt stockholm.XXXXXXXX)
- chmod 0755 "$tmpdir"
-
- ${concatStringsSep "\n"
- (mapAttrsToList
- (name: spec: let dst = removePrefix "symlink:" (get-url spec); in
- "verbose ln -s ${shell.escape dst} $tmpdir/${shell.escape name}")
- symlink-specs)}
-
- verbose proot \
- -b $tmpdir:${shell.escape target-path} \
- ${concatStringsSep " \\\n "
- (mapAttrsToList
- (name: spec:
- "-b ${shell.escape "${get-url spec}:${target-path}/${name}"}")
- file-specs)} \
- rsync \
- -f ${shell.escape "P /*"} \
- ${concatMapStringsSep " \\\n "
- (name: "-f ${shell.escape "R /${name}"}")
- (attrNames file-specs)} \
- --delete \
- -vFrlptD \
- ${shell.escape target-path}/ \
- ${shell.escape "${target-user}@${target-host}:${target-path}"}
- '';
-
- get-schema = uri:
- if substring 0 1 uri == "/"
- then "file"
- else head (splitString ":" uri);
-
- has-schema = schema: uri: get-schema uri == schema;
-
- get-url = spec: {
- string = spec;
- path = toString spec;
- set = get-url spec.url;
- }.${typeOf spec};
-
- git-specs =
- filterAttrs (_: spec: has-schema "https" (get-url spec)) source //
- filterAttrs (_: spec: has-schema "http" (get-url spec)) source //
- filterAttrs (_: spec: has-schema "git" (get-url spec)) source;
-
- file-specs =
- filterAttrs (_: spec: has-schema "file" (get-url spec)) source;
-
- symlink-specs =
- filterAttrs (_: spec: has-schema "symlink" (get-url spec)) source;
-
- git-script = ''
- #! /bin/sh
- set -efu
-
- verbose() {
- printf '+%s\n' "$(printf ' %q' "$@")" >&2
- "$@"
- }
-
- fetch_git() {(
- dst_dir=$1
- src_url=$2
- src_ref=$3
-
- if ! test -e "$dst_dir"; then
- git clone "$src_url" "$dst_dir"
- fi
-
- cd "$dst_dir"
-
- if ! url=$(git config remote.origin.url); then
- git remote add origin "$src_url"
- elif test "$url" != "$src_url"; then
- git remote set-url origin "$src_url"
- fi
-
- # TODO resolve src_ref to commit hash
- hash=$src_ref
-
- if ! test "$(git log --format=%H -1)" = "$hash"; then
- git fetch origin
- git checkout "$hash" -- "$dst_dir"
- git checkout "$hash"
- fi
-
- git clean -dxf
- )}
-
- ${concatStringsSep "\n"
- (mapAttrsToList
- (name: spec: toString (map shell.escape [
- "verbose"
- "fetch_git"
- "${target-path}/${name}"
- spec.url
- spec.rev
- ]))
- git-specs)}
- '';
-
-in out