Add krops

2022-09-14 21:33:04 +00:00 · 2022-09-14 21:33:04 +00:00 · fbc787fa49
commit fbc787fa49
parent 4d6c4f1657
2 changed files with 85 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -20,11 +20,20 @@
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+
+    krops = {
+      url = "github:Mic92/krops";
+      inputs = {
+        flake-utils.follows = "flake-utils";
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
  };
  outputs =
    { self
    , nixpkgs
    , flake-utils
+    , krops
    , home-manager
    , nur
    , nix-pre-commit-hooks
@ -62,12 +71,48 @@
            ${self.checks.${system}.pre-commit-check.shellHook}
          '';
        };
+
+        apps = lib.mapAttrs
+          (name: program: { type = "app"; program = toString program; })
+          (flake-utils.lib.flattenTree {
+            deploy = lib.recurseIntoAttrs (lib.mapAttrs
+              (hostname: machine:
+                let
+                  inherit (krops.packages.${system}) writeCommand;
+                  inherit (krops) lib;
+                in
+                writeCommand "deploy-${hostname}" {
+                  target = lib.mkTarget "root@${machine.config.deployment.targetHost}" // {
+                    extraOptions = [
+                      # force allocation of tty to allow aborting with ^C and to show build progress
+                      "-t"
+                    ];
+                  };
+                  source = lib.evalSource (lib.singleton {
+                    config.file = {
+                      path = toString ./.;
+                      useChecksum = true;
+                    };
+                  });
+                  command = targetPath: ''
+                    nixos-rebuild switch --flake ${targetPath}/config -L --keep-going
+                  '';
+                }
+              )
+              self.nixosConfigurations);
+
+            showKeyFingerprint = pkgs.writeShellScript "show-key-fingerprint" ''
+              ${pkgs.gnupg}/bin/gpg --with-fingerprint --with-colons --show-key "keys/''${1}.asc" | awk -F: '$1 == "fpr" { print $10; exit }'
+            '';
+          });
+
      }) // {
      overlay = import ./pkgs;

      nixosConfigurations = nixpkgs.lib.mapAttrs
        (hostname: { system
                   , extraModules ? [ ]
+                   , targetHost ? hostname
                   , nixpkgs ? inputs.nixpkgs
                   }: nixpkgs.lib.nixosSystem rec {
          inherit system;
@ -75,10 +120,26 @@

          modules = [
            (./hosts + "/${hostname}/configuration.nix")
+
            ./modules
+
            {
              _module.args.inputs = inputs;
            }
+
+            # deployment settings
+            ({ lib, ... }: {
+              options.deployment = {
+                targetHost = lib.mkOption {
+                  type = lib.types.str;
+                  readOnly = true;
+                  internal = true;
+                };
+              };
+              config.deployment = {
+                inherit targetHost;
+              };
+            })
          ] ++ [{
            nixpkgs.overlays = [ nur.overlay ];
          }] ++ [