Create script to auto-deploy with retries

deploy/README.md

@@ -4,14 +4,26 @@ Note that you have to be connected to the `vpn.qo.is`
 (or execute the deployment from a host that is in the `backplane.net.qo.is` overlay network)
 and that you need to have SSH root access to the target machines.
 
+## Deploy system categories
+
+We currently split out nixosConfigurations into these categories:
+
+- `system-ci`: Systems should be updated separately because they might break automated deployment processes.
+- `system-vm`: Virtual systems.
+- `system-physical`: Physical systems.
+
+You can roll updates with retries by category with:
+
+```bash
+auto-deploy system-vm
+auto-deploy system-physical
+```
+
 ## Deploy to selected target hosts
 
 ```bash
-nix run .#deploy-qois .#<hostname>.system .#<hostname2>.system
-```
+nix develop
 
-## Deploy with extended timeouts (sometimes required for slow APU devices)
-
-```bash
-nix run .#deploy-qois  .#calanda.system -- --confirm-timeout 600 --activation-timeout 600
+deploy --skip-checks .#cyprianspitz.system-physical
+deploy --skip-checks .#lindberg-build.system-vm
 ```

deploy/docs-ops/default.nix

@@ -12,5 +12,6 @@ in
     sshUser = "nginx-${domain}";
     path = deployPkgs.deploy-rs.lib.activate.noop self.packages.${system}.docs;
     profilePath = "/var/lib/nginx-${domain}/root";
+    remoteBuild = true;
   };
 }

deploy/system-ci/default.nix

@@ -0,0 +1,27 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  ...
+}:
+let
+  inherit (pkgs.lib) pipe filterAttrs mapAttrs;
+in
+{
+  nodes = pipe self.nixosConfigurations [
+    (filterAttrs (_n: v: v.config.qois.git-ci-runner.enable))
+    (mapAttrs (
+      host: config: {
+        hostname = "${host}.backplane.net.qo.is";
+        profiles.system-ci = {
+          sshUser = "root";
+          user = "root";
+          activationTimeout = 300;
+          confirmTimeout = 60;
+          remoteBuild = true;
+          path = deployPkgs.deploy-rs.lib.activate.nixos config;
+        };
+      }
+    ))
+  ];
+}

deploy/system-physical/default.nix

@@ -0,0 +1,27 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  ...
+}:
+let
+  inherit (pkgs.lib) pipe filterAttrs mapAttrs;
+in
+{
+  nodes = pipe self.nixosConfigurations [
+    (filterAttrs (_n: v: !v.config.services.qemuGuest.enable && !v.config.qois.git-ci-runner.enable))
+    (mapAttrs (
+      host: config: {
+        hostname = "${host}.backplane.net.qo.is";
+        profiles.system-physical = {
+          sshUser = "root";
+          user = "root";
+          activationTimeout = 600;
+          confirmTimeout = 120;
+          remoteBuild = true;
+          path = deployPkgs.deploy-rs.lib.activate.nixos config;
+        };
+      }
+    ))
+  ];
+}

deploy/system-vm/default.nix

@@ -0,0 +1,27 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  ...
+}:
+let
+  inherit (pkgs.lib) pipe filterAttrs mapAttrs;
+in
+{
+  nodes = pipe self.nixosConfigurations [
+    (filterAttrs (_n: v: v.config.services.qemuGuest.enable && !v.config.qois.git-ci-runner.enable))
+    (mapAttrs (
+      host: config: {
+        hostname = "${host}.backplane.net.qo.is";
+        profiles.system-vm = {
+          sshUser = "root";
+          user = "root";
+          activationTimeout = 300;
+          confirmTimeout = 60;
+          remoteBuild = true;
+          path = deployPkgs.deploy-rs.lib.activate.nixos config;
+        };
+      }
+    ))
+  ];
+}

deploy/system/default.nix

@@ -1,20 +0,0 @@
-{
-  deployPkgs,
-  pkgs,
-  self,
-  system,
-  ...
-}:
-{
-  nodes = pkgs.lib.mapAttrs (host: config: {
-    hostname = "${host}.backplane.net.qo.is";
-    profiles.system = {
-      sshUser = "root";
-      user = "root";
-      activationTimeout = 420;
-      confirmTimeout = 120;
-
-      path = deployPkgs.deploy-rs.lib.activate.nixos config;
-    };
-  }) self.nixosConfigurations;
-}