Commit files for public release

deploy/README.md

@@ -0,0 +1,29 @@
+# Deployment
+
+Note that you have to be connected to the `vpn.qo.is`
+(or execute the deployment from a host that is in the `backplane.net.qo.is` overlay network)
+and that you need to have SSH root access to the target machines.
+
+
+
+#### Deploy to all hosts
+
+```bash
+nix run .#deploy-qois
+```
+
+
+#### Deploy to selected target hosts
+
+```bash
+nix run .#deploy-qois .#<hostname> .#<hostname2>
+
+# e.g.
+nix run .#deploy-qois .#fulberg
+```
+
+#### Deploy with extended timeouts (sometimes required for slow APU devices)
+
+```bash
+nix run .#deploy-qois  .#calanda -- --confirm-timeout 600 --activation-timeout 600
+```

deploy/default.nix

@@ -0,0 +1,12 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  ...
+}@params:
+with pkgs.lib;
+pipe ./. [
+  self.lib.loadSubmodulesFrom
+  (map (f: (import f params)))
+  (foldl recursiveUpdate { })
+]

deploy/docs-ops/default.nix

@@ -0,0 +1,17 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  system,
+  ...
+}:
+let
+  domain = "docs-ops.qo.is";
+in
+{
+  nodes.lindberg-webapps.profiles."${domain}" = {
+    sshUser = "nginx-${domain}";
+    path = deployPkgs.deploy-rs.lib.activate.noop self.packages.${system}.docs;
+    profilePath = "/var/lib/nginx-${domain}/root";
+  };
+}

deploy/system/default.nix

@@ -0,0 +1,20 @@
+{
+  deployPkgs,
+  pkgs,
+  self,
+  system,
+  ...
+}:
+{
+  nodes = pkgs.lib.mapAttrs (host: config: {
+    hostname = "${host}.backplane.net.qo.is";
+    profiles.system = {
+      sshUser = "root";
+      user = "root";
+      activationTimeout = 420;
+      confirmTimeout = 120;
+
+      path = deployPkgs.deploy-rs.lib.activate.nixos config;
+    };
+  }) self.nixosConfigurations;
+}