WIP: Create script to deploy in CI

deploy/README.md

@@ -4,14 +4,21 @@ Note that you have to be connected to the `vpn.qo.is`
 (or execute the deployment from a host that is in the `backplane.net.qo.is` overlay network)
 and that you need to have SSH root access to the target machines.
 
+## Deploy system categories
+
+This is also used in CI.
+
+```bash
+
+auto-deploy vm
+auto-deploy physical
+```
+
 ## Deploy to selected target hosts
 
 ```bash
-nix run .#deploy-qois .#<hostname>.system .#<hostname2>.system
+nix develop
-```
 
-## Deploy with extended timeouts (sometimes required for slow APU devices)
+deploy --skip-checks .#cyprianspitz.system-physical
-
+deploy --skip-checks .#lindberg-build.system-vm
-```bash
-nix run .#deploy-qois  .#calanda.system -- --confirm-timeout 600 --activation-timeout 600
 ```

dev-shells/default.nix

@@ -29,10 +29,9 @@ in
       pre-commit-check.enabledPackages
       ++ [ vscodium-with-extensions ]
       ++ (with self.packages.${system}; [
-        deploy-qois
         sops
         sops-rekey
-        auto-deploy-vms
+        auto-deploy
       ])
       ++ (with pkgs; [
         attic-client

packages/auto-deploy-vms/default.nix

@@ -1,46 +0,0 @@
-{
-  deploy-rs,
-  gitMinimal,
-  writeShellApplication,
-  ...
-}:
-writeShellApplication {
-  name = "qois-auto-deploy-vms";
-  meta.description = "Deploy VMs automatically as part of CI process.";
-  runtimeInputs = [
-    deploy-rs
-    gitMinimal
-  ];
-  text = ''
-    set -x
-    FLAKE_ROOT="$(git rev-parse --show-toplevel)"
-    export PROFILE="system-vm"
-    # shellcheck disable=SC2016
-    HOSTS=$(nix eval --raw .#deploy.nodes --apply 'nodes: let
-        names = builtins.attrNames nodes;
-        profile = "$PROFILE";
-        filteredNames = builtins.filter (name: nodes.''${name}.profiles ? ''${profile}) names;
-      in
-      builtins.concatStringsSep "\n" filteredNames')
-
-      retry() {
-          local -r -i max_attempts="$1"; shift
-          local -i attempt_num=1
-          until "$@"
-          do
-              if ((attempt_num==max_attempts))
-              then
-                  echo "Attempt $attempt_num failed and there are no more attempts left!"
-                  return 1
-              else
-                  echo "Attempt $attempt_num failed! Trying again in $attempt_num seconds..."
-                  sleep $((attempt_num++))
-              fi
-          done
-      }
-
-    for HOST in $HOSTS; do
-      retry 3 deploy --skip-checks --targets "$FLAKE_ROOT#''${HOST}.system-vm"
-    done
-  '';
-}

packages/auto-deploy/default.nix

@@ -0,0 +1,16 @@
+{
+  deploy-rs,
+  gitMinimal,
+  writeShellApplication,
+  lib,
+  ...
+}:
+writeShellApplication {
+  name = "auto-deploy";
+  meta.description = "Deploy machines automatically.";
+  runtimeInputs = [
+    deploy-rs
+    gitMinimal
+  ];
+  text = lib.readFile ./script.bash;
+}

packages/auto-deploy/script.bash

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+
+#### Environment
+FLAKE_ROOT="$(git rev-parse --show-toplevel)"
+
+export PROFILE=""
+case "${1:-''}" in
+vm | physical)
+  PROFILE="system-$1"
+  ;;
+*)
+  echo "🛑 Error: Please use 'vm' or 'physical' as first parameter."
+  exit 1
+  ;;
+esac
+
+HOSTS=$(nix eval --raw "$FLAKE_ROOT"#deploy.nodes --apply "
+   nodes: let
+     inherit (builtins) attrNames filter concatStringsSep;
+     names = attrNames nodes;
+     profile = \"$PROFILE\";
+     filteredNames = filter (name: nodes.\${name}.profiles ? \${profile}) names;
+   in concatStringsSep \"\\n\" filteredNames
+")
+
+#### Helpers
+retry() {
+  local -r -i max_attempts="$1"
+  shift
+  local -i attempt_num=1
+  until "$@"; do
+    if ((attempt_num == max_attempts)); then
+      echo "⚠️ Warning: Attempt $attempt_num failed and there are no more attempts left!"
+      return 1
+    else
+      echo "⚠️ Attempt $attempt_num failed! Trying again in $attempt_num seconds..."
+      sleep $((attempt_num++))
+    fi
+  done
+}
+
+#### Execution
+for HOST in $HOSTS; do
+  retry 3 deploy --skip-checks --targets "${FLAKE_ROOT}#${HOST}.${PROFILE}"
+done

packages/deploy-qois/default.nix

@@ -1,14 +0,0 @@
-{
-  deploy-rs,
-  flakeSelf,
-  writeShellApplication,
-  ...
-}:
-writeShellApplication {
-  name = "deploy-qois";
-  meta.description = "Deploy configuration to specificed targets.";
-  runtimeInputs = [ deploy-rs ];
-  text = ''
-    deploy --remote-build --skip-checks --interactive --targets "''${@:-${flakeSelf}}"
-  '';
-}

treefmt.nix

@@ -19,11 +19,13 @@
         "*.toml"
       ]
       ++ [
-        ".envrc"
-        "robots.txt"
         ".vscode/*"
         "nixos-modules/system/etc/*"
+        "private"
         "private/*"
+
+        ".envrc"
+        "robots.txt"
       ];
     formatter.jsonfmt.excludes = [ ".vscode/*.json" ];
   };

updates.md

@@ -22,13 +22,10 @@ Deploy updates:
 nix develop
 
 # Deploy vms
-deploy-qois .#lindberg-nextcloud .#lindberg-build
+auto-deploy vm
 
-# Deploy fast physical hosts
+# Deploy physical hosts
-deploy-qois .#lindberg
+auto-deploy physical
-
-# Deploy slow physical hosts (maybe do individually)
-deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#stompert .#stompert
 
 ```