WIP: Create script to deploy in CI

deploy/README.md

@@ -4,21 +4,14 @@ Note that you have to be connected to the `vpn.qo.is`
 (or execute the deployment from a host that is in the `backplane.net.qo.is` overlay network)
 and that you need to have SSH root access to the target machines.
 
-## Deploy system categories
-
-This is also used in CI.
-
-```bash
-
-auto-deploy vm
-auto-deploy physical
-```
-
 ## Deploy to selected target hosts
 
 ```bash
-nix develop
+nix run .#deploy-qois .#<hostname>.system .#<hostname2>.system
-
+```
-deploy --skip-checks .#cyprianspitz.system-physical
+
-deploy --skip-checks .#lindberg-build.system-vm
+## Deploy with extended timeouts (sometimes required for slow APU devices)
+
+```bash
+nix run .#deploy-qois  .#calanda.system -- --confirm-timeout 600 --activation-timeout 600
 ```

dev-shells/default.nix

@@ -29,9 +29,10 @@ in
       pre-commit-check.enabledPackages
       ++ [ vscodium-with-extensions ]
       ++ (with self.packages.${system}; [
+        deploy-qois
         sops
         sops-rekey
-        auto-deploy
+        auto-deploy-vms
       ])
       ++ (with pkgs; [
         attic-client

packages/auto-deploy-vms/default.nix

@@ -0,0 +1,46 @@
+{
+  deploy-rs,
+  gitMinimal,
+  writeShellApplication,
+  ...
+}:
+writeShellApplication {
+  name = "qois-auto-deploy-vms";
+  meta.description = "Deploy VMs automatically as part of CI process.";
+  runtimeInputs = [
+    deploy-rs
+    gitMinimal
+  ];
+  text = ''
+    set -x
+    FLAKE_ROOT="$(git rev-parse --show-toplevel)"
+    export PROFILE="system-vm"
+    # shellcheck disable=SC2016
+    HOSTS=$(nix eval --raw .#deploy.nodes --apply 'nodes: let
+        names = builtins.attrNames nodes;
+        profile = "$PROFILE";
+        filteredNames = builtins.filter (name: nodes.''${name}.profiles ? ''${profile}) names;
+      in
+      builtins.concatStringsSep "\n" filteredNames')
+
+      retry() {
+          local -r -i max_attempts="$1"; shift
+          local -i attempt_num=1
+          until "$@"
+          do
+              if ((attempt_num==max_attempts))
+              then
+                  echo "Attempt $attempt_num failed and there are no more attempts left!"
+                  return 1
+              else
+                  echo "Attempt $attempt_num failed! Trying again in $attempt_num seconds..."
+                  sleep $((attempt_num++))
+              fi
+          done
+      }
+
+    for HOST in $HOSTS; do
+      retry 3 deploy --skip-checks --targets "$FLAKE_ROOT#''${HOST}.system-vm"
+    done
+  '';
+}

packages/auto-deploy/default.nix

@@ -1,16 +0,0 @@
-{
-  deploy-rs,
-  gitMinimal,
-  writeShellApplication,
-  lib,
-  ...
-}:
-writeShellApplication {
-  name = "auto-deploy";
-  meta.description = "Deploy machines automatically.";
-  runtimeInputs = [
-    deploy-rs
-    gitMinimal
-  ];
-  text = lib.readFile ./script.bash;
-}

packages/auto-deploy/script.bash

@@ -1,45 +0,0 @@
-#!/usr/bin/env bash
-
-#### Environment
-FLAKE_ROOT="$(git rev-parse --show-toplevel)"
-
-export PROFILE=""
-case "${1:-''}" in
-vm | physical)
-  PROFILE="system-$1"
-  ;;
-*)
-  echo "🛑 Error: Please use 'vm' or 'physical' as first parameter."
-  exit 1
-  ;;
-esac
-
-HOSTS=$(nix eval --raw "$FLAKE_ROOT"#deploy.nodes --apply "
-   nodes: let
-     inherit (builtins) attrNames filter concatStringsSep;
-     names = attrNames nodes;
-     profile = \"$PROFILE\";
-     filteredNames = filter (name: nodes.\${name}.profiles ? \${profile}) names;
-   in concatStringsSep \"\\n\" filteredNames
-")
-
-#### Helpers
-retry() {
-  local -r -i max_attempts="$1"
-  shift
-  local -i attempt_num=1
-  until "$@"; do
-    if ((attempt_num == max_attempts)); then
-      echo "⚠️ Warning: Attempt $attempt_num failed and there are no more attempts left!"
-      return 1
-    else
-      echo "⚠️ Attempt $attempt_num failed! Trying again in $attempt_num seconds..."
-      sleep $((attempt_num++))
-    fi
-  done
-}
-
-#### Execution
-for HOST in $HOSTS; do
-  retry 3 deploy --skip-checks --targets "${FLAKE_ROOT}#${HOST}.${PROFILE}"
-done

packages/deploy-qois/default.nix

@@ -0,0 +1,14 @@
+{
+  deploy-rs,
+  flakeSelf,
+  writeShellApplication,
+  ...
+}:
+writeShellApplication {
+  name = "deploy-qois";
+  meta.description = "Deploy configuration to specificed targets.";
+  runtimeInputs = [ deploy-rs ];
+  text = ''
+    deploy --remote-build --skip-checks --interactive --targets "''${@:-${flakeSelf}}"
+  '';
+}

treefmt.nix

@@ -19,13 +19,11 @@
         "*.toml"
       ]
       ++ [
-        ".vscode/*"
-        "nixos-modules/system/etc/*"
-        "private"
-        "private/*"
-
         ".envrc"
         "robots.txt"
+        ".vscode/*"
+        "nixos-modules/system/etc/*"
+        "private/*"
       ];
     formatter.jsonfmt.excludes = [ ".vscode/*.json" ];
   };

updates.md

@@ -22,10 +22,13 @@ Deploy updates:
 nix develop
 
 # Deploy vms
-auto-deploy vm
+deploy-qois .#lindberg-nextcloud .#lindberg-build
 
-# Deploy physical hosts
+# Deploy fast physical hosts
-auto-deploy physical
+deploy-qois .#lindberg
+
+# Deploy slow physical hosts (maybe do individually)
+deploy-qois --confirm-timeout 600 --activation-timeout 600 --targets .#stompert .#stompert
 
 ```