mirror of
https://github.com/kmein/niveum
synced 2026-03-16 10:11:08 +01:00
41 lines
1.2 KiB
Nix
41 lines
1.2 KiB
Nix
{ pkgs, secrets, writeCommand, lib, nixosRebuildCommand ? "switch" }:
|
|
let
|
|
sshPort = 22022;
|
|
|
|
# command that ensures we use flake.nix during switch
|
|
command = targetPath:
|
|
let
|
|
commandLine = "TMPDIR=/tmp nixos-rebuild ${nixosRebuildCommand} --flake ${targetPath} -L --keep-going";
|
|
in
|
|
''
|
|
echo '${commandLine}'
|
|
nix-shell \
|
|
-E "with import <nixpkgs> {}; mkShell { buildInputs = [ git (nixos { nix.package = nixFlakes; }).nixos-rebuild ]; }" \
|
|
--run '${commandLine}'
|
|
'';
|
|
|
|
source = name: {
|
|
niveum.file = toString ./.;
|
|
system-secrets.pass = {
|
|
dir = secrets;
|
|
name = "systems/${name}";
|
|
};
|
|
secrets.pass = {
|
|
dir = secrets;
|
|
name = "shared";
|
|
};
|
|
};
|
|
|
|
deploy = {name, host}: writeCommand "/bin/system" {
|
|
source = lib.evalSource [ (source name) ];
|
|
force = true;
|
|
target = lib.mkTarget "root@${host}:${toString sshPort}/var/krops/niveum";
|
|
inherit command;
|
|
};
|
|
in {
|
|
zaatar = deploy { name = "zaatar"; host = "zaatar.r"; };
|
|
kabsa = deploy { name = "kabsa"; host = "kabsa.r"; };
|
|
manakish = deploy { name = "manakish"; host = "manakish.r"; };
|
|
makanek = deploy { name = "makanek"; host = "makanek.r"; };
|
|
}
|