laksdaladsdsalkjdsalkjdsalkj
This commit is contained in:
parent
feb9d41ce1
commit
824e57739e
2
.envrc
2
.envrc
|
@ -1,3 +1,5 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
git config --local core.hooksPath "$PWD"/.githooks
|
||||||
if ! command -v nixos-rebuild >/dev/null; then
|
if ! command -v nixos-rebuild >/dev/null; then
|
||||||
use nix
|
use nix
|
||||||
fi
|
fi
|
||||||
|
|
31
README.md
31
README.md
|
@ -15,6 +15,8 @@
|
||||||
* [x] Make a flake
|
* [x] Make a flake
|
||||||
* [x] merge hosted docs into a single subdomain
|
* [x] merge hosted docs into a single subdomain
|
||||||
* [ ] pre-commit hook with 'nix eval ...outPath'
|
* [ ] pre-commit hook with 'nix eval ...outPath'
|
||||||
|
* [ ] use `nom` when deploying
|
||||||
|
* [ ] figure out how to reuse system flake lock while deplying, leave the night job to upgrade
|
||||||
* [ ] Setup some remote-development and deploy flow
|
* [ ] Setup some remote-development and deploy flow
|
||||||
* [ ] users/pbsds: Support multiple profiles, like headless, nixpkgs-dev, various desktops, hpc, pvv, etc
|
* [ ] users/pbsds: Support multiple profiles, like headless, nixpkgs-dev, various desktops, hpc, pvv, etc
|
||||||
* [ ] nixos-generate-config instructions for new hosts
|
* [ ] nixos-generate-config instructions for new hosts
|
||||||
|
@ -38,8 +40,35 @@
|
||||||
|
|
||||||
# Cheatsheet
|
# Cheatsheet
|
||||||
|
|
||||||
|
### How to deploy
|
||||||
|
|
||||||
|
Via git, build on remote:
|
||||||
|
|
||||||
|
ssh -t HOST sudo nixos-rebuild test --flake git+ssh://git@github.com/pbsds/nix-dotfiles.git --recreate-lock-file --no-write-lock-file
|
||||||
|
|
||||||
|
From local checkout to remote where you're not a trusted user, build on remote:
|
||||||
|
|
||||||
|
tar cf - --directory="$(nix eval --raw .#inputs.self.outPath)" . | ssh bolle.pbsds.net -- bash -xc '"cd $(mktemp -d); pwd; tar xf - && nixos-rebuild test . \"\$@\""' -- --recreate-lock-file --no-write-lock-file
|
||||||
|
|
||||||
|
.. wait doesn't that litter `/tmp` or `/run/user/.../tmp`?
|
||||||
|
|
||||||
|
¯\_(ツ)_/¯
|
||||||
|
|
||||||
|
From local checkout to remote if local nix daemon has ssh keys, then build on remote:
|
||||||
|
|
||||||
|
nix copy --from "$(nix eval .#inputs.self.outPath)" --to TODO
|
||||||
|
|
||||||
|
Build locally, copy to remote
|
||||||
|
|
||||||
|
TODO
|
||||||
|
|
||||||
|
* https://nixos.wiki/wiki/Nixos-rebuild
|
||||||
|
* https://www.haskellforall.com/2023/01/announcing-nixos-rebuild-new-deployment.html
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### How to evaluate nixos flake/configuration.nix, checking if the drv hash is equal
|
### How to evaluate nixos flake/configuration.nix, checking if the drv hash is equal
|
||||||
|
|
||||||
nix eval .#nixosConfigurations.noximilien.config.system.build.toplevel.outPath
|
nix eval .#nixosConfigurations.noximilien.config.system.build.toplevel.outPath
|
||||||
# or
|
# old way:
|
||||||
nix-instantiate '<nixpkgs/nixos>' -A system -I nixos-config=./configuration.nix
|
nix-instantiate '<nixpkgs/nixos>' -A system -I nixos-config=./configuration.nix
|
||||||
|
|
2
base.nix
2
base.nix
|
@ -28,6 +28,8 @@
|
||||||
# { assertion = builtins.pathExists "/etc/nixos/flake.nix"; message = "You have yet to test systems without a flake in /etc/nixos"; }
|
# { assertion = builtins.pathExists "/etc/nixos/flake.nix"; message = "You have yet to test systems without a flake in /etc/nixos"; }
|
||||||
#];
|
#];
|
||||||
/**/
|
/**/
|
||||||
|
# TODO: make /etc/nixos a symlink to the in-store flake? - bad idea, horrible error recovery
|
||||||
|
# TODO: make /etc/nixos a checkout of repo?
|
||||||
system.autoUpgrade.flake = inputs.self.outPath; # a nix store path
|
system.autoUpgrade.flake = inputs.self.outPath; # a nix store path
|
||||||
#system.autoUpgrade.flake = "github:pbsds/nix-config"; # TODO: use this instead?
|
#system.autoUpgrade.flake = "github:pbsds/nix-config"; # TODO: use this instead?
|
||||||
system.autoUpgrade.flags = [
|
system.autoUpgrade.flags = [
|
||||||
|
|
|
@ -67,6 +67,7 @@
|
||||||
})];
|
})];
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
|
inherit inputs;
|
||||||
nixosConfigurations.noximilien = mkConfig "noximilien" "x86_64-linux" (with nixos-hardware.nixosModules; [ common-pc common-pc-ssd common-cpu-intel ]);
|
nixosConfigurations.noximilien = mkConfig "noximilien" "x86_64-linux" (with nixos-hardware.nixosModules; [ common-pc common-pc-ssd common-cpu-intel ]);
|
||||||
nixosConfigurations.bolle = mkConfig "bolle" "x86_64-linux" (with nixos-hardware.nixosModules; [ common-pc common-pc-ssd common-cpu-intel ]);
|
nixosConfigurations.bolle = mkConfig "bolle" "x86_64-linux" (with nixos-hardware.nixosModules; [ common-pc common-pc-ssd common-cpu-intel ]);
|
||||||
homeConfigurations = forAllSystems (system: {
|
homeConfigurations = forAllSystems (system: {
|
||||||
|
|
|
@ -7,9 +7,9 @@
|
||||||
|
|
||||||
nixpkgs.config.openglSupport = true; # why is this not set by hardware.opengl.enable ?
|
nixpkgs.config.openglSupport = true; # why is this not set by hardware.opengl.enable ?
|
||||||
nixpkgs.config.vaapiSupport = true;
|
nixpkgs.config.vaapiSupport = true;
|
||||||
nixpkgs.config.libmfxSupport = true; # intel
|
|
||||||
nixpkgs.config.libaomSupport = true;
|
nixpkgs.config.libaomSupport = true;
|
||||||
nixpkgs.config.vdpauSupport = true; # intel
|
nixpkgs.config.vdpauSupport = true; # intel
|
||||||
|
nixpkgs.config.libmfxSupport = true; # intel
|
||||||
|
|
||||||
hardware.opengl.enable = true;
|
hardware.opengl.enable = true;
|
||||||
#hardware.opengl.extraPackages = [ pkgs.mesa.drivers ];
|
#hardware.opengl.extraPackages = [ pkgs.mesa.drivers ];
|
||||||
|
|
|
@ -14,6 +14,8 @@
|
||||||
|
|
||||||
../../hardware/opengl-intel.nix
|
../../hardware/opengl-intel.nix
|
||||||
|
|
||||||
|
../../profiles/tmate-server # opens port 442244
|
||||||
|
|
||||||
../../profiles/web
|
../../profiles/web
|
||||||
../../profiles/web/index
|
../../profiles/web/index
|
||||||
../../profiles/web/services/cinny
|
../../profiles/web/services/cinny
|
||||||
|
|
|
@ -6,10 +6,22 @@ let
|
||||||
# - "benchmark" - has "equal" performance
|
# - "benchmark" - has "equal" performance
|
||||||
# - "big-parallel" - is beefy, for stuff like llvm
|
# - "big-parallel" - is beefy, for stuff like llvm
|
||||||
|
|
||||||
# TODO: get a binfmt-misc host for cross stuff
|
|
||||||
# add noximilien, filter (hostName != fqdn)
|
|
||||||
|
|
||||||
remotes = [
|
remotes = [
|
||||||
|
/** /
|
||||||
|
{
|
||||||
|
systems = [ "x86_64-linux" ];
|
||||||
|
hostName = "bolle.pbsds.net";
|
||||||
|
sshUser = "pbsds";
|
||||||
|
maxJobs = 16;
|
||||||
|
#maxJobs = 1; # at least for big-parallel
|
||||||
|
speedFactor = 2;
|
||||||
|
supportedFeatures = [ "kvm" "big-parallel" "nixos-test" ];
|
||||||
|
#mandatoryFeatures = [ ];
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBHdkKmRB0WjD3L+k8GNTVJDLpOUqLBMW17ld/Jzapo6";
|
||||||
|
proxy.user="pederbs";
|
||||||
|
proxy.host="isvegg.pvv.ntnu.no";
|
||||||
|
proxy.publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
|
||||||
|
}
|
||||||
/**/
|
/**/
|
||||||
{
|
{
|
||||||
systems = ["x86_64-linux"];
|
systems = ["x86_64-linux"];
|
||||||
|
@ -18,9 +30,8 @@ let
|
||||||
maxJobs = 8;
|
maxJobs = 8;
|
||||||
#maxJobs = 4;
|
#maxJobs = 4;
|
||||||
#maxJobs = 1; # at least for big-parallel
|
#maxJobs = 1; # at least for big-parallel
|
||||||
speedFactor = 2;
|
speedFactor = 3;
|
||||||
supportedFeatures = [ "kvm" "big-parallel" ];
|
supportedFeatures = [ "kvm" "big-parallel" ];
|
||||||
#supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
||||||
#mandatoryFeatures = [ ];
|
#mandatoryFeatures = [ ];
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we";
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDuWdqEQ5mmVjuKi6f/Q2PFxuqB3URpgTHid06Vw7we";
|
||||||
proxy.user="pederbs";
|
proxy.user="pederbs";
|
||||||
|
@ -32,7 +43,7 @@ let
|
||||||
systems = ["x86_64-linux"];
|
systems = ["x86_64-linux"];
|
||||||
hostName = "isvegg.pvv.ntnu.no";
|
hostName = "isvegg.pvv.ntnu.no";
|
||||||
sshUser = "pederbs";
|
sshUser = "pederbs";
|
||||||
maxJobs = 1;
|
maxJobs = 2;
|
||||||
speedFactor = 0;
|
speedFactor = 0;
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
|
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
|
||||||
}
|
}
|
||||||
|
@ -65,6 +76,7 @@ let
|
||||||
in {
|
in {
|
||||||
nix.buildMachines = [ buildMachine ];
|
nix.buildMachines = [ buildMachine ];
|
||||||
programs.ssh.knownHosts.${buildMachine.hostName}.publicKey = publicKey;
|
programs.ssh.knownHosts.${buildMachine.hostName}.publicKey = publicKey;
|
||||||
|
# the timeout is great to have when a remote is unresponsive, as nix currently does not give a shit
|
||||||
programs.ssh.extraConfig = ''
|
programs.ssh.extraConfig = ''
|
||||||
Host ${buildMachine.hostName}
|
Host ${buildMachine.hostName}
|
||||||
ConnectTimeout 3
|
ConnectTimeout 3
|
||||||
|
|
Loading…
Reference in New Issue