This commit is contained in:
Peder Bergebakken Sundt 2023-03-03 21:57:37 +01:00
parent 824e57739e
commit f923e028af
5 changed files with 27 additions and 3 deletions

View File

@ -42,13 +42,19 @@
### How to deploy
Build locally, deploy on local, with `nom`:
sudo true && sudo nixos-rebuild test --flake . --recreate-lock-file --no-write-lock-file |& nom
Via git, build on remote:
ssh -t HOST sudo nixos-rebuild test --flake git+ssh://gitea@gitea.noximilien.pbsds.net/pbsds/nix-config.git --recreate-lock-file --no-write-lock-file
# or
ssh -t HOST sudo nixos-rebuild test --flake git+ssh://git@github.com/pbsds/nix-dotfiles.git --recreate-lock-file --no-write-lock-file
From local checkout to remote where you're not a trusted user, build on remote:
tar cf - --directory="$(nix eval --raw .#inputs.self.outPath)" . | ssh bolle.pbsds.net -- bash -xc '"cd $(mktemp -d); pwd; tar xf - && nixos-rebuild test . \"\$@\""' -- --recreate-lock-file --no-write-lock-file
tar cf - --directory="$(nix eval --raw .#inputs.self.outPath)" . | ssh -tt HOST -- bash -c '"set -x; cd $(mktemp -d); tar xf - && nixos-rebuild test --flake . \"\$@\""' -- --print-build-logs --recreate-lock-file --no-write-lock-file
.. wait doesn't that litter `/tmp` or `/run/user/.../tmp`?

View File

@ -30,6 +30,7 @@
/**/
# TODO: make /etc/nixos a symlink to the in-store flake? - bad idea, horrible error recovery
# TODO: make /etc/nixos a checkout of repo?
# TODO: update only nixpkgs and unstable
system.autoUpgrade.flake = inputs.self.outPath; # a nix store path
#system.autoUpgrade.flake = "github:pbsds/nix-config"; # TODO: use this instead?
system.autoUpgrade.flags = [

View File

@ -14,7 +14,7 @@
../../hardware/opengl-intel.nix
../../profiles/tmate-server # opens port 442244
../../profiles/tmate-server # opens port 42244
../../profiles/web
../../profiles/web/index

View File

@ -0,0 +1,9 @@
{ config, ... }:
{
services.tmate-ssh-server = {
enable = true;
host = config.networking.fqdn;
port = 42244;
openFirewall = true;
};
}

View File

@ -288,6 +288,14 @@
];
/**/
# generated with `tmate-client-config` on noximilien
home.file.".tmate.conf".text = ''
set -g tmate-server-host "noximilien.pbsds.net"
set -g tmate-server-port 42244
set -g tmate-server-ed25519-fingerprint "SHA256:/e9EGMfvC+8gbaNiCoFbl87Pps7e/V+2pOSjEpMDdfA"
set -g tmate-server-rsa-fingerprint "SHA256:UzoAW9TynFQZDINgDiS+G06SmYcIX/ObI1zL19PpKEE"
'';
programs.nix-index.enable = true;
programs.tealdeer.enable = true;