Compare commits
11 Commits
5e69eba537
...
dcf94ffb39
Author | SHA1 | Date | |
---|---|---|---|
dcf94ffb39 | |||
|
3d0de79926 | ||
fa712fa1c5 | |||
62dd3b7471 | |||
693ca7e925 | |||
27b449a95c | |||
02ccc58b9e | |||
1cd86cdaad | |||
31c2bf2ede | |||
9bc4ba3b77 | |||
0fb89ef74d |
@ -10,6 +10,8 @@
|
||||
colmena
|
||||
vim
|
||||
agenix
|
||||
jq
|
||||
curl
|
||||
];
|
||||
|
||||
programs.mtr.enable = true;
|
||||
|
@ -3,5 +3,5 @@
|
||||
{
|
||||
services.printing.enable = true;
|
||||
services.avahi.enable = true;
|
||||
services.avahi.nssmdns = true;
|
||||
services.avahi.nssmdns4 = true;
|
||||
}
|
||||
|
@ -212,11 +212,11 @@
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1710631334,
|
||||
"narHash": "sha256-rL5LSYd85kplL5othxK5lmAtjyMOBg390sGBTb3LRMM=",
|
||||
"lastModified": 1710806803,
|
||||
"narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c75037bbf9093a2acb617804ee46320d6d1fea5a",
|
||||
"rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -113,6 +113,7 @@
|
||||
in {
|
||||
inherit (pkgs)
|
||||
clerie-system-upgrade
|
||||
clerie-merge-nixfiles-update
|
||||
clerie-update-nixfiles
|
||||
chromium-incognito
|
||||
iot-data
|
||||
@ -122,6 +123,7 @@
|
||||
nixfiles-generate-backup-secrets
|
||||
nixfiles-generate-config
|
||||
nixfiles-update-ssh-host-keys
|
||||
print-afra
|
||||
update-from-hydra
|
||||
uptimestatus;
|
||||
});
|
||||
|
@ -11,7 +11,6 @@
|
||||
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.extraConfig = "
|
||||
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
||||
|
@ -14,7 +14,6 @@
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# boot.loader.grub.efiSupport = true;
|
||||
# boot.loader.grub.efiInstallAsRemovable = true;
|
||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
|
@ -11,7 +11,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "backup-4";
|
||||
|
@ -9,7 +9,6 @@
|
||||
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.extraConfig = "
|
||||
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
||||
|
@ -10,7 +10,6 @@
|
||||
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.extraConfig = "
|
||||
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
||||
|
@ -10,7 +10,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
|
@ -9,7 +9,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "dn42-il-gw1";
|
||||
|
@ -9,7 +9,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "dn42-il-gw5";
|
||||
|
@ -9,7 +9,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "dn42-il-gw6";
|
||||
|
@ -8,7 +8,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "dn42-ildix-clerie";
|
||||
|
@ -11,7 +11,6 @@
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# boot.loader.grub.efiSupport = true;
|
||||
# boot.loader.grub.efiInstallAsRemovable = true;
|
||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
|
@ -8,7 +8,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "gatekeeper";
|
||||
|
@ -8,7 +8,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
boot.binfmt.emulatedSystems = [
|
||||
|
@ -8,7 +8,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
boot.binfmt.emulatedSystems = [
|
||||
|
@ -26,6 +26,8 @@
|
||||
|
||||
okular
|
||||
chromium-incognito
|
||||
|
||||
print-afra
|
||||
];
|
||||
|
||||
# Wireshark
|
||||
|
@ -10,7 +10,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "mail-2";
|
||||
|
@ -15,7 +15,6 @@ in {
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "minecraft-2";
|
||||
|
@ -14,7 +14,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "monitoring-3";
|
||||
|
@ -9,7 +9,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "nonat";
|
||||
|
@ -11,7 +11,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
boot.binfmt.emulatedSystems = [
|
||||
|
@ -8,7 +8,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "porter";
|
||||
|
@ -12,7 +12,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
networking.hostName = "storage-2";
|
||||
|
@ -29,7 +29,6 @@
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.hostName = "web-2";
|
||||
|
@ -29,6 +29,7 @@ let
|
||||
in
|
||||
nameValuePair "clerie-backup-${jobName}-${targetName}" {
|
||||
requires = [ "network.target" "local-fs.target" ];
|
||||
after = [ "network.target" "local-fs.target" ];
|
||||
path = [ pkgs.restic ];
|
||||
|
||||
serviceConfig = {
|
||||
@ -63,6 +64,7 @@ let
|
||||
OnCalendar = "hourly";
|
||||
RandomizedDelaySec = "1h";
|
||||
};
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
}
|
||||
) jobTargetPairs);
|
||||
|
@ -26,7 +26,6 @@ let
|
||||
OnCalendar = "hourly";
|
||||
RandomizedDelaySec = "1h";
|
||||
};
|
||||
after = [ "network-online.target" ];
|
||||
}
|
||||
) cfg.dirs;
|
||||
|
||||
|
@ -29,6 +29,9 @@ in
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.clerie-system-auto-upgrade = {
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
|
||||
# Make sure this unit does not stop themself while upgrading
|
||||
restartIfChanged = false;
|
||||
unitConfig.X-StopOnRemoval = false;
|
||||
@ -44,6 +47,7 @@ in
|
||||
OnCalendar = if cfg.startAt == null then "*-*-* 05:37:00" else cfg.startAt;
|
||||
RandomizedDelaySec = if cfg.startAt == null then "2h" else "10m";
|
||||
};
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
13
pkgs/clerie-update-nixfiles/clerie-merge-nixfiles-update.nix
Normal file
13
pkgs/clerie-update-nixfiles/clerie-merge-nixfiles-update.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeShellApplication {
|
||||
name = "clerie-merge-nixfiles-update";
|
||||
text = builtins.readFile ./clerie-merge-nixfiles-update.sh;
|
||||
runtimeInputs = with pkgs; [
|
||||
curl
|
||||
git
|
||||
jq
|
||||
openssh
|
||||
];
|
||||
}
|
||||
|
128
pkgs/clerie-update-nixfiles/clerie-merge-nixfiles-update.sh
Executable file
128
pkgs/clerie-update-nixfiles/clerie-merge-nixfiles-update.sh
Executable file
@ -0,0 +1,128 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
xgit() {
|
||||
git -c "user.name=Flake Update Bot" -c "user.email=flake-update-bot@clerie.de" "$@"
|
||||
}
|
||||
|
||||
xgit_parent_commits() {
|
||||
xgit show -q --format="%P" "$@" | sed "s/ /\n/g"
|
||||
}
|
||||
|
||||
xgit_refs_for_commit() {
|
||||
xgit show -q --format="%D" "$@" | sed "s/, /\n/g" | sed -E "s/((.+) -> )?(.+)/\3/g"
|
||||
}
|
||||
|
||||
commit_is_head_of_branch() {
|
||||
COMMIT="$1"
|
||||
BRANCH="$2"
|
||||
xgit_refs_for_commit "${COMMIT}" | grep -E "^${BRANCH}$" > /dev/null
|
||||
}
|
||||
|
||||
no_confirm=""
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
--no-confirm)
|
||||
no_confirm=1
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
echo "unknown option: $1"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
echo "[!] Init git repo"
|
||||
xgit status > /dev/null || xgit clone gitea@git.clerie.de:clerie/nixfiles.git .
|
||||
|
||||
echo "[!] Make sure git repo is up to date"
|
||||
xgit fetch --all
|
||||
|
||||
echo "[!] Checkout master"
|
||||
xgit checkout master
|
||||
|
||||
echo "[!] Update master"
|
||||
set +e
|
||||
if ! xgit merge --ff-only origin/master; then
|
||||
echo "[!] Merging failed"
|
||||
echo "[!] Please clean up master branch and try again"
|
||||
exit 1
|
||||
fi
|
||||
set -e
|
||||
|
||||
echo "[!] Fetch git commit of last hydra run"
|
||||
echo "[!] Checking https://hydra.clerie.de/jobset/nixfiles/nixfiles-updated-inputs/latest-eval"
|
||||
GIT_REV_OF_LAST_HYDRA_RUN=$(curl --json "" -X GET -L https://hydra.clerie.de/jobset/nixfiles/nixfiles-updated-inputs/latest-eval 2> /dev/null | \
|
||||
jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")
|
||||
echo "[!] Last hydra ran from ${GIT_REV_OF_LAST_HYDRA_RUN} (https://git.clerie.de/clerie/nixfiles/commit/${GIT_REV_OF_LAST_HYDRA_RUN})"
|
||||
|
||||
echo "[!] Check if commit is current head of origin/updated-inputs"
|
||||
set +e
|
||||
if ! commit_is_head_of_branch "${GIT_REV_OF_LAST_HYDRA_RUN}" "origin/updated-inputs"; then
|
||||
echo "[!] Commit is not head of origin/updated-inputs"
|
||||
echo "[!] Hydra seem to still process the current head of origin/updated-inputs"
|
||||
exit 0
|
||||
fi
|
||||
set -e
|
||||
|
||||
echo "[!] Find out update branch"
|
||||
PARENT_COMMITS=$(xgit_parent_commits "${GIT_REV_OF_LAST_HYDRA_RUN}")
|
||||
|
||||
update_branch=
|
||||
for commit in $PARENT_COMMITS; do
|
||||
set +e
|
||||
if update_branch=$(xgit_refs_for_commit "${commit}" | sort -d | grep -E "^origin/updated-inputs-.+$" | head -1); then
|
||||
break
|
||||
fi
|
||||
set -e
|
||||
done
|
||||
|
||||
if [[ -z "$update_branch" ]]; then
|
||||
echo "[!] No update branch found"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "[!] Update branch $update_branch"
|
||||
|
||||
echo "[!] Check if update branch forks from current master"
|
||||
contains_current_master_head=
|
||||
for commit in $(git rev-list "${update_branch}"); do
|
||||
set +e
|
||||
if xgit_refs_for_commit "${commit}" | sort -d | grep -E "^master$" | head -1 > /dev/null; then
|
||||
contains_current_master_head=1
|
||||
break
|
||||
fi
|
||||
set -e
|
||||
done
|
||||
|
||||
if [[ -z "$contains_current_master_head" ]]; then
|
||||
echo "[!] ${update_branch} does not contain the current master head"
|
||||
echo "[!] Cannot merge ${update_branch}"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "[!] ${update_branch} can be merged into master"
|
||||
|
||||
merge_diff=$(xgit diff --color master "${update_branch}")
|
||||
|
||||
if [[ -z $merge_diff ]]; then
|
||||
echo "[!] Nothing changes, nothing to merge"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "${merge_diff}"
|
||||
|
||||
if [[ -z $no_confirm ]]; then
|
||||
read -e -r -p "[?] Merge ${update_branch} into master?" confirm
|
||||
echo "$confirm" > /dev/null
|
||||
fi
|
||||
|
||||
echo "[!] Merging ${update_branch} into master"
|
||||
|
||||
xgit merge --ff-only "${update_branch}"
|
||||
|
||||
|
||||
echo "[!] Merge successful"
|
@ -1,5 +1,6 @@
|
||||
final: prev: {
|
||||
clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
|
||||
clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
|
||||
clerie-update-nixfiles = final.callPackage ./clerie-update-nixfiles/clerie-update-nixfiles.nix {};
|
||||
chromium-incognito = final.callPackage ./chromium-incognito {};
|
||||
iot-data = final.python3.pkgs.callPackage ./iot-data {};
|
||||
@ -9,6 +10,7 @@ final: prev: {
|
||||
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
|
||||
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
||||
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||
print-afra = final.callPackage ./print-afra {};
|
||||
update-from-hydra = final.callPackage ./update-from-hydra {};
|
||||
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
|
||||
}
|
||||
|
11
pkgs/print-afra/default.nix
Normal file
11
pkgs/print-afra/default.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeShellApplication {
|
||||
name = "print-afra";
|
||||
text = ''
|
||||
cat "$@" | nc -N 172.23.42.215 9100
|
||||
'';
|
||||
runtimeInputs = with pkgs; [
|
||||
netcat
|
||||
];
|
||||
}
|
Loading…
Reference in New Issue
Block a user