From 1af2703f0198bc0089ed50417828939e077511ae Mon Sep 17 00:00:00 2001 From: Marc Coquand Date: Sat, 20 Jan 2024 21:01:12 -0600 Subject: Update git-to-deploy post with new script --- posts/git-to-deploy.njk | 51 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 36 insertions(+), 15 deletions(-) (limited to 'posts/git-to-deploy.njk') diff --git a/posts/git-to-deploy.njk b/posts/git-to-deploy.njk index 244e987..c92864c 100644 --- a/posts/git-to-deploy.njk +++ b/posts/git-to-deploy.njk @@ -15,11 +15,13 @@ machine to change the configurations. There is also little advantage to having a declarative config if I can’t reuse it elsewhere.

There are tools out there like deploy-rs -and Nixops. I found them a -bit overkill for my need, which was just to make changes to a personal -development machine, so I came up with a script to make the setup easy. -It makes use of git, and levarages hooks to validate and apply changes with a simple push. In the end, it creates a workflow similar to Heroku. Here is what the script looks like, which you can run -on a new machine with a fresh Nix installation:

+and Nixops, however I +found them a bit overkill for my need. There also seems to be a way to +use nixos-rebuild to build a change on your local machine and deploy, +which is intriguing but I don’t run nixos on my machine so it felt like +a no-go. So in the end, I came up with a script to make the setup easy. +It makes use of git, so it allows me to make my changes using a git flow +similar to Heroku. Here is what the installation script looks like:

# Start of by adding git to our configuration.nix, we will levarage this to
 # be able to easily make changes to our machine without SSH.
 sed -i 's/}/  programs.git.enable = true;\n}/g' /etc/nixos/configuration.nix
@@ -41,18 +43,37 @@ on a new machine with a fresh Nix installation:

 # Allow us to push changes to our machine and have those changes immediately reflected in the files
 git config receive.denyCurrentBranch updateInstead
 
-# Add a git hook to validate incoming changes
-echo -e '#!/bin/sh \nnixos-rebuild dry-run' > /etc/nixos/.git/hooks/pre-receive
+# Store a push-to-checkout script to variable $validate_script
+read -r -d '' validate_script <<-EOF
 
-# Make the hook executable
-chmod +x /etc/nixos/.git/hooks/pre-receive
+#!/bin/sh
+echo "Running push-to-checkout hook"
 
-# Add a git hook to apply the changes afterward
-echo -e '#!/bin/sh \nnixos-rebuild switch' > /etc/nixos/.git/hooks/post-receive
+# Get the changes made
+git read-tree -u -m HEAD "$1"
 
-# Make the hook executable
-chmod +x /etc/nixos/.git/hooks/post-receive
-

Once set up, you can clone the repo on your local computer:

+# Run a dry-build to see that it works +nixos-rebuild dry-build +result=$? +if [ $result -eq 1 ] ; then + # In case of failure, we'll undo the changes applied from read-tree + git stash --all --quiet + exit 1 +fi +exit 0 +EOF + +echo "$validate_script" > /etc/nixos/.git/hooks/push-to-checkout + +# Make the hook executable +chmod +x /etc/nixos/.git/hooks/push-to-checkout + +# Add a git hook to apply the changes afterward +echo -e '#!/bin/sh \nnixos-rebuild switch' > /etc/nixos/.git/hooks/post-receive + +# Make the hook executable +chmod +x /etc/nixos/.git/hooks/post-receive +

Once set up, you can clone the repo on your local computer

git clone root@your-machine:/etc/nixos

And if you’d like to set up a backup on Sourcehut, you can do so easily:

@@ -60,4 +81,4 @@ href="https://sourcehut.org/">Sourcehut, you can do so easily:

git push backup main

This script can be ran on a new machine. I used Nixos-infect -to setup NixOS on a VPC that I rent on Hetzner cloud.

+to setup NixOS on a VPC that I rent on Hetzner Cloud.

-- cgit v1.2.3