nixin-krops/krops.nix

let
  krops = builtins.fetchGit {
    url = "https://cgit.krebsco.de/krops/";
  };
  lib = import "${krops}/lib";
  pkgs = import "${krops}/pkgs" {};
  importJson = (import <nixpkgs> {}).lib.importJSON;

  source = name: lib.evalSource [
    {
      config.file  = toString ./config/${name};
      modules.file = toString ./modules;
      nixos-config.symlink = "config/configuration.nix";
      secrets.pass = {
        dir  = toString ~/.password-store/nixin-password-store/krops;
        name = "${name}";
      };
      nixpkgs.git = {
        ref = (importJson ./nixpkgs.json).rev;
        url = https://github.com/NixOS/nixpkgs;
        shallow = true;
      };
    }
  ];

  arachnide = pkgs.krops.writeDeploy "deploy-server-arachnide" {
    source = source "arachnide";
    target = lib.mkTarget "douzeb@192.168.36.9" // {
      port = "144";
      sudo = true;
    };
    # only build the configuration and do not activate it for now (could also use writeTest instead of writeDeploy for doing that)
    # operation = "build";
  };

  dromadaire = pkgs.krops.writeDeploy "deploy-server-dromadaire" {
    source = source "dromadaire";
    target = "root@192.168.36.6";
  };

  register-runner = pkgs.krops.writeCommand "register-forgejo-runner" {
    source = source "arachnide";
    target = lib.mkTarget "douzeb@192.168.36.9" // {
      port = "144";
      sudo = true;
    };
    command = targetPath: ''
      forgejo forgejo-cli actions register --name local-runner --secret $(head -n 1 /var/src/secrets/forgejo-runner-secret)      
    '';
  };

  gen-runner-token = pkgs.krops.writeCommand "generate-forgejo-runner-token" {
    source = source "arachnide";
    target = lib.mkTarget "douzeb@192.168.36.9" // {
      port = "144";
      sudo = true;
    };
    command = targetPath: ''
      mkdir -p /etc/forgejo
      echo "TOKEN=$(forgejo forgejo-cli actions generate-runner-token)" > /etc/forgejo/runner.token
      cat /etc/forgejo/runner.token
    '';
  };

in {
  arachnide = arachnide;
  dromadaire = dromadaire;
  all = pkgs.writeScript "deploy-all-servers"
    (lib.concatStringsSep "\n" [ arachnide dromadaire ]);
  register-runner = register-runner;
  gen-runner-token = gen-runner-token;
}
first version 2024-12-18 21:54:04 +00:00			`let`
			`krops = builtins.fetchGit {`
			`url = "https://cgit.krebsco.de/krops/";`
			`};`
			`lib = import "${krops}/lib";`
			`pkgs = import "${krops}/pkgs" {};`
pre-fetch nixpkgs revision hash 2024-12-19 10:07:32 +00:00			`importJson = (import <nixpkgs> {}).lib.importJSON;`
first version 2024-12-18 21:54:04 +00:00
			`source = name: lib.evalSource [`
			`{`
			`config.file = toString ./config/${name};`
			`modules.file = toString ./modules;`
			`nixos-config.symlink = "config/configuration.nix";`
			`secrets.pass = {`
			`dir = toString ~/.password-store/nixin-password-store/krops;`
			`name = "${name}";`
			`};`
			`nixpkgs.git = {`
pre-fetch nixpkgs revision hash 2024-12-19 10:07:32 +00:00			`ref = (importJson ./nixpkgs.json).rev;`
			`url = https://github.com/NixOS/nixpkgs;`
do a shallow clone of nixpkgs to save space (476M instead of 5,2G) 2024-12-19 10:31:06 +00:00			`shallow = true;`
first version 2024-12-18 21:54:04 +00:00			`};`
			`}`
			`];`

			`arachnide = pkgs.krops.writeDeploy "deploy-server-arachnide" {`
			`source = source "arachnide";`
			`target = lib.mkTarget "douzeb@192.168.36.9" // {`
			`port = "144";`
			`sudo = true;`
			`};`
			`# only build the configuration and do not activate it for now (could also use writeTest instead of writeDeploy for doing that)`
activate configuration for arachnide server 2024-12-19 12:57:13 +00:00			`# operation = "build";`
first version 2024-12-18 21:54:04 +00:00			`};`

			`dromadaire = pkgs.krops.writeDeploy "deploy-server-dromadaire" {`
			`source = source "dromadaire";`
			`target = "root@192.168.36.6";`
			`};`

add forgejo runner to arachnide server 2024-12-20 23:28:35 +00:00			`register-runner = pkgs.krops.writeCommand "register-forgejo-runner" {`
			`source = source "arachnide";`
			`target = lib.mkTarget "douzeb@192.168.36.9" // {`
			`port = "144";`
			`sudo = true;`
			`};`
			`command = targetPath: ''`
			`forgejo forgejo-cli actions register --name local-runner --secret $(head -n 1 /var/src/secrets/forgejo-runner-secret)`
			`'';`
			`};`

			`gen-runner-token = pkgs.krops.writeCommand "generate-forgejo-runner-token" {`
			`source = source "arachnide";`
			`target = lib.mkTarget "douzeb@192.168.36.9" // {`
			`port = "144";`
			`sudo = true;`
			`};`
			`command = targetPath: ''`
			`mkdir -p /etc/forgejo`
			`echo "TOKEN=$(forgejo forgejo-cli actions generate-runner-token)" > /etc/forgejo/runner.token`
			`cat /etc/forgejo/runner.token`
			`'';`
			`};`

first version 2024-12-18 21:54:04 +00:00			`in {`
			`arachnide = arachnide;`
			`dromadaire = dromadaire;`
			`all = pkgs.writeScript "deploy-all-servers"`
			`(lib.concatStringsSep "\n" [ arachnide dromadaire ]);`
add forgejo runner to arachnide server 2024-12-20 23:28:35 +00:00			`register-runner = register-runner;`
			`gen-runner-token = gen-runner-token;`
first version 2024-12-18 21:54:04 +00:00			`}`