ops/nixos: add better support for specialisations

This commit is contained in:
Luke Granger-Brown 2021-12-31 23:51:09 +00:00
parent 060f2cf96b
commit f35a79444c
3 changed files with 29 additions and 10 deletions

View file

@ -11,6 +11,11 @@ in
{ {
imports = [ ../../../third_party/home-manager/nixos ]; imports = [ ../../../third_party/home-manager/nixos ];
options.my.specialisationName = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
options.my.rundeck.hostname = lib.mkOption { options.my.rundeck.hostname = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = config.networking.fqdn; default = config.networking.fqdn;
@ -213,24 +218,30 @@ in
text = '' text = ''
test -d /run/prometheus-textfile-exports || mkdir /run/prometheus-textfile-exports test -d /run/prometheus-textfile-exports || mkdir /run/prometheus-textfile-exports
my_version_string="$(cat "$systemConfig/nixos-version")" my_version_string="$(cat "$systemConfig/nixos-version")"
my_hash_string="$(readlink -f "$systemConfig" | grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')" my_hash_string="$(readlink -f "$systemConfig" | ${pkgs.gnugrep}/bin/grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')"
echo "nixos_running_system{version=\"$my_version_string\", hash=\"$my_hash_string\"} 1" > /run/prometheus-textfile-exports/running_system.prom my_specialisation="$(cat "$systemConfig/specialisation-name" 2>/dev/null || true)"
echo "nixos_running_system{version=\"$my_version_string\", hash=\"$my_hash_string\", specialisation=\"$my_specialisation\"} 1" > /run/prometheus-textfile-exports/running_system.prom
my_version_string="$(cat "/run/booted-system/nixos-version")" my_version_string="$(cat "/run/booted-system/nixos-version")"
my_hash_string="$(readlink -f "/run/booted-system" | grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')" my_hash_string="$(readlink -f "/run/booted-system" | ${pkgs.gnugrep}/bin/grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')"
echo "nixos_booted_system{version=\"$my_version_string\", hash=\"$my_hash_string\"} 1" > /run/prometheus-textfile-exports/booted_system.prom my_specialisation="$(cat "/run/booted-system/specialisation-name" 2>/dev/null || true)"
echo "nixos_booted_system{version=\"$my_version_string\", hash=\"$my_hash_string\", specialisation=\"$my_specialisation\"} 1" > /run/prometheus-textfile-exports/booted_system.prom
''; '';
}; };
boot.postBootCommands = lib.mkAfter '' boot.postBootCommands = lib.mkAfter ''
test -d /run/prometheus-textfile-exports || mkdir /run/prometheus-textfile-exports test -d /run/prometheus-textfile-exports || mkdir /run/prometheus-textfile-exports
my_version_string="$(cat "/run/booted-system/nixos-version")" my_version_string="$(cat "/run/booted-system/nixos-version")"
my_hash_string="$(readlink -f "/run/booted-system" | grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')" my_hash_string="$(readlink -f "/run/booted-system" | ${pkgs.gnugrep}/bin/grep -Eo '\b[0-9a-df-np-sv-z]{32}\b')"
echo "nixos_booted_system{version=\"$my_version_string\", hash=\"$my_hash_string\"} 1" > /run/prometheus-textfile-exports/booted_system.prom my_specialisation="$(cat "/run/booted-system/specialisation-name" 2>/dev/null || true)"
echo "nixos_booted_system{version=\"$my_version_string\", hash=\"$my_hash_string\", specialisation=\"$my_specialisation\"} 1" > /run/prometheus-textfile-exports/booted_system.prom
'';
system.extraSystemBuilderCmds = lib.mkAfter ''
echo "${if config.my.specialisationName == null then "" else config.my.specialisationName}" > $out/specialisation-name
''; '';
system.nixos.tags = lib.mkBefore [ system.nixos.tags = lib.mkBefore ([
depot.version depot.version
]; ] ++ lib.optional (config.my.specialisationName != null) "specialisation-${config.my.specialisationName}");
services.nginx = { services.nginx = {
recommendedTlsSettings = true; recommendedTlsSettings = true;

View file

@ -14,7 +14,14 @@ pkgs.writeShellScriptBin "rebuilder" ''
export AWS_ACCESS_KEY_ID="${depot.ops.secrets.nixCache.AWS_ACCESS_KEY_ID}" export AWS_ACCESS_KEY_ID="${depot.ops.secrets.nixCache.AWS_ACCESS_KEY_ID}"
export AWS_SECRET_ACCESS_KEY="${depot.ops.secrets.nixCache.AWS_SECRET_ACCESS_KEY}" export AWS_SECRET_ACCESS_KEY="${depot.ops.secrets.nixCache.AWS_SECRET_ACCESS_KEY}"
current_specialisation="$(cat /run/current-system/specialisation-name 2>/dev/null)"
specialisation_path=""
if [[ ! -z "$current_specialisation" ]]; then
specialisation_path="specialisation/$current_specialisation/"
fi
system="$(nix-build --option substituters "https://cache.nixos.org s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1" -E "(import $DEPOT_PATH {}).ops.nixos.${system}" --no-out-link)" system="$(nix-build --option substituters "https://cache.nixos.org s3://lukegb-nix-cache?endpoint=storage.googleapis.com&trusted=1" -E "(import $DEPOT_PATH {}).ops.nixos.${system}" --no-out-link)"
nix-env -p /nix/var/nix/profiles/system --set "$system" nix-env -p /nix/var/nix/profiles/system --set "$system"
"$system/bin/switch-to-configuration" switch "$system/''${specialisation_path}bin/switch-to-configuration" test
'' "$system/bin/switch-to-configuration" boot
''

View file

@ -161,6 +161,7 @@ in {
services.xserver.windowManager.i3.enable = true; services.xserver.windowManager.i3.enable = true;
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
specialisation.intelGraphics.configuration = { specialisation.intelGraphics.configuration = {
my.specialisationName = "intelGraphics";
services.xserver.videoDrivers = lib.mkForce [ "intel" ]; services.xserver.videoDrivers = lib.mkForce [ "intel" ];
}; };
services.xserver.displayManager.gdm = { services.xserver.displayManager.gdm = {