nixos/deploy-rs: Show container unit log while deploying

2022-06-10 22:14:42 +01:00 · 2022-06-10 22:14:42 +01:00 · 3edb54fef6
commit 3edb54fef6
parent 30c8913c08
3 changed files with 98 additions and 2 deletions
--- a/nixos/boxes/colony/vms/shill/containers/chatterbox.nix
+++ b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix
@ -0,0 +1,64 @@
+{ lib, ... }: {
+  nixos.systems.chatterbox = {
+    system = "x86_64-linux";
+    nixpkgs = "mine";
+
+    assignments = {
+      internal = {
+        name = "chatterbox-ctr";
+        domain = lib.my.colony.domain;
+        ipv4.address = "${lib.my.colony.start.ctrs.v4}5";
+        ipv6 = {
+          iid = "::5";
+          address = "${lib.my.colony.start.ctrs.v6}5";
+        };
+      };
+    };
+
+    configuration = { lib, pkgs, config, assignments, ... }:
+    let
+      inherit (lib) mkMerge mkIf;
+      inherit (lib.my) networkdAssignment;
+    in
+    {
+      config = mkMerge [
+        {
+          my = {
+            deploy.enable = false;
+            server.enable = true;
+
+            secrets = {
+              #key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkly/tnPmoX05lDjEpQOkllPqYA0PY92pOKqvx8Po02";
+              files."synapse.yaml" = {};
+            };
+
+            firewall = {
+              tcp.allowed = [ 8008 ];
+            };
+          };
+
+          systemd = {
+            network.networks."80-container-host0" = networkdAssignment "host0" assignments.internal;
+          };
+
+          services = {
+            #matrix-synapse = {
+            #  enable = true;
+            #  withJemalloc = true;
+            #  settings = {
+
+            #  };
+            #};
+          };
+        }
+        (mkIf config.my.build.isDevVM {
+          virtualisation = {
+            forwardPorts = [
+              { from = "host"; host.port = 8080; guest.port = 80; }
+            ];
+          };
+        })
+      ];
+    };
+  };
+}
--- a/nixos/modules/deploy-rs.nix
+++ b/nixos/modules/deploy-rs.nix
@ -27,6 +27,27 @@ let
    ${keepGensSnippet "$PROFILE" cfg'.keepGenerations}
  '';

+  systemdUtil = pkgs.writeShellApplication {
+    name = "systemd-util.sh";
+    text = ''
+      svcActionWatch() {
+        action="$1"
+        shift
+        unit="$1"
+        shift
+
+        journalctl -o cat --no-pager -n 0 -f -u "$unit" &
+        jPid=$!
+        cleanup() {
+          kill $jPid
+        }
+        trap cleanup EXIT
+
+        systemctl "$@" "$action" "$unit"
+      }
+    '';
+  };
+
  ctrProfiles = optionalAttrs cfg.generate.containers.enable (mapAttrs' (n: c:
  let
    ctrConfig = systems."${n}".configuration.config;
@ -35,6 +56,7 @@ let
    name = "container-${n}";
    value = {
      path = pkgs.deploy-rs.lib.activate.custom ctrConfig.my.buildAs.container ''
+        source ${systemdUtil}/bin/systemd-util.sh
        ${if c.hotReload then ''
          if systemctl show -p StatusText systemd-nspawn@${n} | grep -q "Dummy container"; then
            action=restart
@ -42,9 +64,9 @@ let
            action=reload
          fi

-          systemctl "$action" systemd-nspawn@${n}
+          svcActionWatch "$action" systemd-nspawn@${n}
        '' else ''
-          systemctl restart systemd-nspawn@${n}
+          svcActionWatch restart systemd-nspawn@${n}
        ''}

        ${keepGensSnippet "$PROFILE" cfg.generate.containers.keepGenerations}
--- a/secrets/synapse.yaml.age
+++ b/secrets/synapse.yaml.age
@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 FAIX7A 65LI0Fvoezo5osErygJNYp5d8LhvABZpD5SjjBlvCBc
+jsez8jYQjFgR66hJtj3NfD+ugkfuc5CQ2PpLatOstMY
+-> X25519 JpPee9xg9YoHwwUk8OCYuZQJdq0yYhsJtUFHwumHvSc
+MZUCvUjHCS65dBvT/7eNtT+cydIAqa7BAXGBJrP1/Yg
+-> j-grease `YENpG`_
+7kJXScC89DIP3niPa5sEf8rQQfXCTztTrAyhq8fv/eIFUhWqE1P7TebzPCuE6XeA
+p0WTNfd0xsZJ7d+PIK/HLhPFRS2wKaYfHXXCYtJsFK/tbRz522f9O/YH
+--- EI8mVA7L/VX9EBG3hvME3sznKAVacRjqRFbcGDhvhSM
+Ù;ó§'ÖÉ<C396>K}9D,h€<11>:l<><‹‘h“1DØæTEæ»ÿT3VÕ|u<>l4X™”_ÍXÍE\÷u! B2téZ¯Òu‘b5¿»ˆ‘h
;«