From 3edb54fef64fc3c85ed5fa38cec7c4a716e667e0 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Fri, 10 Jun 2022 22:14:42 +0100 Subject: [PATCH] nixos/deploy-rs: Show container unit log while deploying --- .../vms/shill/containers/chatterbox.nix | 64 +++++++++++++++++++ nixos/modules/deploy-rs.nix | 26 +++++++- secrets/synapse.yaml.age | 10 +++ 3 files changed, 98 insertions(+), 2 deletions(-) create mode 100644 nixos/boxes/colony/vms/shill/containers/chatterbox.nix create mode 100644 secrets/synapse.yaml.age diff --git a/nixos/boxes/colony/vms/shill/containers/chatterbox.nix b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix new file mode 100644 index 0000000..414bf95 --- /dev/null +++ b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix @@ -0,0 +1,64 @@ +{ lib, ... }: { + nixos.systems.chatterbox = { + system = "x86_64-linux"; + nixpkgs = "mine"; + + assignments = { + internal = { + name = "chatterbox-ctr"; + domain = lib.my.colony.domain; + ipv4.address = "${lib.my.colony.start.ctrs.v4}5"; + ipv6 = { + iid = "::5"; + address = "${lib.my.colony.start.ctrs.v6}5"; + }; + }; + }; + + configuration = { lib, pkgs, config, assignments, ... }: + let + inherit (lib) mkMerge mkIf; + inherit (lib.my) networkdAssignment; + in + { + config = mkMerge [ + { + my = { + deploy.enable = false; + server.enable = true; + + secrets = { + #key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkly/tnPmoX05lDjEpQOkllPqYA0PY92pOKqvx8Po02"; + files."synapse.yaml" = {}; + }; + + firewall = { + tcp.allowed = [ 8008 ]; + }; + }; + + systemd = { + network.networks."80-container-host0" = networkdAssignment "host0" assignments.internal; + }; + + services = { + #matrix-synapse = { + # enable = true; + # withJemalloc = true; + # settings = { + + # }; + #}; + }; + } + (mkIf config.my.build.isDevVM { + virtualisation = { + forwardPorts = [ + { from = "host"; host.port = 8080; guest.port = 80; } + ]; + }; + }) + ]; + }; + }; +} diff --git a/nixos/modules/deploy-rs.nix b/nixos/modules/deploy-rs.nix index 9f4b8ee..dcc663e 100644 --- a/nixos/modules/deploy-rs.nix +++ b/nixos/modules/deploy-rs.nix @@ -27,6 +27,27 @@ let ${keepGensSnippet "$PROFILE" cfg'.keepGenerations} ''; + systemdUtil = pkgs.writeShellApplication { + name = "systemd-util.sh"; + text = '' + svcActionWatch() { + action="$1" + shift + unit="$1" + shift + + journalctl -o cat --no-pager -n 0 -f -u "$unit" & + jPid=$! + cleanup() { + kill $jPid + } + trap cleanup EXIT + + systemctl "$@" "$action" "$unit" + } + ''; + }; + ctrProfiles = optionalAttrs cfg.generate.containers.enable (mapAttrs' (n: c: let ctrConfig = systems."${n}".configuration.config; @@ -35,6 +56,7 @@ let name = "container-${n}"; value = { path = pkgs.deploy-rs.lib.activate.custom ctrConfig.my.buildAs.container '' + source ${systemdUtil}/bin/systemd-util.sh ${if c.hotReload then '' if systemctl show -p StatusText systemd-nspawn@${n} | grep -q "Dummy container"; then action=restart @@ -42,9 +64,9 @@ let action=reload fi - systemctl "$action" systemd-nspawn@${n} + svcActionWatch "$action" systemd-nspawn@${n} '' else '' - systemctl restart systemd-nspawn@${n} + svcActionWatch restart systemd-nspawn@${n} ''} ${keepGensSnippet "$PROFILE" cfg.generate.containers.keepGenerations} diff --git a/secrets/synapse.yaml.age b/secrets/synapse.yaml.age new file mode 100644 index 0000000..59dc14e --- /dev/null +++ b/secrets/synapse.yaml.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 FAIX7A 65LI0Fvoezo5osErygJNYp5d8LhvABZpD5SjjBlvCBc +jsez8jYQjFgR66hJtj3NfD+ugkfuc5CQ2PpLatOstMY +-> X25519 JpPee9xg9YoHwwUk8OCYuZQJdq0yYhsJtUFHwumHvSc +MZUCvUjHCS65dBvT/7eNtT+cydIAqa7BAXGBJrP1/Yg +-> j-grease `YENpG`_ +7kJXScC89DIP3niPa5sEf8rQQfXCTztTrAyhq8fv/eIFUhWqE1P7TebzPCuE6XeA +p0WTNfd0xsZJ7d+PIK/HLhPFRS2wKaYfHXXCYtJsFK/tbRz522f9O/YH +--- EI8mVA7L/VX9EBG3hvME3sznKAVacRjqRFbcGDhvhSM +;'ɏK}9D,h:l