nixos/deploy-rs: Show container unit log while deploying

2022-06-10 22:14:42 +01:00 · 2022-06-10 22:14:42 +01:00 · 3edb54fef6
commit 3edb54fef6
parent 30c8913c08
3 changed files with 98 additions and 2 deletions
--- a/nixos/boxes/colony/vms/shill/containers/chatterbox.nix
+++ b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix
@ -0,0 +1,64 @@
 { lib, ... }: {
  nixos.systems.chatterbox = {
    system = "x86_64-linux";
    nixpkgs = "mine";
    assignments = {
      internal = {
        name = "chatterbox-ctr";
        domain = lib.my.colony.domain;
        ipv4.address = "${lib.my.colony.start.ctrs.v4}5";
        ipv6 = {
          iid = "::5";
          address = "${lib.my.colony.start.ctrs.v6}5";
        };
      };
    };
    configuration = { lib, pkgs, config, assignments, ... }:
    let
      inherit (lib) mkMerge mkIf;
      inherit (lib.my) networkdAssignment;
    in
    {
      config = mkMerge [
        {
          my = {
            deploy.enable = false;
            server.enable = true;
            secrets = {
              #key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkly/tnPmoX05lDjEpQOkllPqYA0PY92pOKqvx8Po02";
              files."synapse.yaml" = {};
            };
            firewall = {
              tcp.allowed = [ 8008 ];
            };
          };
          systemd = {
            network.networks."80-container-host0" = networkdAssignment "host0" assignments.internal;
          };
          services = {
            #matrix-synapse = {
            #  enable = true;
            #  withJemalloc = true;
            #  settings = {
            #  };
            #};
          };
        }
        (mkIf config.my.build.isDevVM {
          virtualisation = {
            forwardPorts = [
              { from = "host"; host.port = 8080; guest.port = 80; }
            ];
          };
        })
      ];
    };
  };
 }
--- a/nixos/modules/deploy-rs.nix
+++ b/nixos/modules/deploy-rs.nix
@ -27,6 +27,27 @@ let
    ${keepGensSnippet "$PROFILE" cfg'.keepGenerations}
  '';
  systemdUtil = pkgs.writeShellApplication {
    name = "systemd-util.sh";
    text = ''
      svcActionWatch() {
        action="$1"
        shift
        unit="$1"
        shift
        journalctl -o cat --no-pager -n 0 -f -u "$unit" &
        jPid=$!
        cleanup() {
          kill $jPid
        }
        trap cleanup EXIT
        systemctl "$@" "$action" "$unit"
      }
    '';
  };
  ctrProfiles = optionalAttrs cfg.generate.containers.enable (mapAttrs' (n: c:
  let
    ctrConfig = systems."${n}".configuration.config;
@ -35,6 +56,7 @@ let
    name = "container-${n}";
    value = {
      path = pkgs.deploy-rs.lib.activate.custom ctrConfig.my.buildAs.container ''
        source ${systemdUtil}/bin/systemd-util.sh
        ${if c.hotReload then ''
          if systemctl show -p StatusText systemd-nspawn@${n} | grep -q "Dummy container"; then
            action=restart
@ -42,9 +64,9 @@ let
            action=reload
          fi
-          systemctl "$action" systemd-nspawn@${n}
+          svcActionWatch "$action" systemd-nspawn@${n}
        '' else ''
-          systemctl restart systemd-nspawn@${n}
+          svcActionWatch restart systemd-nspawn@${n}
        ''}
        ${keepGensSnippet "$PROFILE" cfg.generate.containers.keepGenerations}
--- a/secrets/synapse.yaml.age
+++ b/secrets/synapse.yaml.age
@ -0,0 +1,10 @@
 age-encryption.org/v1
 -> ssh-ed25519 FAIX7A 65LI0Fvoezo5osErygJNYp5d8LhvABZpD5SjjBlvCBc
 jsez8jYQjFgR66hJtj3NfD+ugkfuc5CQ2PpLatOstMY
 -> X25519 JpPee9xg9YoHwwUk8OCYuZQJdq0yYhsJtUFHwumHvSc
 MZUCvUjHCS65dBvT/7eNtT+cydIAqa7BAXGBJrP1/Yg
 -> j-grease `YENpG`_
 7kJXScC89DIP3niPa5sEf8rQQfXCTztTrAyhq8fv/eIFUhWqE1P7TebzPCuE6XeA
 p0WTNfd0xsZJ7d+PIK/HLhPFRS2wKaYfHXXCYtJsFK/tbRz522f9O/YH
 --- EI8mVA7L/VX9EBG3hvME3sznKAVacRjqRFbcGDhvhSM
 Ù;ó§'ÖÉ<C396>K}9D,h€<11>:l<><‹‘h“1DØæTEæ»ÿT3VÕ|u<>l4X™”_ÍXÍE\÷u! B2téZ¯Òu‘b5¿»ˆ‘h
;«