difftreelog
refactor provide cross system using argument
in: trunk
5 files changed
cmds/fleet/src/better_nix_eval.rsdiffbeforeafterboth--- a/cmds/fleet/src/better_nix_eval.rs
+++ b/cmds/fleet/src/better_nix_eval.rs
@@ -16,7 +16,7 @@
use tokio::select;
use tokio::sync::{mpsc, oneshot};
use tokio_util::codec::{FramedRead, LinesCodec};
-use tracing::{debug, error, warn};
+use tracing::{debug, error, warn, Level};
use crate::command::{ClonableHandler, Handler, NixHandler, NoopHandler};
@@ -247,6 +247,10 @@
Ok(())
}
async fn send_command(&mut self, cmd: impl AsRef<[u8]>) -> Result<()> {
+ if tracing::enabled!(Level::DEBUG) {
+ let cmd_str = String::from_utf8_lossy(cmd.as_ref());
+ tracing::debug!("{cmd_str}");
+ };
self.stdin.write_all(cmd.as_ref()).await?;
self.stdin.write_all(b"\n").await?;
Ok(())
@@ -420,7 +424,7 @@
}
pub fn apply(v: impl Serialize) -> Self {
let serialized = nixlike::serialize(v).expect("invalid value for apply");
- Self::Apply(serialized)
+ Self::Apply(serialized.trim_end().to_owned())
}
}
impl Display for Index {
@@ -434,8 +438,7 @@
write!(f, ".{v}")
}
Index::Apply(o) => {
- let v = nixlike::serialize(o).map_err(|_| fmt::Error)?;
- write!(f, "<apply>({v})")
+ write!(f, "<apply>({o})")
}
Index::Idx(i) => {
write!(f, "[{i}]")
@@ -451,7 +454,6 @@
struct PathDisplay<'i>(&'i [Index]);
impl Display for PathDisplay<'_> {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
- write!(f, "flake")?;
for i in self.0 {
write!(f, "{i}")?;
}
@@ -508,8 +510,8 @@
query.push_str(escaped.trim());
}
Index::Apply(a) => {
- query.push(' ');
- query.push_str(&a);
+ // In cases like `a {}.b` first `{}.b` will be evaluated, so `a {}` should be encased in `()`
+ query = format!("({query} {a})");
}
Index::Idx(idx) => {
query = format!("builtins.elemAt ({query}) {idx}");
@@ -560,7 +562,7 @@
.await
.execute_expression_raw(&format!(":b sess_field_{id}"), &mut NixHandler::default())
.await?;
- ensure!(!vid.is_empty(), "build failed");
+ ensure!(!vid.is_empty(), "build failed: {}", PathDisplay(&self.full_path));
let Some(vid) = vid.strip_prefix("This derivation produced the following outputs:\n")
else {
panic!("unexpected build output: {vid:?}");
cmds/fleet/src/cmds/build_systems.rsdiffbeforeafterboth--- a/cmds/fleet/src/cmds/build_systems.rs
+++ b/cmds/fleet/src/cmds/build_systems.rs
@@ -5,7 +5,7 @@
use crate::command::MyCommand;
use crate::host::Config;
use crate::nix_path;
-use anyhow::{anyhow, Result};
+use anyhow::{anyhow, Result, Context};
use clap::Parser;
use itertools::Itertools;
use tokio::{task::LocalSet, time::sleep};
@@ -292,13 +292,14 @@
let action = Action::from(self.subcommand.clone());
let drv = config
.fleet_field
- .select(nix_path!(.buildSystems.{action.build_attr()}.{&host}))
- .await?;
+ .select(nix_path!(.buildSystems((serde_json::json!({
+ "localSystem": config.local_system.clone(),
+ }))).{action.build_attr()}.{&host}))
+ .await.context("system attribute")?;
let outputs = drv.build().await.map_err(|e| {
if action.build_attr() == "sdImage" {
info!("sd-image build failed");
info!("Make sure you have imported modulesPath/installer/sd-card/sd-image-<arch>[-installer].nix (For installer, you may want to check config)");
- info!("This module was automatically imported before, but was removed for better customization")
}
e
})?;
@@ -311,6 +312,10 @@
if !config.is_local(&host) {
info!("uploading system closure");
{
+ // Alternatively, nix store make-content-addressed can be used,
+ // at least for the first deployment, to provide trusted store key.
+ //
+ // It is much slower, yet doesn't require root on the deployer machine.
let mut sign = MyCommand::new("nix");
// Private key for host machine is registered in nix-sign.nix
sign.arg("store")
cmds/fleet/src/host.rsdiffbeforeafterboth--- a/cmds/fleet/src/host.rs
+++ b/cmds/fleet/src/host.rs
@@ -13,7 +13,7 @@
use tempfile::NamedTempFile;
use crate::{
- better_nix_eval::{Field, Index, NixSessionPool},
+ better_nix_eval::{Field, NixSessionPool},
command::MyCommand,
fleetdata::{FleetData, FleetSecret, FleetSharedSecret},
nix_path,
@@ -250,7 +250,6 @@
#[clap(long)]
pub localhost: Option<String>,
- // TODO: unhardcode x86_64-linux
/// Override detected system for host, to perform builds via
/// binfmt-declared qemu instead of trying to crosscompile
#[clap(long, default_value = "detect")]
@@ -280,7 +279,7 @@
let fleet_root = Field::field(root_field, "fleetConfigurations").await?;
let fleet_field = fleet_root
- .select(nix_path!(.default.{&local_system}))
+ .select(nix_path!(.default))
.await?;
let config_field = fleet_field
.select(nix_path!(.configUnchecked))
cmds/fleet/src/main.rsdiffbeforeafterboth1#![recursion_limit = "512"]2#![feature(try_blocks)]34pub(crate) mod cmds;5pub(crate) mod command;6pub(crate) mod host;7pub(crate) mod keys;89pub(crate) mod better_nix_eval;10pub(crate) mod extra_args;1112mod fleetdata;1314use std::ffi::OsString;15use std::time::Duration;1617use anyhow::{bail, Result};18use clap::Parser;1920use cmds::{build_systems::BuildSystems, info::Info, secrets::Secrets};21use futures::future::LocalBoxFuture;22use futures::stream::FuturesUnordered;23use futures::TryStreamExt;24use host::{Config, FleetOpts};25use human_repr::HumanCount;26use indicatif::{ProgressState, ProgressStyle};27use tracing::{info, metadata::LevelFilter};28use tracing::{info_span, Instrument};29use tracing_indicatif::IndicatifLayer;30use tracing_subscriber::{prelude::*, EnvFilter};3132use crate::command::MyCommand;3334#[derive(Parser)]35struct Prefetch {}36impl Prefetch {37 async fn run(&self, config: &Config) -> Result<()> {38 let mut prefetch_dir = config.directory.to_path_buf();39 prefetch_dir.push("prefetch");40 if !prefetch_dir.is_dir() {41 info!("nothing to prefetch: no prefetch directory");42 return Ok(());43 }44 let tasks = <FuturesUnordered<LocalBoxFuture<Result<()>>>>::new();45 for entry in std::fs::read_dir(&prefetch_dir)? {46 tasks.push(Box::pin(async {47 let entry = entry?;48 if !entry.metadata()?.is_file() {49 bail!("only files should exist in prefetch directory");50 }51 let span = info_span!(52 "prefetching",53 name = entry.file_name().to_string_lossy().as_ref()54 );55 let mut path = OsString::new();56 path.push("file://");57 path.push(entry.path());5859 let mut status = MyCommand::new("nix");60 status.arg("store").arg("prefetch-file").arg(path);61 status.run_nix_string().instrument(span).await?;62 Ok(())63 }));64 }65 tasks.try_collect::<Vec<()>>().await?;66 Ok(())67 }68}6970#[derive(Parser)]71enum Opts {72 /// Prepare systems for deployments73 BuildSystems(BuildSystems),74 /// Secret management75 #[clap(subcommand)]76 Secrets(Secrets),77 /// Upload prefetch directory to the nix store78 Prefetch(Prefetch),79 /// Config parsing80 Info(Info),81}8283#[derive(Parser)]84#[clap(version = "1.0", author)]85struct RootOpts {86 #[clap(flatten)]87 fleet_opts: FleetOpts,88 #[clap(subcommand)]89 command: Opts,90}9192async fn run_command(config: &Config, command: Opts) -> Result<()> {93 match command {94 Opts::BuildSystems(c) => c.run(config).await?,95 Opts::Secrets(s) => s.run(config).await?,96 Opts::Info(i) => i.run(config).await?,97 Opts::Prefetch(p) => p.run(config).await?,98 };99 Ok(())100}101102// fn main() -> Result<()> {103// let pool = r2d2::Builder::<NixSessionPool>::new()104// .min_idle(Some(1))105// .max_lifetime(Some(Duration::from_secs(10)))106// .build(NixSessionPool {107// flake: ".".to_owned(),108// nix_args: vec![],109// })?;110// let conn = pool.get()?;111// let field = Field::root(conn);112// // let builtins = field.get_field("builtins")?;113// let cur_sys: String = field.get_field("builtins")?.as_json()?;114// eprintln!("current system = {cur_sys}");115// let v = field.get_field("fleetConfigurations")?;116// eprintln!("configs = {:?}", v.list_fields()?);117// let d = v.get_field("default")?;118// dbg!(d.list_fields());119// Ok(())120// }121//122123fn setup_logging() {124 let indicatif_layer = IndicatifLayer::new().with_progress_style(125 ProgressStyle::with_template(126 "{color_start}{span_child_prefix} {span_name}{{{span_fields}}}{color_end} {wide_msg} {color_start}{download_progress} {elapsed}{color_end}",127 )128 .unwrap()129 .with_key("download_progress", |state: &ProgressState, writer: &mut dyn std::fmt::Write| {130 let Some(len) = state.len() else {131 return;132 };133 let pos = state.pos();134 let _ = write!(writer, "{} / {}", pos.human_count_bare(), len.human_count_bare());135 })136 .with_key(137 "color_start",138 |state: &ProgressState, writer: &mut dyn std::fmt::Write| {139 let elapsed = state.elapsed();140141 if elapsed > Duration::from_secs(60) {142 // Red143 let _ = write!(writer, "\x1b[{}m", 1 + 30);144 } else if elapsed > Duration::from_secs(30) {145 // Yellow146 let _ = write!(writer, "\x1b[{}m", 3 + 30);147 }148 },149 )150 .with_key(151 "color_end",152 |state: &ProgressState, writer: &mut dyn std::fmt::Write| {153 if state.elapsed() > Duration::from_secs(30) {154 let _ = write!(writer, "\x1b[0m");155 }156 },157 ),158 );159160 let filter = EnvFilter::from_default_env().add_directive(LevelFilter::INFO.into());161162 tracing_subscriber::registry()163 .with(164 tracing_subscriber::fmt::layer()165 .without_time()166 .with_target(false)167 .with_writer(indicatif_layer.get_stderr_writer())168 .with_filter(filter), // .withou,169 )170 .with(indicatif_layer)171 .init();172}173174#[tokio::main]175async fn main() -> Result<()> {176 setup_logging();177 let _ = better_nix_eval::TOKIO_RUNTIME.set(tokio::runtime::Handle::current());178179 let nix_args = std::env::var_os("NIX_ARGS")180 .map(|a| extra_args::parse_os(&a))181 .transpose()?182 .unwrap_or_default();183 let opts = RootOpts::parse();184 let config = opts.fleet_opts.build(nix_args).await?;185186 match run_command(&config, opts.command).await {187 Ok(()) => {188 config.save()?;189 Ok(())190 }191 Err(e) => {192 let _ = config.save();193 Err(e)194 }195 }196}lib/default.nixdiffbeforeafterboth--- a/lib/default.nix
+++ b/lib/default.nix
@@ -11,8 +11,7 @@
inherit nixpkgs hostNames;
};
in
- # Top-level arg is the builder system (not the target system!)
- nixpkgs.lib.genAttrs flake-utils.lib.defaultSystems (system: let
+ let
withData = data: rec {
root = nixpkgs.lib.evalModules {
modules = (import ../modules/fleet/_modules.nix) ++ [config data];
@@ -36,21 +35,7 @@
inherit name;
value = nixpkgs.lib.nixosSystem {
system = configuredHosts.${name}.system;
- modules =
- configuredHosts.${name}.modules
- ++ extraModules
- ++ [
- ({...}: {
- nixpkgs.system = system;
- nixpkgs.localSystem.system = system;
- nixpkgs.crossSystem =
- if system == configuredHosts.${name}.system
- then null
- else {
- system = configuredHosts.${name}.system;
- };
- })
- ];
+ modules = configuredHosts.${name}.modules ++ extraModules;
specialArgs = {
inherit fleetLib;
fleet = fleetLib.hostsToAttrs (host: configuredSystems.${host}.config);
@@ -60,19 +45,28 @@
)
(builtins.attrNames rootAssertWarn.config.hosts)
);
- buildSystems = {
+ buildSystems = {localSystem}: let
+ buildConfigurationModule = {config, ...}: {
+ # Equivalent to nixpkgs.localSystem
+ # nixpkgs.system = localSystem;
+ nixpkgs.buildPlatform.system = localSystem;
+ };
+ in {
toplevel = builtins.mapAttrs (_name: value: value.config.system.build.toplevel) (configuredSystemsWithExtraModules [
+ buildConfigurationModule
({...}: {
buildTarget = "toplevel";
})
]);
sdImage = builtins.mapAttrs (_name: value: value.config.system.build.sdImage) (configuredSystemsWithExtraModules [
+ buildConfigurationModule
#(nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
({...}: {
buildTarget = "sd-image";
})
]);
installationCd = builtins.mapAttrs (_name: value: value.config.system.build.isoImage) (configuredSystemsWithExtraModules [
+ buildConfigurationModule
(nixpkgs + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix")
({lib, ...}: {
buildTarget = "installation-cd";
@@ -91,5 +85,5 @@
in {
inherit (injectedData) configuredHosts configuredSecrets configuredSystems buildSystems configUnchecked;
};
- });
+ };
}