difftreelog
feat basic lustration helper
in: trunk
3 files changed
cmds/fleet/src/cmds/build_systems.rsdiffbeforeafterboth1use std::{env::current_dir, os::unix::fs::symlink, path::PathBuf, time::Duration};1use std::{env::current_dir, os::unix::fs::symlink, path::PathBuf, time::Duration};223use anyhow::{anyhow, bail, Result};3use anyhow::{anyhow, bail, Context, Result};4use clap::{Parser, ValueEnum};4use clap::{Parser, ValueEnum};5use fleet_base::{5use fleet_base::{6 host::{Config, ConfigHost, DeployKind},6 host::{Config, ConfigHost, DeployKind},132 disable_rollback: bool,132 disable_rollback: bool,133) -> Result<()> {133) -> Result<()> {134 let deploy_kind = host.deploy_kind().await?;134 let deploy_kind = host.deploy_kind().await?;135 if deploy_kind == DeployKind::NixosInstall135 if (deploy_kind == DeployKind::NixosInstall || deploy_kind == DeployKind::NixosLustrate)136 && !matches!(action, DeployAction::Boot | DeployAction::Upload)136 && !matches!(action, DeployAction::Boot | DeployAction::Upload)137 {137 {138 bail!("nixos-install deploy kind only supports boot and upload actions");138 bail!("{deploy_kind:?} deploy kind only supports boot and upload actions");139 }139 }140140141 let mut failed = false;141 let mut failed = false;184 }184 }185 }185 }186 }186 }187 if deploy_kind == DeployKind::NixosLustrate {188 // Fleet could also create this file, but as this operation is potentially disruptive,189 // make user do it themself.190 if !host.file_exists("/etc/NIXOS_LUSTRATE").await? {191 bail!("/etc/NIXOS_LUSTRATE should be created on remote host");192 }193 // Wanted by NixOS to recognize the system as NixOS.194 let mut cmd = host.cmd("touch").await?;195 cmd.arg("/etc/NIXOS");196 cmd.sudo().run().await.context("creating /etc/NIXOS")?;197 }187 if deploy_kind == DeployKind::NixosInstall {198 if deploy_kind == DeployKind::NixosInstall {188 info!(199 info!(189 "running nixos-install to switch profile, install bootloader, and perform activation"200 "running nixos-install to switch profile, install bootloader, and perform activation"247 };258 };248 let switch_script = specialised.join("bin/switch-to-configuration");259 let switch_script = specialised.join("bin/switch-to-configuration");249 let mut cmd = host.cmd(switch_script).in_current_span().await?;260 let mut cmd = host.cmd(switch_script).in_current_span().await?;261 if deploy_kind == DeployKind::NixosLustrate {262 cmd.env("NIXOS_INSTALL_BOOTLOADER", "1");263 }250 cmd.env("FLEET_ONLINE_ACTIVATION", "1")264 cmd.env("FLEET_ONLINE_ACTIVATION", "1")251 .arg(action.name().expect("upload.should_activate == false"));265 .arg(action.name().expect("upload.should_activate == false"));252 if let Err(e) = cmd.sudo().run().in_current_span().await {266 if let Err(e) = cmd.sudo().run().in_current_span().await {crates/fleet-base/src/host.rsdiffbeforeafterboth--- a/crates/fleet-base/src/host.rs
+++ b/crates/fleet-base/src/host.rs
@@ -23,8 +23,10 @@
};
pub struct FleetConfigInternals {
+ /// Fleet project directory, containing fleet.nix file.
+ pub directory: PathBuf,
+ /// builtins.currentSystem
pub local_system: String,
- pub directory: PathBuf,
pub data: Mutex<FleetData>,
pub nix_args: Vec<OsString>,
/// fleet_config.config
@@ -34,6 +36,7 @@
/// import nixpkgs {system = local};
pub default_pkgs: Value,
+ /// inputs.nixpkgs
pub nixpkgs: Value,
pub nix_session: NixSession,
@@ -58,7 +61,7 @@
Su,
}
-#[derive(Clone, PartialEq, Copy)]
+#[derive(Clone, PartialEq, Copy, Debug)]
pub enum DeployKind {
/// NixOS => NixOS managed by fleet
UpgradeToFleet,
@@ -67,6 +70,10 @@
/// Remote host has /mnt, /mnt/boot mounted,
/// generated config is added to fleet configuration.
NixosInstall,
+ /// Remote host has some system and nix installed in multi-user mode (/nix is owned by root),
+ /// generated config is added to fleet configuration,
+ /// and /etc/NIXOS_LUSTRATE exists, fleet will perform the rest.
+ NixosLustrate,
}
impl FromStr for DeployKind {
@@ -302,7 +309,7 @@
nix.arg("copy").arg("--substitute-on-destination");
match self.deploy_kind().await? {
- DeployKind::Fleet | DeployKind::UpgradeToFleet => {
+ DeployKind::Fleet | DeployKind::UpgradeToFleet | DeployKind::NixosLustrate => {
nix.comparg("--to", format!("ssh-ng://{}", self.name));
}
DeployKind::NixosInstall => {
crates/fleet-base/src/opts.rsdiffbeforeafterboth--- a/crates/fleet-base/src/opts.rs
+++ b/crates/fleet-base/src/opts.rs
@@ -6,7 +6,7 @@
sync::{Arc, Mutex},
};
-use anyhow::{Context, Result};
+use anyhow::{bail, Context, Result};
use clap::Parser;
use nix_eval::{nix_go, util::assert_warn, NixSessionPool, Value};
use nom::{
@@ -182,7 +182,23 @@
// TODO: Config should be detached from opts.
pub async fn build(&self, nix_args: Vec<OsString>, assert: bool) -> Result<Config> {
- let directory = current_dir()?;
+ let cwd = current_dir()?;
+ let mut directory = cwd.clone();
+ let mut fleet_data_path = directory.join("fleet.nix");
+ while !fleet_data_path.is_file() {
+ // fleet.nix
+ fleet_data_path.pop();
+ if !directory.pop() || !fleet_data_path.pop() {
+ bail!(
+ "fleet.nix not found at {} or any of the parent directories",
+ cwd.display()
+ );
+ }
+ fleet_data_path.push("fleet.nix");
+ }
+ let bytes =
+ std::fs::read_to_string(&fleet_data_path).context("reading fleet state (fleet.nix)")?;
+ let data: Mutex<FleetData> = nixlike::parse_str(&bytes)?;
let pool = NixSessionPool::new(
directory.as_os_str().to_owned(),
@@ -193,12 +209,6 @@
let nix_session = pool.get().await?;
let builtins_field = Value::binding(nix_session.clone(), "builtins").await?;
-
- let mut fleet_data_path = directory.clone();
- fleet_data_path.push("fleet.nix");
- let bytes =
- std::fs::read_to_string(fleet_data_path).context("reading fleet state (fleet.nix)")?;
- let data: Mutex<FleetData> = nixlike::parse_str(&bytes)?;
let fleet_root = Value::binding(nix_session.clone(), "fleetConfigurations").await?;
let fleet_field = nix_go!(fleet_root.default({ data }));