sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tasks: automate nixos-install

Browse source
This commit is contained in:
Jörg Thalheim 2021-10-24 01:04:22 +02:00
parent 3984d7cc1a
commit 331d9c09c7
1 changed files with 83 additions and 2 deletions

85
tasks.py
View file

@ -3,8 +3,10 @@
from invoke import task from invoke import task
import sys import sys
from typing import List from typing import List, Any
from deploy_nixos import DeployHost, DeployGroup from deploy_nixos import DeployHost, DeployGroup
import subprocess
import json
def deploy_nixos(hosts: List[DeployHost]) -> None: def deploy_nixos(hosts: List[DeployHost]) -> None:
@ -22,8 +24,87 @@ def deploy_nixos(hosts: List[DeployHost]) -> None:
g.run_function(deploy) g.run_function(deploy)
def sfdisk_json(host: DeployHost, dev: str) -> List[Any]:
out = host.run(f"sfdisk --json {dev}", stdout=subprocess.PIPE)
data = json.loads(out.stdout)
return data["partitiontable"]["partitions"]
def get_hosts(hosts: str):
def _format_disks(host: DeployHost, devices: List[str]) -> None:
assert len(devices) == 1 or len(devices) == 2, "we only support single devices or mirror raids at the moment"
# format disk with as follow:
# - partition 1 will be the boot partition, needed for legacy (BIOS) boot
# - partition 2 is for boot partition
# - partition 3 takes up the rest of the space and is for the system
for device in devices:
host.run(f"sgdisk -Z -n 1:2048:4095 -n 2:4096:+2G -N 3 -t 1:ef02 -t 2:8304 -t 3:8304 {device}")
# create mdadm raid for /boot with ext4
if len(devices) == 2:
boot_parts = []
root_parts = []
for dev in devices:
# use partuuids as they are more stable than device names
partitions = sfdisk_json(host, dev)
boot_parts.append(partitions[1]["node"])
root_parts.append(f"/dev/disk/by-partuuid/{partitions[2]['uuid'].lower()}")
host.run(f"mdadm --create --verbose /dev/md127 --raid-devices=2 --level=1 {' '.join(boot_parts)}")
host.run(f"zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 mirror {' '.join(root_parts)}")
boot = "/dev/md127"
else:
partitions = sfdisk_json(host, devices[0])
boot = partitions[1]["node"]
uuid = partitions[2]["uuid"].lower()
root_part = f"/dev/disk/by-partuuid/{uuid}"
host.run(f"zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 -O atime=off {root_part}")
host.run(f"partprobe")
host.run(f"mkfs.ext4 -F {boot}")
# setup zfs dataset
host.run(f"zfs create -o mountpoint=none zroot/root")
host.run(f"zfs create -o mountpoint=legacy zroot/root/nixos")
host.run(f"zfs create -o mountpoint=legacy zroot/root/home")
## and finally mount
host.run(f"mount -t zfs zroot/root/nixos /mnt")
host.run(f"mkdir /mnt/home /mnt/boot")
host.run(f"mount -t zfs zroot/root/home /mnt/home")
host.run(f"mount -t ext4 /dev/md127 /mnt/boot")
@task
def format_disks(c, hosts = "", disks = ""):
"""
Format disks with zfs
"""
_format_disks(get_hosts(hosts)[0], disks.split(","))
@task
def setup_secret(c, hosts = ""):
"""
Setup SSH key and print age key for sops-nix
"""
for h in get_hosts(hosts):
h.run("install -m600 -D /etc/ssh/ssh_host_ed25519_key /mnt/etc/ssh/ssh_host_ed25519_key")
print(h.host)
h.run("nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'")
@task
def nixos_install(c, hosts = ""):
"""
Run NixOS install
"""
for h in get_hosts(hosts):
h.run("nix-shell -p git --run 'git clone https://github.com/nix-community/infra && cd infra && nix-shell'")
hostname = h.host.replace('.nix-community.org', '')
h.run(f"cd /root/infra && nixos-install --system $(nix-build -A {hostname}-system)")
def get_hosts(hosts: str) -> List[DeployHost]:
if hosts == "": if hosts == "":
return [DeployHost(f"build{n + 1}.nix-community.org") for n in range(4)] return [DeployHost(f"build{n + 1}.nix-community.org") for n in range(4)]