switch to effect for darwin ssh deploy

2023-12-27 10:43:18 +10:00 · 2023-12-27 10:43:18 +10:00 · 3464ec27e2
commit 3464ec27e2
parent 8471d2a8d6
5 changed files with 47 additions and 3 deletions
--- a/dev/effect-deploy.nix
+++ b/dev/effect-deploy.nix
@ -0,0 +1,34 @@
+{ self, withSystem, ... }:
+{
+  herculesCI = herculesCI: {
+    onPush.default.outputs.effects = withSystem "x86_64-linux" (
+      { hci-effects, ... }:
+      let
+        hosts = (import "${self}/modules/shared/known-hosts.nix").programs.ssh.knownHosts;
+      in
+      builtins.listToAttrs (
+        map
+          (x: {
+            name = x;
+            value = hci-effects.runIf (herculesCI.config.repo.branch == "master") (
+              hci-effects.runNixDarwin {
+                ssh.destination = "customer@${x}.nix-community.org";
+                configuration = self.darwinConfigurations.${x};
+                secretsMap.ssh-deployment = "ssh-deployment";
+                userSetupScript = ''
+                  writeSSHKey ssh-deployment
+                  cat >>~/.ssh/known_hosts <<EOF
+                  ${toString hosts.${x}.hostNames} ${hosts.${x}.publicKey}
+                  EOF
+                '';
+              }
+            );
+          })
+          [
+            "darwin01"
+            "darwin02"
+          ]
+      )
+    );
+  };
+}