Retire dotfiles-rebuild, switch to dm-pull-deploy push timer
- Drop modules/dotfiles-rebuild.nix and its imports in clan.nix; sunken-ship + phantom-ship no longer ship the legacy 15-min rebuild-from-git timer. - Add dm-pull-deploy-push systemd timer on sunken-ship: every 15min runs dm-send-deploy to announce origin/main rev via data-mesher gossip (sunken is the dm-pull-deploy push node). - Fix mulbo-pull service path: add openssh so 'git fetch' over an SSH remote stops failing with 'cannot run ssh'. - vps-relay authorized_keys: rename Mac key comment to mac-admin, add sunken-ship's actual ed25519 key for ZT mesh debugging. - home.nix: add cinny-desktop (Matrix client). - neovim: enable cursorline.
This commit is contained in:
DannyDannyDanny
parent
1b0eb5835d
commit
2e9441f367
7 changed files with 46 additions and 54 deletions
|
|
@ -1,44 +0,0 @@
|
|||
# Shared auto-rebuild-from-git service for homelab hosts.
|
||||
#
|
||||
# Every 15 min: git fetch origin, fast-forward main, and if there were any
|
||||
# new commits run nixos-rebuild switch against `<dotfilesDir>#<host>`.
|
||||
#
|
||||
# Assumes /etc/dotfiles is an already-cloned checkout of the dotfiles repo.
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
dotfilesDir = "/etc/dotfiles";
|
||||
flakeRef = "${dotfilesDir}#${config.networking.hostName}";
|
||||
in {
|
||||
environment.systemPackages = [ pkgs.git ];
|
||||
|
||||
# Trust /etc/dotfiles as root even though it's owned by `danny`.
|
||||
# nix/libgit2 reads safe.directory from /etc/gitconfig; the GIT_CONFIG_*
|
||||
# env vars on the service only affect the git CLI, not nix.
|
||||
programs.git.enable = true;
|
||||
programs.git.config.safe.directory = [ dotfilesDir ];
|
||||
|
||||
systemd.services.dotfiles-rebuild = {
|
||||
description = "Pull dotfiles and run nixos-rebuild if repo changed";
|
||||
path = with pkgs; [ git nix nixos-rebuild ];
|
||||
environment.GIT_CONFIG_COUNT = "1";
|
||||
environment.GIT_CONFIG_KEY_0 = "safe.directory";
|
||||
environment.GIT_CONFIG_VALUE_0 = dotfilesDir;
|
||||
script = ''
|
||||
set -euo pipefail
|
||||
cd ${dotfilesDir}
|
||||
git fetch origin
|
||||
if [ "$(git rev-parse HEAD)" = "$(git rev-parse origin/main)" ]; then
|
||||
exit 0
|
||||
fi
|
||||
git pull origin main
|
||||
exec nixos-rebuild switch --flake ${flakeRef}
|
||||
'';
|
||||
serviceConfig.Type = "oneshot";
|
||||
};
|
||||
|
||||
systemd.timers.dotfiles-rebuild = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig.OnCalendar = "*-*-* *:00/15:00"; # every 15 minutes
|
||||
timerConfig.RandomizedDelaySec = "2min";
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue