blob: 25c0ed692eff23ec7bcaf99796b51179c563db8d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
#!/usr/bin/env bash
# Deployment script for both NixOS configs and individual services.
#
# Usage:
# push.sh Biz.nix # NixOS deploy (existing behavior)
# push.sh Biz/PodcastItLater/Web.py # Service deploy (new behavior)
#
# For service deploys:
# 1. Builds the target with bild (caches to S3 by default)
# 2. Updates the manifest.json in S3 with new store path
# 3. Deployer on target picks up change within 5 minutes
#
# Environment:
# CODEROOT - Root of the codebase (required)
# NIX_CACHE_KEY - Path to signing key (required for service deploys)
set -euo pipefail
# Colors
GRN='\033[0;32m'
YLW='\033[0;33m'
RED='\033[0;31m'
NC='\033[0m' # No Color
# Derive service name from target path
# Biz/PodcastItLater/Web.py -> podcastitlater-web
# Biz/Storybook.py -> storybook
derive_service_name() {
local target="$1"
# Remove extension
local base="${target%.*}"
# Remove Biz/ prefix if present
base="${base#Biz/}"
# Convert slashes to hyphens and lowercase
echo "$base" | tr '/' '-' | tr '[:upper:]' '[:lower:]'
}
# NixOS deploy (existing behavior)
nixos_deploy() {
local target="$1"
prefix=${PWD/$CODEROOT}
if [[ "$prefix" == "" ]]; then
target="$1"
else
target="$prefix.$1"
fi
what=$(realpath "${CODEROOT:?}/_/nix/$target")
# hack: get the domain from the systemd service
where=$(rg --only-matching --replace '$2' --regexp '(domainname ")(.*)(")' \
"$what/etc/systemd/system/domainname.service")
nix copy --to ssh://"$USER"@"$where" "$what"
ssh "$USER"@"$where" sudo nix-env --profile /nix/var/nix/profiles/system --set "$what"
switch_cmd=(
systemd-run
-E LOCALE_ARCHIVE
--setenv=XDG_RUNTIME_DIR=""
--collect
--no-ask-password
--pipe
--quiet
--service-type=exec
--unit=push-switch-to-configuration
--wait
"$what/bin/switch-to-configuration"
"switch"
)
# shellcheck disable=SC2029
ssh "$USER"@"$where" sudo "${switch_cmd[@]}"
echo -e "${GRN}good: push: $target${NC}"
}
# Service deploy (new behavior)
service_deploy() {
local target="$1"
local service_name
service_name=$(derive_service_name "$target")
echo -e "${YLW}info: push: deploying service $service_name${NC}"
# 1. Build and cache (bild caches by default, outputs STORE_PATH=...)
echo -e "${YLW}info: push: building $target${NC}"
local bild_output
bild_output=$(bild "$target" 2>&1) || {
echo -e "${RED}fail: push: bild failed${NC}"
echo "$bild_output"
exit 1
}
# Extract store path from bild output
local store_path
store_path=$(echo "$bild_output" | grep '^STORE_PATH=' | cut -d= -f2)
if [[ -z "$store_path" ]]; then
echo -e "${RED}fail: push: could not extract store path from bild output${NC}"
echo "$bild_output"
exit 1
fi
echo -e "${YLW}info: push: cached $store_path${NC}"
# 2. Get git revision
local revision
revision=$(git rev-parse --short HEAD 2>/dev/null || echo "unknown")
# 3. Update manifest in S3
echo -e "${YLW}info: push: updating manifest${NC}"
"${CODEROOT}/_/nix/deploy-manifest/bin/deploy-manifest" update "$service_name" "$store_path" "$revision" || {
echo -e "${RED}fail: push: manifest update failed${NC}"
exit 1
}
echo -e "${GRN}good: push: $service_name deployed (deployer will pick up in <5 min)${NC}"
}
# Main
main() {
if [[ $# -lt 1 ]]; then
echo "Usage: push.sh <target>"
echo " target.nix -> NixOS deploy"
echo " target.py/.hs/.. -> Service deploy"
exit 1
fi
local target="$1"
if [[ "$target" == *.nix ]]; then
nixos_deploy "$target"
else
service_deploy "$target"
fi
}
main "$@"
|
