infra/docs/deploying.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

51 lines
1.9 KiB
Markdown
Raw Normal View History

2023-10-28 23:37:31 +00:00
# Deploying new versions
We use [deploy-rs](https://github.com/serokell/deploy-rs) to deploy changes.
Currently this process is not automated, so configuration changes will have to
be manually deployed.
2023-10-28 23:37:31 +00:00
To deploy, make sure you have a [working development shell](./development-shell.md).
Then, run `deploy-rs` with the hostname of the server you want to deploy:
2023-10-28 23:37:31 +00:00
### Dry-run
Use `--dry-activate` to show a diff of updated packages and all services that
would be restarted by the update. This will also put all files in place without
switching to the new generation, enabling a quick switch to the new config at a
later moment.
2023-11-06 20:34:50 +00:00
For nachtigall.pub.solar:
2024-05-08 20:57:07 +00:00
2023-10-28 23:37:31 +00:00
```
deploy --targets '.#nachtigall' --ssh-user <unix-username> --magic-rollback false --auto-rollback false --keep-result --result-path ./results --dry-activate
```
After reviewing the changes, apply the update with:
```
deploy --targets '.#nachtigall' --ssh-user <unix-username> --magic-rollback false --auto-rollback false --keep-result --result-path ./results
2023-10-28 23:37:31 +00:00
```
For metronom.pub.solar (aarch64-linux):
```
deploy --targets '.#metronom' --ssh-user <unix-username> --magic-rollback false --auto-rollback false --keep-result --result-path ./results --remote-build
2023-11-06 20:34:50 +00:00
```
Usually we skip all rollback functionality, but if you want to deploy a change
that might lock you out, e.g. to SSH, it might make sense to set these to `true`.
2023-11-06 20:34:50 +00:00
To skip flake checks, e.g. because you already ran them manually before
deployment, add the flag `--skip-checks` at the end of the command.
We use `--keep-result --result-path ./results` to keep the last `result`
symlink of each `deploy` from being garbage collected. That way, we keep builds
cached in the Nix store. This is optional and both flags can be removed if disk
space is a scarce resource on your machine.
You'll need to have SSH Access to the boxes to be able to run `deploy`.
### Getting SSH access
2024-05-08 20:57:07 +00:00
See [administrative-access.md](./administrative-access.md).