From 7715a89401c35cdfc4a00c2cbbbd959163bea0ec Mon Sep 17 00:00:00 2001 From: teutat3s Date: Fri, 15 Sep 2023 12:13:47 +0200 Subject: [PATCH 1/4] Fix deploy-rs, use flake binary again Can be reverted once deploy-rs nixpkgs binary is up-to-date See: https://github.com/serokell/deploy-rs/issues/232 --- flake.nix | 10 +--------- shell/devos.nix | 2 +- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/flake.nix b/flake.nix index 71f94dad..4563cf4b 100644 --- a/flake.nix +++ b/flake.nix @@ -69,14 +69,6 @@ channels = { nixos = { imports = [(digga.lib.importOverlays ./overlays)]; - overlays = [ - (self: super: { - deploy-rs = { - inherit (inputs.nixos.legacyPackages.x86_64-linux) deploy-rs; - lib = inputs.deploy.lib.x86_64-linux; - }; - }) - ]; }; latest = {}; fork = {}; @@ -182,7 +174,7 @@ profilesOrder = ["system" "direnv"]; profiles.direnv = { user = "barkeeper"; - path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper; + path = deploy.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.barkeeper; }; }; #example = { diff --git a/shell/devos.nix b/shell/devos.nix index 3a61ec3c..fd6a18c6 100644 --- a/shell/devos.nix +++ b/shell/devos.nix @@ -59,6 +59,6 @@ in { ] ++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [ (devos nixos-generators) - (devos deploy-rs.deploy-rs) + (devos inputs.deploy.packages.${pkgs.system}.deploy-rs) ]; } From b0596b9f444ec9e7b356e3375d95f641b517968c Mon Sep 17 00:00:00 2001 From: teutat3s Date: Fri, 15 Sep 2023 12:15:57 +0200 Subject: [PATCH 2/4] Fix collabora docker container --- hosts/flora-6/collabora.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/flora-6/collabora.nix b/hosts/flora-6/collabora.nix index c73e9b8e..0e36948e 100644 --- a/hosts/flora-6/collabora.nix +++ b/hosts/flora-6/collabora.nix @@ -22,11 +22,12 @@ "9980:9980" ]; extraOptions = [ - "--cap-add MKNOD" + "--cap-add=MKNOD" + "--pull=always" ]; environment = { server_name = "collabora.pub.solar"; - aliasgroup1 = "https://collabora.pub.solar:443"; + aliasgroup1 = "https://cloud.pub.solar:443"; DONT_GEN_SSL_CERT = "1"; extra_params = "--o:ssl.enable=false --o:ssl.termination=true"; SLEEPFORDEBUGGER = "0"; From c6675e75a654e29e2ab4a61eeec403ee3525c3d4 Mon Sep 17 00:00:00 2001 From: teutat3s Date: Fri, 15 Sep 2023 12:16:23 +0200 Subject: [PATCH 3/4] Fix: always pull new docker images --- hosts/flora-6/drone.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/flora-6/drone.nix b/hosts/flora-6/drone.nix index 0aad276a..1246f7e4 100644 --- a/hosts/flora-6/drone.nix +++ b/hosts/flora-6/drone.nix @@ -76,6 +76,7 @@ dependsOn = ["drone-db"]; extraOptions = [ "--network=drone-net" + "--pull=always" ]; environment = { DRONE_GITEA_SERVER = "https://git.pub.solar"; @@ -98,6 +99,7 @@ dependsOn = ["drone-db"]; extraOptions = [ "--network=drone-net" + "--pull=always" ]; environment = { DRONE_RPC_HOST = "ci.pub.solar"; From 2579cc5284c44f436c7c5fba931017893d88bd8f Mon Sep 17 00:00:00 2001 From: teutat3s Date: Sat, 16 Sep 2023 20:26:44 +0200 Subject: [PATCH 4/4] Add some more docs to flora-6 README Document how to deploy to flora-6 Document how to get SSH access --- hosts/flora-6/README.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/hosts/flora-6/README.md b/hosts/flora-6/README.md index df71140c..46006054 100644 --- a/hosts/flora-6/README.md +++ b/hosts/flora-6/README.md @@ -1,3 +1,28 @@ +# Deploy infra branch to flora-6 + +Use this command after updating flake inputs to update services on `flora-6`. + +``` +deploy --skip-checks --confirm-timeout 300 --targets '.#flora-6' + +An alternative, if deployment always fails and rolls back. + +``` + +deploy --skip-checks --magic-rollback false --auto-rollback false --targets '.#flora-6' + +``` + +# SSH access to flora-6 +Ensure your SSH public key is in place [here](./users/barkeeper/default.nix) and +was deployed by someone with access. + +``` + +ssh barkeeper@flora-6.pub.solar + +``` + # Mailman on NixOS docs - add reverse DNS record for IP @@ -5,12 +30,21 @@ Manual setup done for mailman, adapted from https://nixos.wiki/wiki/Mailman: ``` + # Add DNS records in infra repo using terraform: + # https://git.pub.solar/pub-solar/infra/commit/db234cdb5b55758a3d74387ada0760e06e166b9d # Generate initial postfix_domains.db and postfix_lmtp.db databases for Postfix + sudo -u mailman mailman aliases + # Create a django superuser account + sudo -u mailman-web mailman-web createsuperuser + # Followed outlined steps in web UI + +``` + ```