add requireExplicitUpdate option for mobile devices
This commit is contained in:
parent
531a899817
commit
6fe6229498
|
@ -101,16 +101,6 @@ $ clan config --machine my-machine clan.networking.targetHost root@host_or_ip
|
|||
_Note: The use of `root@` in the target address implies SSH access as the root user.
|
||||
Ensure that the root login is secured and only used when necessary._
|
||||
|
||||
### Setting the Build Host
|
||||
|
||||
If the machine does not have enough resources to run the NixOS evaluation or build itself,
|
||||
it is also possible to specify a build host instead.
|
||||
During an update, the cli will ssh into the build host and run `nixos-rebuild` from there.
|
||||
|
||||
```shellSession
|
||||
$ clan config --machine my-machine clan.networking.buildHost root@host_or_ip
|
||||
```
|
||||
|
||||
### Updating Machine Configurations
|
||||
|
||||
Execute the following command to update the specified machine:
|
||||
|
@ -124,3 +114,25 @@ You can also update all configured machines simultaneously by omitting the machi
|
|||
```shellSession
|
||||
$ clan machines update
|
||||
```
|
||||
|
||||
### Setting a Build Host
|
||||
|
||||
If the machine does not have enough resources to run the NixOS evaluation or build itself,
|
||||
it is also possible to specify a build host instead.
|
||||
During an update, the cli will ssh into the build host and run `nixos-rebuild` from there.
|
||||
|
||||
```shellSession
|
||||
$ clan config --machine my-machine clan.networking.buildHost root@host_or_ip
|
||||
```
|
||||
|
||||
### Excluding a machine from `clan machine update`
|
||||
|
||||
To exclude machines from beeing updated when running `clan machines update` without any machines specified,
|
||||
one can set the `clan.deployment.requireExplicitUpdate` option to true:
|
||||
|
||||
|
||||
```shellSession
|
||||
$ clan config --machine my-machine clan.deployment.requireExplicitUpdate true
|
||||
```
|
||||
|
||||
This is useful for machines that are not always online or are not part of the regular update cycle.
|
||||
|
|
|
@ -1,38 +1,53 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
options.clan.networking = {
|
||||
targetHost = lib.mkOption {
|
||||
description = ''
|
||||
The target SSH node for deployment.
|
||||
options.clan = {
|
||||
networking = {
|
||||
targetHost = lib.mkOption {
|
||||
description = ''
|
||||
The target SSH node for deployment.
|
||||
|
||||
By default, the node's attribute name will be used.
|
||||
If set to null, only local deployment will be supported.
|
||||
By default, the node's attribute name will be used.
|
||||
If set to null, only local deployment will be supported.
|
||||
|
||||
format: user@host:port&SSH_OPTION=SSH_VALUE
|
||||
examples:
|
||||
- machine.example.com
|
||||
- user@machine2.example.com
|
||||
- root@example.com:2222&IdentityFile=/path/to/private/key
|
||||
'';
|
||||
default = null;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
format: user@host:port&SSH_OPTION=SSH_VALUE
|
||||
examples:
|
||||
- machine.example.com
|
||||
- user@machine2.example.com
|
||||
- root@example.com:2222&IdentityFile=/path/to/private/key
|
||||
'';
|
||||
default = null;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
};
|
||||
buildHost = lib.mkOption {
|
||||
description = ''
|
||||
The build SSH node where nixos-rebuild will be executed.
|
||||
|
||||
If set to null, the targetHost will be used.
|
||||
|
||||
format: user@host:port&SSH_OPTION=SSH_VALUE
|
||||
examples:
|
||||
- machine.example.com
|
||||
- user@machine2.example.com
|
||||
- root@example.com:2222&IdentityFile=/path/to/private/key
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
buildHost = lib.mkOption {
|
||||
description = ''
|
||||
The build SSH node where nixos-rebuild will be executed.
|
||||
|
||||
If set to null, the targetHost will be used.
|
||||
deployment = {
|
||||
requireExplicitUpdate = lib.mkOption {
|
||||
description = ''
|
||||
Do not update this machine when running `clan machines update` without any machines specified.
|
||||
|
||||
format: user@host:port&SSH_OPTION=SSH_VALUE
|
||||
examples:
|
||||
- machine.example.com
|
||||
- user@machine2.example.com
|
||||
- root@example.com:2222&IdentityFile=/path/to/private/key
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
This is useful for machines that are not always online or are not part of the regular update cycle.
|
||||
'';
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
imports = [
|
||||
(lib.mkRenamedOptionModule [ "clan" "networking" "deploymentAddress" ] [ "clan" "networking" "targetHost" ])
|
||||
];
|
||||
|
|
|
@ -31,6 +31,13 @@
|
|||
the hostname of the target host to be deployed to
|
||||
'';
|
||||
};
|
||||
deployment.requireExplicitUpdate = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
if true, the deployment will not be updated automatically.
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
secretsUploadDirectory = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
|
@ -73,6 +80,7 @@
|
|||
system.clan.deployment.data = {
|
||||
inherit (config.system.clan) secretsModule secretsData;
|
||||
inherit (config.clan.networking) targetHost buildHost;
|
||||
inherit (config.clan.deployment) requireExplicitUpdate;
|
||||
inherit (config.clanCore) secretsUploadDirectory;
|
||||
};
|
||||
system.clan.deployment.file = pkgs.writeText "deployment.json" (builtins.toJSON config.system.clan.deployment.data);
|
||||
|
|
|
@ -151,6 +151,9 @@ def get_all_machines(clan_dir: Path) -> HostGroup:
|
|||
hosts = []
|
||||
ignored_machines = []
|
||||
for name, machine_data in machines.items():
|
||||
if machine_data.get("requireExplicitUpdate", False):
|
||||
continue
|
||||
|
||||
machine = Machine(name=name, flake=clan_dir, deployment_info=machine_data)
|
||||
try:
|
||||
hosts.append(machine.build_host)
|
||||
|
|
Loading…
Reference in New Issue
Block a user