!UKDpaKNNsBpOPfLWfX:zhaofeng.li

Colmena

333 Members
A simple, stateless NixOS deployment tool - https://github.com/zhaofengli/colmena118 Servers

You have reached the beginning of time (for this room).

SenderMessageTime
28 Nov 2022
@zhaofeng:zhaofeng.liZhaofeng Li

NobbZ:

For something like that it seems as if colmena build is quite practical, though at the same time it seems as if it lacks an argument to specify a single host to build. Is this indeed missing or did I miss something in the docs?

You can specify the nodes to build with colmena build --on node-name. The --on argument is a bit misleading because the build isn't (necessarily) happening "on" the node. The reason is that colmena build --on xyz is just an alias of colmena apply --on xyz build (you can pass it other goals besides build like dry-activate).

Also, it would be nice if there were appropriately named out links after a build.

This is an interesting suggestion. Currently there is --keep-result which will cause Colmena to create GC roots under the .gcroots subdirectory. When deployment.buildOnTarget is true, builds happen on the target nodes themselves, so it's not possible to create out links locally in that case. The problem with creating out links in a user-facing manner is that people will be wanting to specify the names (-o result2) or otherwise depend on the outputs for scripting purposes, a use case colmena apply UI doesn't support.

07:12:33
@zhaofeng:zhaofeng.liZhaofeng Li *

NobbZ:

For something like that it seems as if colmena build is quite practical, though at the same time it seems as if it lacks an argument to specify a single host to build. Is this indeed missing or did I miss something in the docs?

You can specify the nodes to build with colmena build --on node-name. The --on argument is a bit misleading because the build isn't (necessarily) happening "on" the node. The reason is that colmena build --on xyz is just an alias of colmena apply --on xyz build (you can pass it other goals besides build like dry-activate).

Also, it would be nice if there were appropriately named out links after a build.

This is an interesting suggestion. Currently there is --keep-result which will cause Colmena to create GC roots under the .gcroots subdirectory. When deployment.buildOnTarget is true, builds happen on the target nodes themselves, so it's not possible to create out links locally in that case. The problem with creating out links in a user-facing manner is that people will be wanting to specify the names (-o result2) or otherwise depend on the outputs for scripting purposes, a use case the colmena apply interface doesn't support (such is delegated to colmena eval).

07:13:05
@ronixx:matrix.orgroshan | byteio.in 🌷
In reply to @ronixx:matrix.org
sent an image.
{ config, pkgs, inputs, ... }:

{

  boot.isContainer = true;
  deployment = {
    targetHost = "ip"; # x86_64-linux
    targetPort = 22;
    buildOnTarget = true;
    targetUser = "nix";
    tags = [ "theDev" ];

    # keys = {
    # 	"freshrss" = "helloworld";
    # };

    keys."freshrss.secret" = {
      # Alternatively, `text` (string) or `keyFile` (path to file)
      # may be specified.
      text = "helloworld";

      # keyCommand = [ "vault" "read" "-field=env" "secret/dns01" ];

      destDir = "/run/keys"; # Default: /run/keys
      user = "nix"; # Default: root
      # group = "nginx";             # Default: root
      permissions = "0640"; # Default: 0600

      # uploadAt = "pre-activation"; # Default: pre-activation, Alternative: post-activation
      uploadAt = "post-activation";
    };
  };

  ## ---------- System Packages --------- ##
  environment.systemPackages = [
	pkgs.cowsay
  ];	

  fileSystems."/mnt/drive" = {
    device = "/dev/disk/by-id/scsi-0DO_Volume_volume-blr1-01";
    fsType = "ext4";
  };

  networking.hostName = "theDev"; # Define your hostname.

#   security.acme.acceptTerms = true;
#   security.acme.email = "email@gmail.com";

#   services.freshrss.enable = true;
#   services.freshrss.package = pkgs.freshrss;
  # services.freshrss.name = "god";
#   services.freshrss.passwordFile = "/run/keys/freshrss.secret";
#   services.freshrss.virtualHost = "freshrss";


  ## ---------- Postgresql ------------ ##
  
  services = {
	postgresql = {
		enable = true;
	};
	postgresqlBackup = {
		enable =  true;
		startAt = "*-*-* 01:15:00";
	};
  };

  ## ---------- Netdata System Monitor ------------ ##

  services.netdata = {
    enable = false;
    config = {
      global = {
        "page cache size" = 32;
        "update every" = 15;
      };
    };
  };

  ## ---------- Nginx Webserver ------------ ##

  services.nginx.enable = true;
  services.nginx.commonHttpConfig = ''
    limit_req_zone $binary_remote_addr zone=limitbyaddr:10m rate=5r/s;
    limit_req_status 429;
  '';

  services.nginx.virtualHosts = {

  };

  system.stateVersion = "22.05";

}
07:13:30
@zhaofeng:zhaofeng.liZhaofeng Li
In reply to @ronixx:matrix.org
sent an image.
The activation appears stuck, and you can use -v to get the full outputs 		07:15:26
@ronixx:matrix.orgroshan | byteio.in 🌷
In reply to @ronixx:matrix.org
sent an image.
process get stopped at this place 		07:15:28
@ronixx:matrix.orgroshan | byteio.in 🌷
In reply to @zhaofeng:zhaofeng.li
The activation appears stuck, and you can use -v to get the full outputs
not able to ssh to. Restarting my server from panel 		07:16:10

Show newer messages

Back to Room ListRoom Version: 6