├── .gitattributes ├── .gitignore ├── README.md ├── manage ├── nixpkgs-version.nix ├── nixpkgs-version.sh └── nixpkgs.nix /.gitattributes: -------------------------------------------------------------------------------- 1 | *.nixops binary filter=git-crypt diff=git-crypt 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.nixops-* 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | A NixOps Wrapper for Git\* Projects 2 | ================================= 3 | 4 | \* The dependency on Git is only one line and could easily be removed/replaced for your needs. 5 | 6 | This tool is a simple wrapper around [NixOps](http://nixos.org/nixops/). The goal is to make 7 | it easier to use NixOps when you want to share your deployment state between members of a team. 8 | 9 | To achieve this, this wrapper gives every deployment as a separate state file which is placed 10 | in the same directory as this script. The files have the `.nixops` extension. 11 | 12 | You are expected to keep these files in version control. It's also *highly* recommended that you 13 | use a tool like [git-crypt](https://www.agwa.name/projects/git-crypt/) to keep them encrypted with 14 | this entry in `.gitattributes`: 15 | 16 | ``` 17 | *.nixops binary filter=git-crypt diff=git-crypt 18 | ``` 19 | 20 | This tool also enforces a per-repository version of Nixpkgs via a `nixpkgs-version.sh` file in the 21 | same directory as the script. This ensures that all users have a consistent version of NixOps and 22 | deploy a consistent set of packages to servers. 23 | 24 | Most commands work identically to NixOps. However, instead of specifying deployments with 25 | the `--deployment/-d` flag, you select a deployment in the first argument. In other words, instead 26 | of the normal NixOps usage of 27 | 28 | ```shell 29 | nixops deploy -d stage --check # Normal nixops usage. 30 | ``` 31 | 32 | You'd run: 33 | 34 | ```shell 35 | ./manage stage deploy --check # Manage script usage. 36 | ``` 37 | 38 | This assume there is a file `./stage.nixops` where this state is being stored. 39 | 40 | Use `./manage --help` to see normal NixOps help. 41 | Use `./manage {deployment} .shell` to open a Nix shell where the environment is set up to use 42 | `nixops` directly with the same behavior as running `./manage` commands. 43 | -------------------------------------------------------------------------------- /manage: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # A NixOps Wrapper for Git Projects 4 | # --------------------------------- 5 | # 6 | # Repo: https://github.com/grafted-in/nixops-manager 7 | # 8 | # This tool is a simple wrapper around NixOps. The goal is to make it easier to use NixOps when you 9 | # want to share your deployment state between members of a team. 10 | # 11 | # To achieve this, this wrapper gives every deployment as a separate state file which is placed 12 | # in the same directory as this script. The files have the `.nixops` extension. 13 | # 14 | # You are expected to keep these files in version control. It's also *highly* recommended that you 15 | # use a tool like git-crypt to keep them encrypted with this entry in .gitattributes: 16 | # 17 | # *.nixops binary filter=git-crypt diff=git-crypt 18 | # 19 | # This tool also enforces a per-repository version of Nixpkgs via a `nixpkgs-version.sh` file in the 20 | # same directory as the script. This ensures that all users have a consistent version of NixOps and 21 | # deploy a consistent set of packages to servers. 22 | # 23 | # Most commands work identically to NixOps. However, instead of specifying deployments with 24 | # the `--deployment/-d` flag, you select a deployment in the first argument. In other words, instead 25 | # of the normal NixOps usage of 26 | # 27 | # nixops deploy -d stage --check # Normal nixops usage. 28 | # 29 | # You'd run: 30 | # 31 | # ./manage stage deploy --check # Manage script usage. 32 | # 33 | # This assume there is a file ./stage.nixops where this state is being stored. 34 | # 35 | # Use `./manage --help` to see normal NixOps help. 36 | # Use `./manage {deployment} .shell` to open a Nix shell where the environment is set up to use 37 | # `nixops` directly with the same behavior as running `./manage` commands. 38 | 39 | set -e 40 | 41 | # Check for Nix tools. 42 | command -v nix-shell >/dev/null 2>&1 || { 43 | nix_profile="$HOME/.nix-profile/etc/profile.d/nix.sh" 44 | if [ -e "$nix_profile" ]; then 45 | source "$nix_profile" 46 | else 47 | >&2 echo "Failed to find 'nix-shell' on PATH or a Nix profile to load. Have you installed Nix?" 48 | exit 1 49 | fi 50 | } 51 | 52 | here=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) 53 | repo_root=$(cd "$here" && git rev-parse --show-toplevel) # Use Git to find repo root. 54 | 55 | deployment="$1" 56 | command="$2" 57 | state_file="$here/${deployment}.nixops" 58 | 59 | source "$here/nixpkgs-version.sh" 60 | 61 | export NIX_PATH=nixpkgs="$nixpkgs_snapshot":"$repo_root":. 62 | export NIXOPS_STATE="$state_file" 63 | export NIXOPS_DEPLOYMENT="$deployment" 64 | 65 | withNixops="nix-shell -p $nixops_version --run" 66 | 67 | # Arg list trick: 68 | # https://stackoverflow.com/questions/3104209 69 | # ARGS=$(printf "%q"" " "$@") 70 | 71 | if [[ $deployment == --* ]]; then 72 | ARGS=$(printf "%q"" " "$@") 73 | $withNixops "nixops $ARGS" 74 | exit $? 75 | elif [ "$command" == ".shell" ]; then 76 | nix-shell -p "$nixops_version" 77 | elif [ ! -e "$state_file" ] && [ "$command" != "create" ]; then 78 | >&2 echo "You're trying to use a deployment that doesn't exist yet. Try running $0 $deployment create" 79 | exit 1 80 | elif [ -e "$state_file" ] && [ "$command" == "create" ]; then 81 | >&2 echo "You're trying to create a deployment that already exists." 82 | exit 1 83 | else 84 | ARGS=$(printf "%q"" " "${@:2}") 85 | $withNixops "nixops $ARGS" 86 | fi -------------------------------------------------------------------------------- /nixpkgs-version.nix: -------------------------------------------------------------------------------- 1 | # Check out different Nixpkgs channels here: 2 | # * http://howoldis.herokuapp.com/ 3 | # * https://nixos.org/channels/ 4 | # 5 | # To upgrade: 6 | # 1. Choose a channel and click on it. 7 | # 2. Get the URL of the `nixexprs.tar.xz` file for the channel. 8 | # 4. Paste the URL below for `url`. 9 | # 5. Get SHA256 hash of URL contents with `nix-prefetch-url --unpack `. 10 | 11 | { 12 | url = "https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/nixpkgs-17.03pre101896.4a524cf/nixexprs.tar.xz"; 13 | sha256 = "1wrm9k0plpzz0wi94ry1xv1v3aq4vs20v5dzxv4azn4i8vhf7wmg"; 14 | } 15 | -------------------------------------------------------------------------------- /nixpkgs-version.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | here=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) 4 | 5 | nixpkgs_snapshot=$(eval echo "$(nix-instantiate --eval -E "(import \"$here/nixpkgs-version.nix\").url")") 6 | export nixpkgs_snapshot 7 | export nixops_version="nixops" 8 | 9 | # Or you can use a more recent build of nixops: 10 | #if [ "$(uname)" == "Darwin" ]; then 11 | # export nixops_version="/nix/store/1gy62jcxjc09n9gk0ns4qk3d9b9kcda7-nixops-1.5pre2121_fc43d9c" 12 | #else 13 | # export nixops_version="/nix/store/d553achr2pvh6p8838a4shbhjpp5d6s6-nixops-1.5pre2121_fc43d9c" 14 | #fi 15 | # 16 | #if [ ! -d "$nixops_version" ]; then 17 | # nix-store -r "$nixops_version" 18 | #fi 19 | -------------------------------------------------------------------------------- /nixpkgs.nix: -------------------------------------------------------------------------------- 1 | # Import this instead of to get the repo-specific version of nixpkgs. 2 | 3 | import ((import {}).fetchzip (import ./nixpkgs-version.nix)) 4 | --------------------------------------------------------------------------------