hostinfo: save version to file for extraction

2023-06-21 20:37:03 +01:00 · 2023-06-21 20:37:03 +01:00 · 4e2fc5cdbd
commit 4e2fc5cdbd
parent 3881a0a287
2 changed files with 69 additions and 11 deletions
--- a/modules/common/hostinfo.nix
+++ b/modules/common/hostinfo.nix
@ -9,13 +9,58 @@ in
  };

  config = lib.mkIf cfg.enable {
-    services.caddy = {
-      enable = true;
+    systemd.services.hostinfo = {
+      description = "Expose hostinfo over HTTP.";

-      virtualHosts.":30653".extraConfig = ''
-        respond /nixos/system/configurationRevision ${config.system.configurationRevision} 200
-        respond 404
-      '';
+      wantedBy = [ "multi-user.target" ];
+
+      script = "${pkgs.writers.writePerl "hostinfo" {
+        libraries = with pkgs; [
+          perl536Packages.HTTPDaemon
+        ];
+      } ''
+        use v5.10;
+        use warnings;
+        use strict;
+
+        use HTTP::Daemon;
+        use HTTP::Status;
+
+        my $d = HTTP::Daemon->new(LocalPort => 30653) || die;
+        while (my $c = $d->accept) {
+          while (my $r = $c->get_request) {
+            if ($r->method eq 'GET') {
+              given ($r->uri->path) {
+                when ('/current/nixos/system/configurationRevision') {
+                  $c->send_file_response("/nix/var/nix/gcroots/current-system/etc/flake-version");
+                }
+                when ('/booted/nixos/system/configurationRevision') {
+                  $c->send_file_response("/nix/var/nix/gcroots/booted-system/etc/flake-version");
+                }
+                default {
+                  $c->send_error(404);
+                }
+              }
+            } else {
+              $c->send_error(RC_FORBIDDEN);
+            }
+          }
+          $c->close;
+          undef($c);
+        }
+      ''}";
+
+      serviceConfig = {
+        DynamicUser = true;
+        Restart = "always";
+      };
+    };
+
+    environment.etc = {
+      flake-version = {
+        source = builtins.toFile "flake-version" "${config.system.configurationRevision}";
+        mode = "0444";
+      };
    };

    networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 30653 ];
--- a/modules/services/version_tracker.nix
+++ b/modules/services/version_tracker.nix
@ -52,13 +52,26 @@ in
            hostname=''${path##*/}
            if test -f "hosts/$hostname/darwin"; then continue; fi

-            if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/nixos/system/configurationRevision); then
-                echo "$hostname: $rev"
-                if ! ${git}/bin/git tag -f "live/$hostname" $rev; then
+            if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/current/nixos/system/configurationRevision); then
+                echo "$hostname: $rev (current)"
+                if ${git}/bin/git tag -f "current/$hostname" "$rev"; then
+                    ${git}/bin/git push -f origin "current/$hostname"
+                else
                    echo "WARNING: $hostname points to invalid ref!"
-                    continue
                fi
-                ${git}/bin/git push -f origin "live/$hostname"
+                
+            else
+                echo "$hostname: failed to reach"
+            fi
+
+            if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/booted/nixos/system/configurationRevision); then
+                echo "$hostname: $rev (booted)"
+                if ${git}/bin/git tag -f "booted/$hostname" "$rev"; then
+                    ${git}/bin/git push -f origin "booted/$hostname"
+                else
+                    echo "WARNING: $hostname points to invalid ref!"
+                fi
+                
            else
                echo "$hostname: failed to reach"
            fi