From 4e2fc5cdbd90955d797c1dd3cab7b2e394dafbd8 Mon Sep 17 00:00:00 2001 From: Jake Hillion Date: Wed, 21 Jun 2023 20:37:03 +0100 Subject: [PATCH] hostinfo: save version to file for extraction --- modules/common/hostinfo.nix | 57 +++++++++++++++++++++++++--- modules/services/version_tracker.nix | 23 ++++++++--- 2 files changed, 69 insertions(+), 11 deletions(-) diff --git a/modules/common/hostinfo.nix b/modules/common/hostinfo.nix index 6541856..b7536dc 100644 --- a/modules/common/hostinfo.nix +++ b/modules/common/hostinfo.nix @@ -9,13 +9,58 @@ in }; config = lib.mkIf cfg.enable { - services.caddy = { - enable = true; + systemd.services.hostinfo = { + description = "Expose hostinfo over HTTP."; - virtualHosts.":30653".extraConfig = '' - respond /nixos/system/configurationRevision ${config.system.configurationRevision} 200 - respond 404 - ''; + wantedBy = [ "multi-user.target" ]; + + script = "${pkgs.writers.writePerl "hostinfo" { + libraries = with pkgs; [ + perl536Packages.HTTPDaemon + ]; + } '' + use v5.10; + use warnings; + use strict; + + use HTTP::Daemon; + use HTTP::Status; + + my $d = HTTP::Daemon->new(LocalPort => 30653) || die; + while (my $c = $d->accept) { + while (my $r = $c->get_request) { + if ($r->method eq 'GET') { + given ($r->uri->path) { + when ('/current/nixos/system/configurationRevision') { + $c->send_file_response("/nix/var/nix/gcroots/current-system/etc/flake-version"); + } + when ('/booted/nixos/system/configurationRevision') { + $c->send_file_response("/nix/var/nix/gcroots/booted-system/etc/flake-version"); + } + default { + $c->send_error(404); + } + } + } else { + $c->send_error(RC_FORBIDDEN); + } + } + $c->close; + undef($c); + } + ''}"; + + serviceConfig = { + DynamicUser = true; + Restart = "always"; + }; + }; + + environment.etc = { + flake-version = { + source = builtins.toFile "flake-version" "${config.system.configurationRevision}"; + mode = "0444"; + }; }; networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 30653 ]; diff --git a/modules/services/version_tracker.nix b/modules/services/version_tracker.nix index 2cd7320..dc88c26 100644 --- a/modules/services/version_tracker.nix +++ b/modules/services/version_tracker.nix @@ -52,13 +52,26 @@ in hostname=''${path##*/} if test -f "hosts/$hostname/darwin"; then continue; fi - if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/nixos/system/configurationRevision); then - echo "$hostname: $rev" - if ! ${git}/bin/git tag -f "live/$hostname" $rev; then + if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/current/nixos/system/configurationRevision); then + echo "$hostname: $rev (current)" + if ${git}/bin/git tag -f "current/$hostname" "$rev"; then + ${git}/bin/git push -f origin "current/$hostname" + else echo "WARNING: $hostname points to invalid ref!" - continue fi - ${git}/bin/git push -f origin "live/$hostname" + + else + echo "$hostname: failed to reach" + fi + + if rev=$(${curl}/bin/curl -s --connect-timeout 15 http://$hostname:30653/booted/nixos/system/configurationRevision); then + echo "$hostname: $rev (booted)" + if ${git}/bin/git tag -f "booted/$hostname" "$rev"; then + ${git}/bin/git push -f origin "booted/$hostname" + else + echo "WARNING: $hostname points to invalid ref!" + fi + else echo "$hostname: failed to reach" fi