phase 4: unified CI workflow, deploy.sh wrapper, root AGENTS.md
- .gitea/workflows/deploy.yml: three jobs (mreow, yarn, muffin) sharing a single git-crypt unlock step. muffin job retains the healthcheck + ntfy success/failure notifications from the old server-config pipeline verbatim. - CI writes to /var/lib/nix-deploy/ (renamed from /var/lib/dotfiles-deploy/). The URL path /deploy/<host> is preserved; only the on-disk directory name changes. Harmonia's Caddy root is updated in Phase 6. - deploy.sh: inspects hostname, dispatches to nixos-rebuild for desktops or deploy-rs for muffin. Accepts boot/switch/test/build/muffin. - AGENTS.md: intersected rules from both repos, split into host-agnostic conventions + muffin-specific service pattern. Rewritten layout section reflects the new tree.
This commit is contained in:
primary
30
deploy.sh
Executable file
30
deploy.sh
Executable file
@@ -0,0 +1,30 @@
|
||||
#!/bin/sh
|
||||
# Wrapper around nixos-rebuild and deploy-rs for the three hosts.
|
||||
#
|
||||
# Usage:
|
||||
# ./deploy.sh # nixos-rebuild boot on current host (mreow/yarn)
|
||||
# ./deploy.sh switch # apply immediately on current host
|
||||
# ./deploy.sh test # apply without adding boot entry
|
||||
# ./deploy.sh build # build only, no activation
|
||||
# ./deploy.sh muffin # build + deploy to muffin via deploy-rs
|
||||
#
|
||||
# muffin cannot be rebuilt locally from another host — this script only issues
|
||||
# the remote deploy via deploy-rs when explicitly named.
|
||||
|
||||
set -eu
|
||||
|
||||
host="$(hostname -s)"
|
||||
arg="${1:-boot}"
|
||||
|
||||
case "$arg" in
|
||||
muffin)
|
||||
exec nix run .#deploy -- .#muffin "$@"
|
||||
;;
|
||||
boot | switch | test | build)
|
||||
exec nixos-rebuild "$arg" --flake ".#$host" --use-remote-sudo
|
||||
;;
|
||||
*)
|
||||
echo "usage: $0 [muffin | boot | switch | test | build]" >&2
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
Reference in New Issue
Block a user