Add a section on Nix, Nixos and related tools #30
2 changed files with 66 additions and 10 deletions
BIN
_git.tar.gz
(Stored with Git LFS)
BIN
_git.tar.gz
(Stored with Git LFS)
Binary file not shown.
|
@ -157,19 +157,66 @@ Since these systems share a base config (with tehir individual applications laye
|
||||||
Combine that with teh ability to deploy them via our own selfhosted CI/CD we have a strong foundation to work off of.
|
Combine that with teh ability to deploy them via our own selfhosted CI/CD we have a strong foundation to work off of.
|
||||||
|
|
||||||
## How we use it
|
## How we use it
|
||||||
### Requirements
|
Nix cannot run on Windows, though it cna be installed into WSL.
|
||||||
{add warnign that git and git-lfs should also need to be in teh path}
|
Please refer to the below downloads to get a base system up and running
|
||||||
|
|
||||||
### Download
|
* [Git][git_git]
|
||||||
|
* As we are using a git repo this is a hard requirement.
|
||||||
|
* [Git LFS][git_lfs]
|
||||||
|
* For storing non text files such as images.
|
||||||
|
* [Nix][nix_install]
|
||||||
|
* Cant really use nix without thi installed.
|
||||||
|
|
||||||
|
### Dev Shell
|
||||||
|
After cloning the repo use ``nix develop`` to set up a terminal shell with the environment for working with Skynet NixOS.
|
||||||
|
It (currently) adds [Colmena][dev_colmena], [Agenix][dev_agenix] and [Attic][dev_attic].
|
||||||
|
|
||||||
|
Another example of a dev shell can be [our discord bot][dev_discord-bot].
|
||||||
|
This one sets up a rust enviroment.
|
||||||
|
|
||||||
|
Of course you can also look at the dev shell for this [wiki][dev_wiki].
|
||||||
|
For the wiki we need to ensure that the dependencies for building it are present for all users so tehy dont have to figure out how to manually install them.
|
||||||
|
|
||||||
### Colmena
|
### Colmena
|
||||||
#### Local
|
[Colmena][dev_colmena] is our build and deployment tool.
|
||||||
##### Building
|
|
||||||
|
|
||||||
##### Repl
|
Building is pretty easy, just run ``colmena build``.
|
||||||
|
Downside of that command is it will try to build everything all at once which is a *lot*.
|
||||||
|
A more practical approach is to build a single server or a group of servers.
|
||||||
|
```shell
|
||||||
|
# build the Skynet server, names cna be found in teh flake.nix
|
||||||
|
colmena build --on skynet
|
||||||
silver marked this conversation as resolved
Outdated
|
|||||||
|
|
||||||
#### Deployment
|
# build a group of servers, in this case any one with teh tag of active-core
|
||||||
|
colmena build --on @active-core
|
||||||
|
```
|
||||||
|
|
||||||
|
To be able to deploy to Skynet two things are required.
|
||||||
|
* Be on teh UL network
|
||||||
|
* This can also be accomplished by being on the VPN.
|
||||||
|
* Have an ssh key configured that can access the servers
|
||||||
|
* TLDR be an admin.
|
||||||
|
|
||||||
|
### Agenix
|
||||||
|
[Agenix][dev_agenix] is our secrets manager.
|
||||||
|
To be able to use this tool your pub ssh key must be in ``secrets/secrets.nix``.
|
||||||
|
As you would expect this is an admin only tool.
|
||||||
|
This file also defines the names and permissions for each secret.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# have to be in teh secrets folder for all these commands.
|
||||||
|
cd secrets
|
||||||
|
|
||||||
|
# edit the secret
|
||||||
|
agenix -e path/to/secret.age
|
||||||
|
|
||||||
|
# re-key all secrets, this is done when a new key is added or removed.
|
||||||
|
agenix -r
|
||||||
|
```
|
||||||
|
|
||||||
|
### Attic
|
||||||
|
[Attic][dev_attic] is teh tool that we use for our nix cache (hosted at <vhttps://nix-cache.skynet.ie/>).
|
||||||
|
It is not often it is used by the dev and its own [documentation][dev_attic_docs] covers it best.
|
||||||
|
|
||||||
|
|
||||||
silver marked this conversation as resolved
Outdated
esy
commented
the dev -> the dev shell? the dev -> the dev shell?
silver
commented
developer developer
|
|||||||
|
|
||||||
|
@ -183,4 +230,13 @@ Combine that with teh ability to deploy them via our own selfhosted CI/CD we hav
|
||||||
[nix_lix]: https://lix.systems/
|
[nix_lix]: https://lix.systems/
|
||||||
[nix_lix_about]: https://lix.systems/about/
|
[nix_lix_about]: https://lix.systems/about/
|
||||||
[skynet_disconnect]: https://public.skynet.ie/postmortem/2023-01-12_Loss-of-network-access.html
|
[skynet_disconnect]: https://public.skynet.ie/postmortem/2023-01-12_Loss-of-network-access.html
|
||||||
[skynet_disconnect_reenactment]: https://forgejo.skynet.ie/Computer_Society/presentations_compsoc/media/branch/main/src/slides/skynet/0_intro_img1.png
|
[skynet_disconnect_reenactment]: https://forgejo.skynet.ie/Computer_Society/presentations_compsoc/media/branch/main/src/slides/skynet/0_intro_img1.png
|
||||||
|
[git_git]: https://git-scm.com/downloads
|
||||||
|
[git_lfs]: https://git-lfs.com/
|
||||||
|
[nix_install]: https://nixos.org/download/
|
||||||
|
[dev_colmena]: https://colmena.cli.rs/unstable/
|
||||||
|
[dev_agenix]: https://github.com/ryantm/agenix
|
||||||
|
[dev_attic]: https://github.com/zhaofengli/attic
|
||||||
|
[dev_attic_docs]: https://docs.attic.rs/introduction.html
|
||||||
|
[dev_discord-bot]: https://forgejo.skynet.ie/Skynet/discord-bot/src/commit/80c9191eeec29ba20ef4084713eca7fe0cab7412/flake.nix#L65
|
||||||
|
[dev_wiki]: https://forgejo.skynet.ie/Skynet/wiki/src/commit/ab0add44756d4992fc2b2da4eba163016ccb3d1c/flake.nix#L35
|
||||||
|
|
Loading…
Reference in a new issue
cna -> can