From 37b15f461a21d6556369e6c1399b820dc187812e Mon Sep 17 00:00:00 2001
From: Malte Brandy <malte.brandy@maralorn.de>
Date: Sun, 10 Jan 2021 21:03:55 +0100
Subject: [PATCH] Various improvements

---
 nix/sources.nix                       |  5 ++-
 nixos/machines/hera/configuration.nix |  1 -
 nixos/roles/laminar/bump-config.hs    | 36 ++++++++++++++++++
 nixos/roles/laminar/default.nix       |  6 +--
 nixos/roles/laminar/test-config.hs    | 53 +++++++++++++++++++++++++++
 nixos/roles/laminar/test-config.nix   | 46 +++++++++++++++--------
 nixos/roles/test-timer.nix            | 34 -----------------
 overlays/pkgSets.nix                  |  2 +-
 overlays/testing.nix                  | 34 -----------------
 overlays/writeHaskellScript.nix       |  2 +-
 10 files changed, 129 insertions(+), 90 deletions(-)
 create mode 100644 nixos/roles/laminar/bump-config.hs
 create mode 100644 nixos/roles/laminar/test-config.hs
 delete mode 100644 nixos/roles/test-timer.nix

diff --git a/nix/sources.nix b/nix/sources.nix
index b796fffa..1938409d 100644
--- a/nix/sources.nix
+++ b/nix/sources.nix
@@ -98,7 +98,10 @@ let
       saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
       ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
     in
-      if ersatz == "" then drv else ersatz;
+      if ersatz == "" then drv else
+        # this turns the string into an actual Nix path (for both absolute and
+        # relative paths)
+        if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
 
   # Ports of functions for older nix versions
 
diff --git a/nixos/machines/hera/configuration.nix b/nixos/machines/hera/configuration.nix
index e26b5b1b..73d29d1a 100644
--- a/nixos/machines/hera/configuration.nix
+++ b/nixos/machines/hera/configuration.nix
@@ -7,7 +7,6 @@ in {
   imports = [
     ./hardware-configuration.nix
     ../../roles
-    ../../roles/test-timer.nix
     ../../roles/standalone
     ../../roles/server
     ../../roles/git.nix
diff --git a/nixos/roles/laminar/bump-config.hs b/nixos/roles/laminar/bump-config.hs
new file mode 100644
index 00000000..a9e16aec
--- /dev/null
+++ b/nixos/roles/laminar/bump-config.hs
@@ -0,0 +1,36 @@
+{-# LANGUAGE TemplateHaskell #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE ExtendedDefaultRules #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# LANGUAGE ScopedTypeVariables #-}
+{-# LANGUAGE FlexibleContexts #-}
+{-# LANGUAGE QuasiQuotes #-}
+{-# OPTIONS_GHC -Wall -Werror -Wno-missing-signatures -Wno-type-defaults -Wno-orphans #-}
+
+import System.Environment
+import           Data.String.Interpolate
+import qualified          Data.Text as Text
+import           Language.Haskell.TH
+import           Language.Haskell.TH.Syntax
+import           Relude
+import           Shh
+import Say
+
+load Absolute ["git", "niv"]
+paths :: [Text]
+paths =
+  $$(liftTyped . mapMaybe (\x -> foldr (<|>) Nothing $ (\bin -> Text.stripSuffix [i|/#{bin}|] $ toText x) <$> ["git", "tar", "nix-prefetch-url", "gzip"])=<< runIO pathBinsAbs)
+
+repo = "git@hera.m-0.eu:nixos-config"
+
+main = do
+  git "clone" repo "."
+  setEnv "PATH" . toString $ Text.intercalate ":" paths
+  ignoreFailure $ niv "update"
+  changed <- (mempty /=) <$> (git "status" "--porcelain" |> captureTrim)
+  when changed  $ do
+    git "config" "user.email" "maralorn@maralorn.de"
+    git "config" "user.name"  "maralorn (nix-auto-updater)"
+    git "commit" "-am"        "Update dependencies with niv"
+    git "push" "-f" "origin" "HEAD:niv-bump"
+  unless changed $ say "No updates in any niv source. Doing nothing."
diff --git a/nixos/roles/laminar/default.nix b/nixos/roles/laminar/default.nix
index 8e9d760f..2490b030 100644
--- a/nixos/roles/laminar/default.nix
+++ b/nixos/roles/laminar/default.nix
@@ -47,14 +47,14 @@ in {
         ${pkgs.utillinux}/bin/flock -w 10 100
         trap 'rm -f ${stateDir}/matrix-lock' EXIT
         ${pkgs.matrix-commander}/bin/matrix-commander -c ${stateDir}/matrix-credentials.json -s ${stateDir}/matrix-secrets-store <<EOF
-        $JOB #$RUN: $RESULT https://ci.m-0.eu/jobs/$JOB/$RUN
+        $JOB #$RUN: $BRANCH$DERIVATION $RESULT https://ci.m-0.eu/jobs/$JOB/$RUN
         $(if [[ $RESULT == "failed" ]]; then echo -e 'maralorn'; ${pkgs.curl}/bin/curl -m5 -s $LAMINAR_URL/log/$JOB/$RUN | tail; fi)
         EOF
         fi
-        true
+        echo "Result was: $RESULT"
       '';
       contexts = {
-        "default.conf" = builtins.toFile "default.conf" "EXECUTORS=16";
+        "default.conf" = builtins.toFile "default.conf" "EXECUTORS=32";
       };
     };
     users = {
diff --git a/nixos/roles/laminar/test-config.hs b/nixos/roles/laminar/test-config.hs
new file mode 100644
index 00000000..f508b4b5
--- /dev/null
+++ b/nixos/roles/laminar/test-config.hs
@@ -0,0 +1,53 @@
+{-# LANGUAGE DeriveAnyClass #-}
+{-# LANGUAGE TupleSections #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE QuasiQuotes #-}
+{-# LANGUAGE TemplateHaskell #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE ExtendedDefaultRules #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# LANGUAGE ScopedTypeVariables #-}
+{-# LANGUAGE FlexibleContexts #-}
+{-# OPTIONS_GHC -Wall -Werror -Wno-missing-signatures -Wno-type-defaults -Wno-orphans #-}
+
+import           Control.Concurrent.Async
+import           Data.String.Interpolate
+import           Data.Text                      ( stripPrefix )
+import           Language.Haskell.TH.Syntax
+import           Relude
+import           Say
+import           Shh
+import           System.Environment
+
+load Absolute ["laminarc", "git"]
+
+repo = "git@hera.m-0.eu:nixos-config"
+
+jobs :: [String]
+jobs = $$(liftTyped =<< runIO (do
+   homes <- getEnv "HOMES"
+   systems <- getEnv "SYSTEMS"
+   let ret =((\x -> [i|system-config-#{x}|]) <$> (words . toText) systems)
+          <> ((\x -> [i|home-config-#{x}|]) <$> (words . toText) homes)
+   say [i|Found jobs #{ret}|]
+   pure ret
+  ))
+
+deployCommand :: String
+deployCommand = $$(liftTyped =<< runIO (getEnv "DEPLOY"))
+
+main = do
+  let process = fromMaybe "master" . (stripPrefix "refs/heads/" . toText =<<)
+  branch <- process <$> lookupEnv "BRANCH"
+  say [i|Starting builds of branch #{branch} for all systems.|]
+  mapConcurrently_ (\x -> laminarc ["run", x, [i|BRANCH=#{branch}|]]) jobs
+  say [i|Builds succeeded.|]
+  when (branch == "master") $ do
+     say [i|Deploying new config to localhost.|]
+     exe "/run/wrappers/bin/sudo" deployCommand
+  when (branch == "niv-bump") $ do
+     say [i|Merging branch niv-bump into master.|]
+     git "clone" repo "."
+     git "checkout" "master"
+     git "merge" "origin/niv-bump"
+     git "push"
diff --git a/nixos/roles/laminar/test-config.nix b/nixos/roles/laminar/test-config.nix
index 1f3770f4..8b5a9b67 100644
--- a/nixos/roles/laminar/test-config.nix
+++ b/nixos/roles/laminar/test-config.nix
@@ -7,8 +7,7 @@ let
     export NIX_PATH="/etc/nix-path:nixos-config=/etc/nixos/configuration.nix"
   '';
   checkout = ''
-    git clone git@hera.m-0.eu:nixos-config config --config advice.detachedHead=false
-    cd config
+    git clone git@hera.m-0.eu:nixos-config . --config advice.detachedHead=false
     REPODIR=`pwd`
     git checkout origin/$BRANCH
     cd /var/cache/gc-links
@@ -41,27 +40,44 @@ let
       ${pkgs.test-system-config}/bin/test-system-config $REPODIR ${host}
     '';
   });
+  deployCommand = "${let user = "maralorn";
+  in pkgs.writeShellScript "deploy-system-config" ''
+    /run/wrappers/bin/sudo -u ${user} git -C /etc/nixos pull --ff-only
+    /run/wrappers/bin/sudo -u ${user} git -C /etc/nixos submodule update --init
+    /var/cache/gc-links/result-system-hera/bin/switch-to-configuration switch
+    /run/wrappers/bin/sudo -u ${user} /var/cache/gc-links/result-home-manager-hera/default/activate
+  ''}";
 in {
   services.laminar.cfgFiles.jobs = {
-    "test-config.run" = pkgs.writeShellScript "test-config.run" ''
-      ${common}
-      if [[ "$BRANCH" == "refs/heads/master" ]]; then
-        ${pkgs.test-config}/bin/test-config
-        /run/wrappers/bin/sudo ${update-config}
-      fi
-    '';
-    "bump-and-test-config.run" =
-      pkgs.writeShellScript "bump-and-test-config.run" ''
-        ${common}
-        ${pkgs.test-config}/bin/test-config bump
-      '';
+    "test-config.run" = pkgs.writeHaskell "test-config" {
+      libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
+      ghcEnv = {
+        HOMES = lib.concatStringsSep " " homes;
+        SYSTEMS = lib.concatStringsSep " " systems;
+        DEPLOY = deployCommand;
+        PATH = "${lib.makeBinPath [ pkgs.laminar pkgs.git ]}:$PATH";
+      };
+      ghcArgs = [ "-threaded" ];
+    } (builtins.readFile ./test-config.hs);
+    "bump-config.run" = pkgs.writeHaskell "bump-config" {
+      libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
+      ghcEnv.PATH = "${lib.makeBinPath [ pkgs.git pkgs.niv pkgs.nix ]}:$PATH";
+      ghcArgs = [ "-threaded" ];
+    } (builtins.readFile ./bump-config.hs);
   } // lib.listToAttrs (map mkHomeJob homes)
     // lib.listToAttrs (map mkSystemJob homes);
   security.sudo.extraRules = [{
     commands = [{
-      command = "${update-config}";
+      command = deployCommand;
       options = [ "NOPASSWD" ];
     }];
     users = [ "laminar" ];
   }];
+  systemd.services.bump-config = {
+    startAt = "03:45";
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.laminar}/bin/laminarc queue bump-config";
+    };
+  };
 }
diff --git a/nixos/roles/test-timer.nix b/nixos/roles/test-timer.nix
deleted file mode 100644
index 4f75205a..00000000
--- a/nixos/roles/test-timer.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{ pkgs, config, lib, ... }:
-let user = "maralorn";
-in {
-  systemd.services = {
-    update-config = {
-      path = [ pkgs.git pkgs.nix pkgs.git-crypt ];
-      restartIfChanged = false;
-      unitConfig.X-StopOnRemoval = false;
-      serviceConfig = {
-        Type = "oneshot";
-        Restart = "on-failure";
-        RestartSec = 1;
-      };
-      unitConfig = {
-        StartLimitIntervalSec = 180;
-        StartLimitBurst = 3;
-      };
-      script = ''
-        /run/wrappers/bin/sudo -u ${user} git -C /etc/nixos pull --ff-only
-        /run/wrappers/bin/sudo -u ${user} git -C /etc/nixos submodule update --init
-        /var/cache/gc-links/result-system-hera/bin/switch-to-configuration switch
-        /run/wrappers/bin/sudo -u ${user} /var/cache/gc-links/result-home-manager-hera/default/activate
-      '';
-    };
-
-    bump-and-test-config = {
-      startAt = "03:45";
-      serviceConfig = {
-        Type = "oneshot";
-        ExecStart = "${pkgs.laminar}/bin/laminarc queue bump-and-test-config";
-      };
-    };
-  };
-}
diff --git a/overlays/pkgSets.nix b/overlays/pkgSets.nix
index 75dec3a2..e0e6e7f2 100644
--- a/overlays/pkgSets.nix
+++ b/overlays/pkgSets.nix
@@ -52,7 +52,7 @@ self: super: {
     inherit (self) ledger jali aqbanking;
   };
   system-pkgs = self.core-system-pkgs // self.extra-system-pkgs // {
-    inherit (self) test-system-config test-home-config test-config;
+    inherit (self) test-system-config test-home-config;
     home-manager =
       self.callPackage "${self.sources.${self.home-manager-channel}}/home-manager" { };
   };
diff --git a/overlays/testing.nix b/overlays/testing.nix
index 32900c29..a7ba7882 100644
--- a/overlays/testing.nix
+++ b/overlays/testing.nix
@@ -31,38 +31,4 @@ in {
     inherit bins;
     inherit imports;
   } (haskellBody "home" ''paths ++ [[i|#{configDir}/home-manager/target.nix|], "-A", hostname]'' "[i|result-home-manager-#{hostname}|]");
-
-  test-config = self.writeHaskellScript {
-    name = "test-config";
-    bins = [
-      self.test-system-config
-      self.test-home-config
-      self.git
-      self.niv.bin
-      self.git-crypt
-      self.laminar
-    ];
-    imports = [ "System.Directory (withCurrentDirectory)" ];
-  } ''
-    main = do
-      bump <- maybe False (== "bump") . listToMaybe <$> getArgs
-      git "clone" "${repoSrc}" "config"
-      withCurrentDirectory "config" $ do
-        when bump $ ignoreFailure $ niv "update"
-        changed <- (mempty /=) <$> (git "status" "--porcelain" |> captureTrim)
-        when changed $ do
-          git "config" "user.email" "maralorn@maralorn.de"
-          git "config" "user.name" "maralorn (nix-auto-updater)"
-          git "commit" "-am" "Update dependencies with niv"
-          git "push" "-f" "origin" "HEAD:niv-bump"
-        let branch = if bump then "niv-bump" else "master"
-        concurrently_
-          (mapConcurrently_ (\x -> laminarc ["run", [i|system-config-#{x}|], [i|BRANCH=#{branch}|]]) ${
-            self.haskellList systems
-          })
-          (mapConcurrently_ (\x -> laminarc ["run", [i|home-config-#{x}|], [i|BRANCH=#{branch}|]]) ${
-            self.haskellList homes
-          })
-        when changed $ git "push" "origin" "master:master"
-  '';
 }
diff --git a/overlays/writeHaskellScript.nix b/overlays/writeHaskellScript.nix
index 1d1bd1a0..f225847e 100644
--- a/overlays/writeHaskellScript.nix
+++ b/overlays/writeHaskellScript.nix
@@ -19,7 +19,7 @@ in {
         cp $contentPath ${filename}.hs
         ${
           lib.concatStringsSep " "
-          (lib.mapAttrsToList (key: val: "${key}=${val}") ghcEnv)
+          (lib.mapAttrsToList (key: val: ''${key}="${val}"'') ghcEnv)
         } ${ghc.withPackages (_: libraries)}/bin/ghc ${
           lib.escapeShellArgs ghcArgs
         } ${filename}.hs