deployerbot: use vpn for actual deploying anyway

2023-09-20 14:43:04 +03:00 · 2023-09-20 14:43:04 +03:00 · 21e96199bb
parent dba036a102
commit 21e96199bb
3 changed files with 5 additions and 7 deletions
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@ -89,7 +89,7 @@ in {
          enable = true;
          uidgid = myData.uidgid.updaterbot-deployee;
          publicKey = myData.hosts."vno1-oh2.servers.jakst".publicKey;
-          sshAllowSubnets = with myData.subnets; [tailscale.sshPattern vno1.sshPattern];
+          sshAllowSubnets = with myData.subnets; [tailscale.sshPattern];
        };
      };
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@ -189,7 +189,7 @@
          deployIfPresent = [
            {
              derivationTarget = ".#fwminex";
-              altHostname = myData.hosts."fwminex.motiejus.jakst".vno1IP;
+              pingTarget = myData.hosts."fwminex.motiejus.jakst".vno1IP;
            }
          ];
        };
--- a/modules/services/deployerbot/default.nix
+++ b/modules/services/deployerbot/default.nix
@ -2,20 +2,18 @@
  config,
  lib,
  pkgs,
  myData,
  ...
 }: let
  cfg = config.mj.services.deployerbot;
  mkOptional = {
    derivationTarget,
-    altHostname,
+    pingTarget,
  }: ''
-    if ${pkgs.inetutils}/bin/ping -c 1 ${altHostname}; then
+    if ${pkgs.inetutils}/bin/ping -c 1 ${pingTarget}; then
      ${pkgs.deploy-rs}/bin/deploy \
        --ssh-opts="-i ''${CREDENTIALS_DIRECTORY}/ssh-key" \
        --ssh-user=deployerbot-follower \
        --confirm-timeout 60 \
        --hostname ${altHostname} \
        --targets ${derivationTarget} -- \
          --accept-flake-config
    fi
@ -29,7 +27,7 @@ in {
        {...}: {
          options = {
            derivationTarget = lib.mkOption {type = str;};
-            altHostname = lib.mkOption {type = str;};
+            pingTarget = lib.mkOption {type = str;};
          };
        }
      ));