From 9fbb1915b7fccfb6746aafcd0fc6683729bfa919 Mon Sep 17 00:00:00 2001
From: teidesu <alina@tei.su>
Date: Sun, 4 Aug 2024 02:24:50 +0300
Subject: [PATCH] feat(koi): desu-deploy setup

---
 flake.lock                                 | 58 +++++++++++++++++++++-
 flake.nix                                  |  7 ++-
 hosts/koi/configuration.nix                |  5 ++
 hosts/koi/containers/bots/pcre-sub-bot.nix |  2 +-
 hosts/koi/containers/teisu.nix             |  2 +-
 ssh/desu-deploy.pub                        |  1 +
 6 files changed, 71 insertions(+), 4 deletions(-)
 create mode 100644 ssh/desu-deploy.pub

diff --git a/flake.lock b/flake.lock
index 60bf3ce..02e26d5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -43,10 +43,50 @@
         "type": "github"
       }
     },
+    "desu-deploy": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1722725362,
+        "narHash": "sha256-JKonFnKwiN7VRXhn3pUhoN6TGDoyHepWbMfVd35wTew=",
+        "owner": "teidesu",
+        "repo": "desu-deploy",
+        "rev": "a77b8e790324df51471cf40924acff9643972dfa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "teidesu",
+        "repo": "desu-deploy",
+        "rev": "a77b8e790324df51471cf40924acff9643972dfa",
+        "type": "github"
+      }
+    },
     "flake-utils": {
       "inputs": {
         "systems": "systems_2"
       },
+      "locked": {
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
+      "inputs": {
+        "systems": "systems_3"
+      },
       "locked": {
         "lastModified": 1681202837,
         "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
@@ -193,6 +233,7 @@
       "inputs": {
         "agenix": "agenix",
         "bootspec-secureboot": "bootspec-secureboot",
+        "desu-deploy": "desu-deploy",
         "home-manager": "home-manager_2",
         "nix-darwin": "nix-darwin",
         "nix-index-database": "nix-index-database",
@@ -231,9 +272,24 @@
         "type": "github"
       }
     },
+    "systems_3": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "vscode-server": {
       "inputs": {
-        "flake-utils": "flake-utils",
+        "flake-utils": "flake-utils_2",
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
diff --git a/flake.nix b/flake.nix
index 27f675f..92467aa 100755
--- a/flake.nix
+++ b/flake.nix
@@ -38,6 +38,9 @@
 
     nix-index-database.url = "github:nix-community/nix-index-database";
     nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
+
+    desu-deploy.url = "github:teidesu/desu-deploy/a77b8e790324df51471cf40924acff9643972dfa";
+    desu-deploy.inputs.nixpkgs.follows = "nixpkgs";
   };
 
   outputs =
@@ -49,6 +52,7 @@
     , bootspec-secureboot
     , home-manager
     , nix-darwin
+    , desu-deploy
     , ...
     }:
     let
@@ -94,10 +98,11 @@
     in
     {
       nixosConfigurations = {
-        koi = mkNixosSystem {
+        koi = mkNixosSystem rec {
           system = "x86_64-linux";
           modules = [
             bootspec-secureboot.nixosModules.bootspec-secureboot
+            desu-deploy.nixosModules.${system}.default
             ./hosts/koi/configuration.nix
           ];
         };
diff --git a/hosts/koi/configuration.nix b/hosts/koi/configuration.nix
index bd668bc..816961a 100755
--- a/hosts/koi/configuration.nix
+++ b/hosts/koi/configuration.nix
@@ -93,5 +93,10 @@
     item = "nofile";
     value = "8192";
   }];
+
+  services.desu-deploy = {
+    enable = true;
+    key = builtins.readFile (abs "ssh/desu-deploy.pub");
+  };
 }
 
diff --git a/hosts/koi/containers/bots/pcre-sub-bot.nix b/hosts/koi/containers/bots/pcre-sub-bot.nix
index f771c20..f6311ca 100644
--- a/hosts/koi/containers/bots/pcre-sub-bot.nix
+++ b/hosts/koi/containers/bots/pcre-sub-bot.nix
@@ -20,7 +20,7 @@ in {
   };
 
   virtualisation.oci-containers.containers.pcre-sub-bot = {
-    image = "ghcr.io/teidesu/pcre-sub-bot:sha-d010ea7@sha256:d30a1adf852f1953bb4015d55f0031a41bd65657abc4880ecd1dfcb67a77a678";
+    image = "ghcr.io/teidesu/pcre-sub-bot:latest";
     volumes = [
       "/srv/pcre-sub-bot:/app/bot-data"
     ];
diff --git a/hosts/koi/containers/teisu.nix b/hosts/koi/containers/teisu.nix
index a958526..a435e18 100644
--- a/hosts/koi/containers/teisu.nix
+++ b/hosts/koi/containers/teisu.nix
@@ -18,7 +18,7 @@ in {
   };
 
   virtualisation.oci-containers.containers.teisu = {
-    image = "ghcr.io/teidesu/tei.su:sha-e6a632c@sha256:1f6da149f278d05136155ff9faa858565dcb5ab66c429cba6839f731879fcf71";
+    image = "ghcr.io/teidesu/tei.su:latest";
     volumes = [
       "/srv/teisu:/app/.runtime"
     ];
diff --git a/ssh/desu-deploy.pub b/ssh/desu-deploy.pub
new file mode 100644
index 0000000..26134ba
--- /dev/null
+++ b/ssh/desu-deploy.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGETtDyRDYKO2O6Ip+4dGaBCHFRpPH1PSgqIShPEJAfB
\ No newline at end of file