torjus/homelab-deploy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-03-09. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
95b795dcfd86b7b36045bba67e536b3a1c61dd33
homelab-deploy/internal/deploy/executor.go
Torjus Håkestad fa49e9322a feat: implement NATS-based NixOS deployment system 
Implement the complete homelab-deploy system with three operational modes:

- Listener mode: Runs on NixOS hosts as a systemd service, subscribes to
  NATS subjects with configurable templates, executes nixos-rebuild on
  deployment requests with concurrency control

- MCP mode: MCP server exposing deploy, deploy_admin, and list_hosts
  tools for AI assistants with tiered access control

- CLI mode: Manual deployment commands with subject alias support via
  environment variables

Key components:
- internal/messages: Request/response types with validation
- internal/nats: Client wrapper with NKey authentication
- internal/deploy: Executor with timeout and lock for concurrency
- internal/listener: Subject template expansion and request handling
- internal/cli: Deploy logic with alias resolution
- internal/mcp: MCP server with mcp-go integration
- nixos/module.nix: NixOS module with hardened systemd service

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-07 04:19:47 +01:00

113 lines
2.8 KiB
Go
Raw Blame History

package deploy
import (
"bytes"
"context"
"fmt"
"os/exec"
"time"
"git.t-juice.club/torjus/homelab-deploy/internal/messages"
)
// Executor handles the execution of nixos-rebuild commands.
type Executor struct {
flakeURL string
hostname string
timeout time.Duration
}
// NewExecutor creates a new deployment executor.
func NewExecutor(flakeURL, hostname string, timeout time.Duration) *Executor {
return &Executor{
flakeURL: flakeURL,
hostname: hostname,
timeout: timeout,
}
}
// Result contains the result of a deployment execution.
type Result struct {
Success bool
ExitCode int
Stdout string
Stderr string
Error error
}
// ValidateRevision checks if a revision exists in the remote repository.
// It uses git ls-remote to verify the ref exists.
func (e *Executor) ValidateRevision(ctx context.Context, revision string) error {
// Extract the base URL for git ls-remote
// flakeURL is like git+https://git.example.com/user/repo.git
// We need to strip the git+ prefix for git ls-remote
gitURL := e.flakeURL
if len(gitURL) > 4 && gitURL[:4] == "git+" {
gitURL = gitURL[4:]
}
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()
cmd := exec.CommandContext(ctx, "git", "ls-remote", "--exit-code", gitURL, revision)
var stderr bytes.Buffer
cmd.Stderr = &stderr
if err := cmd.Run(); err != nil {
if ctx.Err() == context.DeadlineExceeded {
return fmt.Errorf("timeout validating revision")
}
return fmt.Errorf("revision %q not found: %w", revision, err)
}
return nil
}
// Execute runs nixos-rebuild with the specified action and revision.
func (e *Executor) Execute(ctx context.Context, action messages.Action, revision string) *Result {
ctx, cancel := context.WithTimeout(ctx, e.timeout)
defer cancel()
// Build the flake reference: <flake-url>?ref=<revision>#<hostname>
flakeRef := fmt.Sprintf("%s?ref=%s#%s", e.flakeURL, revision, e.hostname)
cmd := exec.CommandContext(ctx, "nixos-rebuild", string(action), "--flake", flakeRef)
var stdout, stderr bytes.Buffer
cmd.Stdout = &stdout
cmd.Stderr = &stderr
err := cmd.Run()
result := &Result{
Stdout: stdout.String(),
Stderr: stderr.String(),
}
if err != nil {
result.Success = false
result.Error = err
if ctx.Err() == context.DeadlineExceeded {
result.Error = fmt.Errorf("deployment timed out after %v", e.timeout)
}
if exitErr, ok := err.(*exec.ExitError); ok {
result.ExitCode = exitErr.ExitCode()
} else {
result.ExitCode = -1
}
} else {
result.Success = true
result.ExitCode = 0
}
return result
}
// BuildCommand returns the command that would be executed (for logging/debugging).
func (e *Executor) BuildCommand(action messages.Action, revision string) string {
flakeRef := fmt.Sprintf("%s?ref=%s#%s", e.flakeURL, revision, e.hostname)
return fmt.Sprintf("nixos-rebuild %s --flake %s", action, flakeRef)
}
Reference in New Issue View Git Blame Copy Permalink