chore(ops): move archivist machine to ops and contrib

contrib/ gets the clickhouse patching, the bucket log parsing code and the awscli setup and shell. ops/ gets the machine config itself. Change-Id: If8b8f8cce5ca9c2b4d19e17be9a8b895ac35e84a Reviewed-on: https://cl.snix.dev/c/snix/+/30163 Autosubmit: Florian Klink <flokli@flokli.de> Tested-by: besadii Reviewed-by: Ryan Lahfa <masterancpp@gmail.com>
2025-03-19 23:42:36 +00:00 · 2025-03-19 23:42:36 +00:00 · ae4d967288
commit ae4d967288
parent c3de9e21eb
14 changed files with 21 additions and 40 deletions
--- a/users/flokli/archivist/OWNERS
+++ b/users/flokli/archivist/OWNERS
--- a/users/flokli/archivist/README.md
+++ b/users/flokli/archivist/README.md
@ -2,7 +2,7 @@
 This directory contains various scripts and helpers used for nix-archivist tasks.
-It's used from some of the archivist EC2 instance, as well as standalone.
+It's used from the archivist EC2 instance, as well as standalone.
 ## AWS Profile setup
 There's 2 AWS Accounts, reachable via the nixos.awsapps.com SSO portal.
@ -14,7 +14,7 @@ This is assuming the `archeologist` AWS role in the main NixOS account.
 This is a separate AWS Account, only for the archivist project. We can assume
 `AWSAdministratorAccess` in there.
-## Machine
+## archivist-ec2 Machine
 The `archivist-ec2` machine currently is deployed in the main NixOS account.
 It regularly processes S3 bucket logs and dumps them in parquet format into
--- a/users/flokli/archivist/default.nix
+++ b/users/flokli/archivist/default.nix
@ -35,7 +35,6 @@ depot.nix.readTree.drvTargets {
      --prefix PATH : ${pkgs.lib.makeBinPath [ clickhouseLocalFixedAWS ]}
  '';
  # A shell, by default pointing us to the archivist SSO profile / account by default.
  shell = pkgs.mkShell {
    name = "archivist-shell";
--- a/users/flokli/archivist/parse_bucket_logs.rs
+++ b/users/flokli/archivist/parse_bucket_logs.rs
--- a/ops/machines/all-systems.nix
+++ b/ops/machines/all-systems.nix
@ -1,6 +1,8 @@
 { depot, ... }:
 (with depot.ops.machines; [
  # Archivist EC2 machine
  archivist-ec2
  # Gerrit instance
  gerrit01
  # Public-facing services
--- a/users/flokli/nixos/archivist-ec2/OWNERS
+++ b/users/flokli/nixos/archivist-ec2/OWNERS
--- a/users/flokli/nixos/archivist-ec2/configuration.nix
+++ b/users/flokli/nixos/archivist-ec2/configuration.nix
@ -1,9 +1,13 @@
-{ depot, pkgs, modulesPath, ... }:
+{ depot, pkgs, ... }: # readTree options
 { modulesPath, ... }: # passed by module system
 let
  mod = name: depot.path.origSrc + ("/ops/modules/" + name);
 in
 {
  imports = [
    "${modulesPath}/virtualisation/amazon-image.nix"
-    ../profiles/archivist.nix
+    (mod "archivist.nix")
  ];
  nixpkgs.hostPlatform = "x86_64-linux";
@ -14,7 +18,7 @@
  };
  systemd.services.parse-bucket-logs = {
-    path = [ depot.users.flokli.archivist.parse-bucket-logs ];
+    path = [ depot.contrib.archivist.parse-bucket-logs ];
    serviceConfig = {
      Type = "oneshot";
      ExecStart = (pkgs.writers.writePython3 "parse-bucket-logs-continuously"
@ -27,7 +31,7 @@
  };
  environment.systemPackages = [
-    depot.users.flokli.archivist.parse-bucket-logs
+    depot.contrib.archivist.parse-bucket-logs
  ];
  networking.hostName = "archivist-ec2";
--- a/users/flokli/nixos/archivist-ec2/hardware-configuration.nix
+++ b/users/flokli/nixos/archivist-ec2/hardware-configuration.nix
--- a/users/flokli/nixos/archivist-ec2/parse-bucket-logs-continuously.py
+++ b/users/flokli/nixos/archivist-ec2/parse-bucket-logs-continuously.py
--- a/users/flokli/nixos/profiles/archivist.nix
+++ b/users/flokli/nixos/profiles/archivist.nix
--- a/ops/nixos.nix
+++ b/ops/nixos.nix
@ -58,10 +58,18 @@ in rec {
  '';
  # Systems that should be built in CI
  archivistEC2System = nixosFor depot.ops.machines.archivist-ec2;
  gerrit01System = nixosFor depot.ops.machines.gerrit01;
  public01System = nixosFor depot.ops.machines.public01;
  build01System = nixosFor depot.ops.machines.build01;
  meta01System = nixosFor depot.ops.machines.meta01;
  nixosSnixCache = nixosFor depot.ops.machines.snix-cache;
-  meta.ci.targets = [ "gerrit01System" "public01System" "build01System" "meta01System" ];
+
  meta.ci.targets = [
    "archivistEC2System"
    "gerrit01System"
    "public01System"
    "build01System"
    "meta01System"
  ];
 }
--- a/users/flokli/OWNERS
+++ b/users/flokli/OWNERS
@ -1 +0,0 @@
 set noparent
--- a/users/flokli/nixos/.skip-subtree
+++ b/users/flokli/nixos/.skip-subtree
--- a/users/flokli/nixos/default.nix
+++ b/users/flokli/nixos/default.nix
@ -1,31 +0,0 @@
 { depot, pkgs, ... }:
 let
  # assumes `name` is configured appropriately in your .ssh/config
  deployScript = name: sys: pkgs.writeShellScriptBin "deploy-${name}" ''
    set -eo pipefail
    nix-copy-closure --to ${name} --gzip --use-substitutes ${sys}
    ssh ${name} nix-env --profile /nix/var/nix/profiles/system --set ${sys}
    ssh ${name} ${sys}/bin/switch-to-configuration switch
  '';
 in
 depot.nix.readTree.drvTargets rec {
  archivistEc2System = (depot.ops.nixos.nixosFor ({ ... }: {
    imports = [
      ./archivist-ec2/configuration.nix
    ];
  })).config.system.build.toplevel;
  deploy-archivist-ec2 = (deployScript "archivist-ec2" archivistEc2System);
  deps = (depot.nix.lazy-deps {
    deploy-archivist-ec2.attr = "users.flokli.nixos.deploy-archivist-ec2";
    aws.attr = "third_party.nixpkgs.awscli";
  });
  shell = pkgs.mkShell {
    name = "flokli-nixos-shell";
    packages = [ deps ];
  };
 }