From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pjotr Prins Subject: Re: It's time to build "guix deploy" Date: Thu, 14 Feb 2019 09:17:09 +0100 Message-ID: <20190214081709.flzmcl5ijegx7rfn@thebird.nl> References: <87k2wx6t1e.fsf@fsf.org> <87h8da5u5k.fsf@dustycloud.org> <87y36mjbjo.fsf@elephly.net> <87y36jcxxj.fsf@roquette.mug.biscuolo.net> <1550128455.8914.0@mail.riseup.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([209.51.188.92]:40572) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1guCWC-0002al-II for guix-devel@gnu.org; Thu, 14 Feb 2019 03:37:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1guCIt-0000VR-VI for guix-devel@gnu.org; Thu, 14 Feb 2019 03:23:32 -0500 Received: from mail.thebird.nl ([94.142.245.5]:59734) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1guCIt-0000UW-Op for guix-devel@gnu.org; Thu, 14 Feb 2019 03:23:31 -0500 Content-Disposition: inline In-Reply-To: <1550128455.8914.0@mail.riseup.net> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: swedebugia Cc: guix-devel On Thu, Feb 14, 2019 at 08:14:15AM +0100, swedebugia wrote: > I understand most parts of it ;) > It is a real beauty and a testiment to the power of Guix and Guile. > > actually mainenance.git is full of treasures :-) > > Berlin consists of a head node and many almost identical servers. > > AFAIU remote servers could be completely different each other for your > script to do its job, or am I missing something? So, essentially, the tools login via ssh and control guix remotely and copy files which will also work on an underlying Debian. This looks a lot like the Python automation system I used in the past with cloudbiolinux: https://github.com/pjotrp/cloudbiolinux Later I created a simple Ruby system that takes YAML files as input and runs *locally* . A remote invocation called that local system. The advantage is that is does not lean on ssh too heavily (one login required and you could move to a different client-server protocol easily - even over http). I am still using that setup today, to configure web, mail servers and home directory. The tool is here https://github.com/pjotrp/deploy An example of use for emacs is emacs.yaml: --- - copy-file: emacs: dest: .emacs mode: "400" - dir: .emacs.d: source: emacs.d recursive: true and the emacs files sit in a git directory in the same tree and get copied across running 'deploy emacs.yaml'. It is not fancy, but it works well. Of course we should not use YAML with guile ;). WISP would work fine. Note that I have used Cfengine extensively (even wrote my own clone), Also used Chef and Puppet. After all that I ended up with writing a *simple* system that does not keep track of state but simply copies files. Guix would do this better by providing transactions and isolation. I think my preferred way to do this is to copy files into the store and use guix deploy so symlink them from $HOME and /etc - i.e., a profile with another layer of symlinks. This means that when a profile goes out of scope the symlinks stop working too. They dangle, that is all, but should be easy to harvest since you know what directory you are linking in. Guix deploy runs locally on a machine and can be invoked remotely. One advantage of running locally is that it is fast and much easier to test. That would work on Debian+Guix too. Pj. PS I like the logo :) https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/hydra/berlin.scm#n50 (though not used there).