Hacker News new | ask | show | jobs
by z_zetetic_z 805 days ago
Or, you could use NixOS and just declare your systems in some text files, git commit; git push.

You build script becomes:

   while true; do

   git pull

   nixos-rebuild switch

   sleep x

   done
That's it. You can even do it remotely and push the new desired state to remote machines (and still build on the target machine, no cross compile required).

I've completely removed Ansible as a result and no more python version mismatches, no more hunting endless task yaml syntax, no more "my god ansible is slow" deplyments.
3 comments
chasil 805 days ago
Instead of saying:

  while true
You can instead say:

  while :
There is actually a /bin/true, which could involve the fork of a new process for each iteration of the loop. The form that I have shown you is guaranteed not to fork.
link
z_zetetic_z 805 days ago
Thank you sir!
link
chasil 805 days ago
You might find it interesting to know exactly what is (and is not) in the POSIX shell. The description of the colon : operator is there.

https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V...

Most of the familiar userland utilities are at that website, accessible as a (somewhat crude) Apache index:

https://pubs.opengroup.org/onlinepubs/9699919799/utilities/

Any POSIX-compliant system is required to implement the functionality described there.

link
snippy 805 days ago
Sounds interesting. Let's say the software is a web backend. Can you deploy it like this with zero downtime? So that the new version starts, new traffic goes to it, and the old version handles its active requests to completion and then shuts off.
link
z_zetetic_z 805 days ago
I don't think so, by default I think the nixos process will simply stop (probably by sending SIGINT) the service and then start it again.

But if you could have the server into 'lame duck mode' (no new connections accepted, but existing ones can finish) / gracefull shutdown and that's a blocking call (or you could poll if it's still up etc), then you could script that before the 'nixos-rebuild switch' call. Maybe sending SIGINT to the service does that already?

link
Macha 805 days ago
My current deployment method for most of my personal hosts is:

    nixos-rebuild switch --target-host x.example.com
(I still have a few Arch hosts using Ansible, but will migrate them in future)
link
z_zetetic_z 805 days ago
Yeah that's where I'm headed also, it's more reliable to push the configs rather than have them poll/pull automatically.

There's also https://github.com/zhaofengli/colmena which may be of interest to folks.

link