.gitignore

@@ -1,4 +1,3 @@
 .direnv
 .pre-commit-config.yaml
 result
-.manifests

applyset-deploy.sh

@@ -2,31 +2,12 @@
 
 set -euo pipefail
 
-CREATE_LOCAL_GCROOT=false
-
-while [[ "$#" -gt 0 ]]; do
-	case "$1" in
-	--help)
-		echo "Use --create-local-gcroot to create local GC root"
-		exit 0
-		;;
-	--create-local-gcroot)
-		CREATE_LOCAL_GCROOT=true
-		shift
-		;;
-	*)
-		echo "Unknown option: $1"
-		exit 1
-		;;
-	esac
-done
-
 first_server="${SERVERS%% *}"
 previous_manifest=$(
 	envsubst <<EOF | ssh -T "root@$first_server"
-        if [[ -f "$GCROOTDIR/$NAME.yml" ]]; then
+if [[ -f "$GCROOTDIR/$NAME.yml" ]]; then
-                cat "$GCROOTDIR/$NAME.yml"
+	cat "$GCROOTDIR/$NAME.yml"
-        fi
+fi
 EOF
 )
 
@@ -47,6 +28,7 @@ echo Uploading closure...
 for server in $SERVERS; do
 	echo Uploading closure to "$server"...
 	nix copy --to "ssh://root@$server.dmz" "$MANIFEST"
+	ssh "root@$server.dmz" "mkdir -p $GCROOTDIR && ln -sf $MANIFEST $GCROOTDIR/${NAME}.yml"
 done
 
 echo Applying Kubernetes manifest...
@@ -56,13 +38,3 @@ vals eval -fail-on-missing-key-in-map <"$MANIFEST" |
 		--prune \
 		--applyset applyset-"$NAME" \
 		--namespace "$NAMESPACE"
-
-echo Creating GC roots
-for server in $SERVERS; do
-	ssh "root@$server.dmz" "mkdir -p $GCROOTDIR && ln -sf $MANIFEST $GCROOTDIR/${NAME}.yml"
-done
-
-if $CREATE_LOCAL_GCROOT; then
-	mkdir -p ./.manifests
-	ln -sf "$MANIFEST" "./.manifests/${NAME}.yml"
-fi

globals.nix

@@ -1,7 +1,7 @@
 {servers, ...}: let
   globals = {
     images = {
-      jellyfin = "jellyfin/jellyfin:10.10.5";
+      jellyfin = "jellyfin/jellyfin:10.10.4";
       atuin = "ghcr.io/atuinsh/atuin:18.4.0";
       postgres14 = "postgres:14";
       kms = "teddysun/kms:latest";

kubenix.nix

@@ -8,7 +8,7 @@ inputs @ {
 flake-utils.lib.eachDefaultSystem
 (system: let
   pkgs = nixpkgs.legacyPackages.${system};
-  inherit (pkgs) lib;
+  lib = pkgs.lib;
   deployScript = (pkgs.writeScriptBin "applyset-deploy.sh" (builtins.readFile ./applyset-deploy.sh)).overrideAttrs (old: {
     buildCommand = "${old.buildCommand}\npatchShebangs $out";
   });