mirror of
https://github.com/nlewo/comin.git
synced 2026-02-02 05:41:37 +01:00
GitOps For NixOS Machines
- Go 90.5%
- Nix 9.5%
|
|
||
|---|---|---|
| .github/workflows | ||
| cmd | ||
| docs | ||
| internal | ||
| nix | ||
| default.nix | ||
| flake.lock | ||
| flake.nix | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| main.go | ||
| readme.md | ||
comin - GitOps for NixOS Machines
comin is a NixOS deployment tool operating in pull mode. Running on a machine, it periodically polls Git repositories and deploys the NixOS configuration associated to the machine.
Features
- ❄️ Git push to deploy NixOS configurations (or nix-darwin)
- 🤝 Support flake and non-flake repositories
- 🚧 Support testing branches to try changes
- 🚀 Poll multiple Git remotes to avoid SPOF
- 📮 Support machines migrations
- ⏩ Fast iterations with local remotes
- 📡 Observable via Prometheus metrics
- 📌 Create and delete system profiles
- 🔒 Optionally check Git commit signatures
Quick start
This is a basic flake.nix example:
{
inputs = {
nixpkgs.url = "github:nixOS/nixpkgs";
comin = {
url = "github:nlewo/comin";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, comin }: {
nixosConfigurations = {
myMachine = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
comin.nixosModules.comin
({
services.comin = {
enable = true;
remotes = [{
name = "origin";
url = "https://gitlab.com/your/infra.git";
branches.main.name = "main";
}];
};
})
];
};
};
};
}
This enables a systemd service, which periodically pulls the main
branch of the repository https://gitlab.com/your/infra.git and
deploys the NixOS configuration corresponding to the machine hostname
myMachine.
A new commit in the main branch of the repository
https://gitlab.com/your/infra.git is then deployed in the next 60
seconds.
Comin exposes much more options which are described in the generated documentation.