I want to learn how to do more devops and I love Nix, so I have a new project I want to work on: automatic deployment of a website from a merged pull request, all using Nix.

I'm finding myself getting sidetracked by describing what Nix, NixOS, and Nixops are, so I'm just going to assume you've done all of the relevant reading on what those are. In short, Nix is a tool for building programs (and, perhaps a bit too confusingly, the language that build instructions are written in), NixOS is a Linux system fully administered using Nix language instructions, and Nixops is an environment deployment program for building and deploying NixOS systems to various targets like AWS or VMs. I already use all three to run my own private websites, but it's a rather manual process for getting updates deployed.

The current process is:

  1. I notice the need for a change (maybe a spelling mistake)
  2. I make a change to the source code, commit it, and push it to Github.
  3. I note the new commit (or tag a new version number) and change the instructions in nixops.
  4. I run a test build so that the shasum check against the new Github commit hash fails (I'm lazy, I know I could pre-hash this earlier but it's just easier to copy-paste it from the failed build log).
  5. I tell nixops to deploy the new system.

The process I want to get to:

  1. I notice the need for a change (maybe a spelling mistake)
  2. I make a change to the source code, commit it, and push it to Github.
  3. Since I'm ready to deploy I tag a new version number (or maybe make a merge request to merge it into a “release” branch, still not sure what the best way to go about this is).
  4. Nothing, because I want the rest of this process to be fully automated.

I know it may not be easy or even possible. It might be that I'll still need to manually update the version number and hash in some Nixops code. Nix is rather particular about no-exception enforcement of shasum checking of source code, and probably for good reason. If I can't have the system automatically deploy from a change in the source code, I want to automatically deploy from a change to the Nixops source code repo. We'll see.

Anyways, that's my goal and I hope to write another blog detailing my success or failure.