feat: rework deploy scripts

feat: add update script
update
This commit is contained in:
Patrick 2024-11-14 21:44:32 +01:00
parent c6628ba634
commit 2d330b3f4a
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
10 changed files with 260 additions and 300 deletions

View file

@ -341,11 +341,11 @@
]
},
"locked": {
"lastModified": 1731060864,
"narHash": "sha256-aYE7oAYZ+gPU1mPNhM0JwLAQNgjf0/JK1BF1ln2KBgk=",
"lastModified": 1731549112,
"narHash": "sha256-c9I3i1CwZ10SoM5npQQVnfwgvB86jAS3lT4ZqkRoSOI=",
"owner": "nix-community",
"repo": "disko",
"rev": "5e40e02978e3bd63c2a6a9fa6fa8ba0e310e747f",
"rev": "5fd852c4155a689098095406500d0ae3d04654a8",
"type": "github"
},
"original": {
@ -365,11 +365,11 @@
"pyproject-nix": "pyproject-nix"
},
"locked": {
"lastModified": 1730723587,
"narHash": "sha256-3ewuvm7VB/q3sxn9vzzQ0902PlSdqKqqagr8XbC1hIo=",
"lastModified": 1731424167,
"narHash": "sha256-nKKeRwq7mxcW8cBTmPKzSg0DR/inVrtuJudVM81GISU=",
"owner": "nix-community",
"repo": "dream2nix",
"rev": "51943fca6b95cb9649236bacf5d7c8d9af4c3bec",
"rev": "44d41411686bc798876bd6d9f36a4c1143138d85",
"type": "github"
},
"original": {
@ -656,11 +656,11 @@
"systems": "systems_3"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
@ -746,11 +746,11 @@
"systems": "systems_9"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@ -1021,11 +1021,11 @@
]
},
"locked": {
"lastModified": 1731235328,
"narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
"lastModified": 1731604581,
"narHash": "sha256-Qq2YZZaDTB3FZLWU/Hgh1uuWlUBl3cMLGB99bm7rFUM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "60bb110917844d354f3c18e05450606a435d2d10",
"rev": "1d0862ee2d7c6f6cd720d6f32213fa425004be10",
"type": "github"
},
"original": {
@ -1042,11 +1042,11 @@
]
},
"locked": {
"lastModified": 1730837930,
"narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=",
"lastModified": 1731235328,
"narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2f607e07f3ac7e53541120536708e824acccfaa8",
"rev": "60bb110917844d354f3c18e05450606a435d2d10",
"type": "github"
},
"original": {
@ -1152,11 +1152,11 @@
"nixpkgs-lib": "nixpkgs-lib_3"
},
"locked": {
"lastModified": 1731240728,
"narHash": "sha256-a0xQE3cwZLMsycd9NneFC3z29E+z1PSD/ozhISM7qYQ=",
"lastModified": 1731586450,
"narHash": "sha256-upNRIVk5PmBPJ307djkiowhHOx8Dqwb5bpM4XNJH4Ek=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "807ab623e6d01e931269a28a07c59dcfd6474173",
"rev": "902e1bb3c2ae0f051ff98e4e3eac247f7e6ca392",
"type": "github"
},
"original": {
@ -1227,11 +1227,11 @@
"treefmt": "treefmt"
},
"locked": {
"lastModified": 1731305765,
"narHash": "sha256-byo8b2j2nEumZqEuHFbGzTSu+RV3ijJTshS6O2rLcxc=",
"lastModified": 1731605339,
"narHash": "sha256-O0vWXiC1pBYXgdsKbQGw0Jev8Sc6dxR9Up0NKgIeH9g=",
"owner": "yusdacra",
"repo": "nix-cargo-integration",
"rev": "b26200f7cc3a37b1b503ac67f54f52678019494f",
"rev": "1680ec3b8192fe4a0e8ca4973affcd1f4bb67de3",
"type": "github"
},
"original": {
@ -1269,11 +1269,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1731222442,
"narHash": "sha256-NGmEGvvckECifktsyJh3LK48E8fTbGhBVUWsJYIsy3s=",
"lastModified": 1731565875,
"narHash": "sha256-jN6HcMNVgWPE++8vNQIyerugFDRWG1ffFCORK/vpCUs=",
"owner": "nix-community",
"repo": "nix-eval-jobs",
"rev": "63c10ff7e65247b34b4ba057fd9e45818dbefc56",
"rev": "f2ccb7e2d80601fb43807c36f14703f2342420f3",
"type": "github"
},
"original": {
@ -1311,11 +1311,11 @@
]
},
"locked": {
"lastModified": 1731209121,
"narHash": "sha256-BF7FBh1hIYPDihdUlImHGsQzaJZVLLfYqfDx41wjuF0=",
"lastModified": 1731593150,
"narHash": "sha256-FvksinoI2Y6kuwH+cKBu1oDA8uPGfoRqgtQV6O8GDc4=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "896019f04b22ce5db4c0ee4f89978694f44345c3",
"rev": "40d882b55e89add1ded379cc99edaab24983d6d9",
"type": "github"
},
"original": {
@ -1347,11 +1347,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1729386149,
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
"lastModified": 1731200463,
"narHash": "sha256-qDaAweJjdFbVExqs8aG27urUgcgKufkIngHW3Rzustg=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "cce4521b6df014e79a7b7afc58c703ed683c916e",
"rev": "e04234d263750db01c78a412690363dc2226e68a",
"type": "github"
},
"original": {
@ -1392,11 +1392,11 @@
]
},
"locked": {
"lastModified": 1729472750,
"narHash": "sha256-s93LPHi5BN7I2xSGNAFWiYb8WRsPvT1LE9ZjZBrpFlg=",
"lastModified": 1731546190,
"narHash": "sha256-kJix8nLyFIJ3EC7VtoXK/85C4ZN2dC5oWoS8+ErehqI=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565",
"rev": "06ffce1a8d95e95c06a4bcfa117dd960b14a7101",
"type": "github"
},
"original": {
@ -1407,11 +1407,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1730919458,
"narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=",
"lastModified": 1731403644,
"narHash": "sha256-T9V7CTucjRZ4Qc6pUEV/kpgNGzQbHWfGcfK6JJLfUeI=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "e1cc1f6483393634aee94514186d21a4871e78d7",
"rev": "f6581f1c3b137086e42a08a906bdada63045f991",
"type": "github"
},
"original": {
@ -1451,11 +1451,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1731583859,
"narHash": "sha256-HXlYqQE/33AaTSWpB7YtKziEgxLW5cnpsMev28eedeM=",
"lastModified": 1731616897,
"narHash": "sha256-O66fK2J1QV018vwpoul/i2bADSvoL+cZwEYthNfk+Ak=",
"ref": "refs/heads/main",
"rev": "de9e2f573ba4f37b972bb494682c3a95e500ead0",
"revCount": 9,
"rev": "622cb26a3ed6aa8793b06978847cffb6f69d4404",
"revCount": 12,
"type": "git",
"url": "https://forge.lel.lol/patrick/nixp-meta.git"
},
@ -1625,11 +1625,11 @@
]
},
"locked": {
"lastModified": 1731242021,
"narHash": "sha256-t8PNNvBTY4DDNraDk9U6D6G0LqtF78bnvEAHOuG0ZVM=",
"lastModified": 1731608824,
"narHash": "sha256-xgZXKFs3T3Dgh8sliDh2JiovxK/p9TjLh31QLYqBOwg=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "7fbb5864f499098e5ea9731d487dbbafa3fe9922",
"rev": "3c3ed8497a8e6b51bdd2d464928f35dd0e9a9419",
"type": "github"
},
"original": {
@ -1656,11 +1656,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1731139594,
"narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
"lastModified": 1731319897,
"narHash": "sha256-PbABj4tnbWFMfBp6OcUK5iGy1QY+/Z96ZcLpooIbuEI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
"rev": "dc460ec76cbff0e66e269457d7b728432263166c",
"type": "github"
},
"original": {
@ -1704,11 +1704,11 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1730785428,
"narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=",
"lastModified": 1731319897,
"narHash": "sha256-PbABj4tnbWFMfBp6OcUK5iGy1QY+/Z96ZcLpooIbuEI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7",
"rev": "dc460ec76cbff0e66e269457d7b728432263166c",
"type": "github"
},
"original": {
@ -1720,11 +1720,11 @@
},
"nixpkgs_7": {
"locked": {
"lastModified": 1723221148,
"narHash": "sha256-7pjpeQlZUNQ4eeVntytU3jkw9dFK3k1Htgk2iuXjaD8=",
"lastModified": 1730958623,
"narHash": "sha256-JwQZIGSYnRNOgDDoIgqKITrPVil+RMWHsZH1eE1VGN0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "154bcb95ad51bc257c2ce4043a725de6ca700ef6",
"rev": "85f7e662eda4fa3a995556527c87b2524b691933",
"type": "github"
},
"original": {
@ -1765,11 +1765,11 @@
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
"lastModified": 1731155487,
"narHash": "sha256-+D57j7BcV5O3XH9za3c3XXVLHr+F+enThAN2EeF6H/M=",
"lastModified": 1731537511,
"narHash": "sha256-MV0J2A+UM+oOQDfcrz9yLWH5Poo7K0ya+FE3uF8wV2U=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "31364af1990067d5529846a2ebf17a42c5ab22ff",
"rev": "ccae4350d0657e45a0203c16b1121a72285984f2",
"type": "github"
},
"original": {
@ -1945,11 +1945,11 @@
"nixpkgs-stable": "nixpkgs-stable_4"
},
"locked": {
"lastModified": 1730814269,
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "d70155fdc00df4628446352fc58adc640cd705c2",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
@ -1968,11 +1968,11 @@
"nixpkgs-stable": "nixpkgs-stable_5"
},
"locked": {
"lastModified": 1730814269,
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "d70155fdc00df4628446352fc58adc640cd705c2",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
@ -2086,11 +2086,11 @@
]
},
"locked": {
"lastModified": 1731292155,
"narHash": "sha256-fYVoUUtSadbOrH0z0epVQDsStBDS/S/fAK//0ECQAAI=",
"lastModified": 1731551344,
"narHash": "sha256-wr8OOqgw7M1pWfe4W7WA5lErzOVMg3zvrrxx/dy/nPo=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "7c4cd99ed7604b79e8cb721099ac99c66f656b3a",
"rev": "27570abfd3461875f11fc07c9b01c141a6332b4f",
"type": "github"
},
"original": {
@ -2147,11 +2147,11 @@
]
},
"locked": {
"lastModified": 1731212123,
"narHash": "sha256-z7BcNt3Z6xozfRC+ldgMPFM4RmNjeCbJWZgcnQeAdRM=",
"lastModified": 1731557792,
"narHash": "sha256-iJFS4r7Xq/kQhNBjpJWSEFxIT64n/0yrWJacXrGBUZY=",
"owner": "Gerg-l",
"repo": "spicetify-nix",
"rev": "9c3f1ef622b7b82a01936bdbd75ea4c5891ee4d1",
"rev": "f3d47cf8367147ed057e55e47999f1fbabbb77a0",
"type": "github"
},
"original": {

View file

@ -32,8 +32,16 @@
];
commands = [
{
package = pkgs.deploy;
help = "build and deploy nix configurations";
package = pkgs.scripts.deploy;
help = "deploy nix configurations";
}
{
package = pkgs.scripts.build;
help = "build nix configurations";
}
{
package = pkgs.scripts.update;
help = "update nix configurations";
}
{
package = pkgs.nixfmt-rfc-style;

View file

@ -1,41 +0,0 @@
diff --git a/pkgs/applications/misc/bambu-studio/default.nix b/pkgs/applications/misc/bambu-studio/default.nix
index 481f365717064..82b6de9391b79 100644
--- a/pkgs/applications/misc/bambu-studio/default.nix
+++ b/pkgs/applications/misc/bambu-studio/default.nix
@@ -1,9 +1,6 @@
{
stdenv,
lib,
- openexr,
- jemalloc,
- c-blosc,
binutils,
fetchFromGitHub,
cmake,
@@ -55,17 +52,6 @@ let
"--enable-debug=no"
];
});
-
- openvdb' = openvdb.overrideAttrs (old: {
- buildInputs = [
- openexr
- boost179
- tbb_2021_11
- jemalloc
- c-blosc
- ilmbase
- ];
- });
in
stdenv.mkDerivation rec {
pname = "bambu-studio";
@@ -111,7 +97,7 @@ stdenv.mkDerivation rec {
mpfr
nlopt
opencascade-occt_7_6
- openvdb'
+ openvdb
pcre
tbb_2021_11
webkitgtk_4_0

View file

@ -4,7 +4,6 @@ _inputs: [
zsh-histdb-skim = prev.callPackage ./zsh-histdb-skim.nix { };
zsh-histdb = prev.callPackage ./zsh-histdb.nix { };
pr-tracker = prev.callPackage ./pr-tracker.nix { };
deploy = prev.callPackage ./deploy.nix { };
signal-to-blog = prev.callPackage ./signal-to-blog.nix { };
minion = prev.callPackage ./minion.nix { };
mongodb-bin = prev.callPackage ./mongodb-bin.nix { };

View file

@ -1,176 +0,0 @@
{
symlinkJoin,
writeShellApplication,
nvd,
nix-output-monitor,
}:
let
deploy = writeShellApplication {
name = "deploy";
text = ''
set -euo pipefail
function die { echo "error: $*" >&2; exit 1;}
function show_help() {
echo ' Usage: deploy [OPTIONS] <system[@host],...> [ACTION]'
echo ' Deploy a system as defined in the current flakes nixosSystem'
echo ' If host is not given use the system name as host'
echo ""
echo 'ACTION:'
echo ' switch [default] build, push and switch to the new configuration'
echo ' boot switch on next boot'
echo ' test switch to config but do not make it the boot default'
echo ' dry-activate just show what an activation would do'
echo ""
echo 'OPTIONS:'
echo ' --help show this help menu'
}
USER_FLAKE_DIR=$(git rev-parse --show-toplevel 2>/dev/null || pwd) \
|| die "Could not determine current directory"
cd "$USER_FLAKE_DIR"
[[ $# -gt 0 ]] || {
show_help
exit 1
}
OPTIONS=()
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
"help"|"--help"|"-h")
show_help
exit 1
;;
-*)
OPTIONS+=("$1")
;;
*)
POSITIONAL_ARGS+=("$1")
esac
shift
done
[[ ! ''${#POSITIONAL_ARGS[@]} -lt 1 ]] \
|| die "Missing argument: <hosts,...>"
[[ ! ''${#POSITIONAL_ARGS[@]} -gt 2 ]] \
|| die "Too many arguments"
shopt -s lastpipe
tr , '\n' <<< "''${POSITIONAL_ARGS[0]}" | sort -u | readarray -t HOSTS
ACTION="''${POSITIONAL_ARGS[1]-switch}"
function main() {
local system
local host
if [[ $1 == *"@"* ]]; then
arr=()
echo -n "$1" | readarray -d "@" -t arr
system="''${arr[0]}"
host="root@''${arr[1]}"
else
system=$1
host=$system
fi
local config
config=".#nixosConfigurations.$system.config.system.build.toplevel"
local top_level
exec > >(trap "" INT TERM; sed "s/^/$system: /")
exec 2> >(trap "" INT TERM; sed "s/^/$system: /" >&2)
top_level=$(nix build --no-link --print-out-paths "''${OPTIONS[@]}" "$config" || die "Failed building derivation for $system" )
echo -e "Copying toplevel for \033[0;32m$system\033[0m"
nix copy --to "ssh://$host" "$top_level" \
|| die "Failed copying closure to $system"
echo -e "Applying toplevel for \033[0;32m$system\033[0m"
(
prev_system=$(ssh "$host" -- readlink -e /nix/var/nix/profiles/system)
ssh "$host" -- /run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set "$top_level" \
|| die "Error registering toplevel $system"
ssh "$host" -- "$top_level/bin/switch-to-configuration" "$ACTION" \
|| die "Error activating toplevel for $system"
if [[ -n "$prev_system" ]]; then
ssh "$host" -- ${nvd}/bin/nvd --color always diff "$prev_system" "$top_level"
fi
)
}
echo -e "Building toplevels for \033[0;32m''${#HOSTS[*]} hosts\033[0m"
for host in "''${HOSTS[@]}"; do
main "$host" &
done
wait
'';
};
build = writeShellApplication {
name = "build";
text = ''
set -euo pipefail
function die { echo "error: $*" >&2; exit 1;}
function show_help() {
echo ' Usage: build [OPTIONS] <host,...>'
echo 'Build the toplevel nixos configuration for hosts'
}
USER_FLAKE_DIR=$(git rev-parse --show-toplevel 2>/dev/null || pwd) \
|| die "Could not determine current directory"
cd "$USER_FLAKE_DIR"
[[ $# -gt 0 ]] || {
show_help
exit 1
}
OPTIONS=()
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
"help"|"--help"|"-h")
show_help
exit 1
;;
-*)
OPTIONS+=("$1")
;;
*)
POSITIONAL_ARGS+=("$1")
;;
esac
shift
done
[[ ! ''${#POSITIONAL_ARGS[@]} -lt 1 ]] \
|| die "Missing argument: <hosts,...>"
[[ ! ''${#POSITIONAL_ARGS[@]} -gt 1 ]] \
|| die "Too many arguments"
shopt -s lastpipe
tr , '\n' <<< "''${POSITIONAL_ARGS[0]}" | sort -u | readarray -t HOSTS
NIXOS_CONFIGS=()
for host in "''${HOSTS[@]}"; do
NIXOS_CONFIGS+=(".#nixosConfigurations.$host.config.system.build.toplevel")
done
echo -e "Building toplevels for \033[0;32m''${#HOSTS[*]} hosts\033[0m"
${nix-output-monitor}/bin/nom build --print-out-paths --no-link "''${OPTIONS[@]}" "''${NIXOS_CONFIGS[@]}" \
|| die "Failed building derivations"
'';
};
in
symlinkJoin {
name = "deploy and build";
paths = [
deploy
build
];
}

55
pkgs/scripts/build.sh Normal file
View file

@ -0,0 +1,55 @@
set -euo pipefail
function die {
echo "error: $*" >&2
exit 1
}
function show_help() {
echo ' Usage: build [OPTIONS] <host,...>'
echo 'Build the toplevel nixos configuration for hosts'
}
USER_FLAKE_DIR=$(git rev-parse --show-toplevel 2>/dev/null || pwd) ||
die "Could not determine current directory"
cd "$USER_FLAKE_DIR"
[[ $# -gt 0 ]] || {
show_help
exit 1
}
OPTIONS=()
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
"help" | "--help" | "-h")
show_help
exit 1
;;
-*)
OPTIONS+=("$1")
;;
*)
POSITIONAL_ARGS+=("$1")
;;
esac
shift
done
[[ ! ''${#POSITIONAL_ARGS[@]} -lt 1 ]] ||
die "Missing argument: <hosts,...>"
[[ ! ''${#POSITIONAL_ARGS[@]} -gt 1 ]] ||
die "Too many arguments"
shopt -s lastpipe
tr , '\n' <<<"''${POSITIONAL_ARGS[0]}" | sort -u | readarray -t HOSTS
NIXOS_CONFIGS=()
for host in "''${HOSTS[@]}"; do
NIXOS_CONFIGS+=(".#nixosConfigurations.$host.config.system.build.toplevel")
done
echo -e "Building toplevels for \033[0;32m''${#HOSTS[*]} hosts\033[0m"
nom build --print-out-paths --no-link "${OPTIONS[@]}" "${NIXOS_CONFIGS[@]}" ||
die "Failed building derivations"

View file

@ -1,7 +1,24 @@
_final: prev: {
scripts = {
usbguardw = prev.callPackage ./usbguardw.nix { };
clone-term = prev.callPackage ./clone-term.nix { };
impermanence-o = prev.callPackage ./impermanence-orphan.nix { };
deploy = prev.writeShellApplication {
name = "deploy";
runtimeInputs = [ prev.nvd ];
text = builtins.readFile ./deploy.sh;
};
build = prev.writeShellApplication {
name = "build";
runtimeInputs = [ prev.nix-output-monitor ];
text = builtins.readFile ./build.sh;
};
update = prev.writeShellApplication {
name = "update";
runtimeInputs = [ ];
text = ''
nix flake update
nixp-meta update-prs
'';
};
};
}

107
pkgs/scripts/deploy.sh Normal file
View file

@ -0,0 +1,107 @@
set -euo pipefail
function die {
echo "error: $*" >&2
exit 1
}
function show_help() {
echo ' Usage: deploy [OPTIONS] <system[@host],...> [ACTION]'
echo ' Deploy a system as defined in the current flakes nixosSystem'
echo ' If host is not given use the system name as host'
echo ""
echo 'ACTION:'
echo ' switch [default] build, push and switch to the new configuration'
echo ' boot switch on next boot'
echo ' test switch to config but do not make it the boot default'
echo ' dry-activate just show what an activation would do'
echo ""
echo 'OPTIONS:'
echo ' --help show this help menu'
}
USER_FLAKE_DIR=$(git rev-parse --show-toplevel 2>/dev/null || pwd) ||
die "Could not determine current directory"
cd "$USER_FLAKE_DIR"
[[ $# -gt 0 ]] || {
show_help
exit 1
}
OPTIONS=()
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
"help" | "--help" | "-h")
show_help
exit 1
;;
-*)
OPTIONS+=("$1")
;;
*)
POSITIONAL_ARGS+=("$1")
;;
esac
shift
done
[[ ! ''${#POSITIONAL_ARGS[@]} -lt 1 ]] ||
die "Missing argument: <hosts,...>"
[[ ! ''${#POSITIONAL_ARGS[@]} -gt 2 ]] ||
die "Too many arguments"
shopt -s lastpipe
tr , '\n' <<<"''${POSITIONAL_ARGS[0]}" | sort -u | readarray -t HOSTS
ACTION="''${POSITIONAL_ARGS[1]-switch}"
function main() {
local system
local host
if [[ $1 == *"@"* ]]; then
arr=()
echo -n "$1" | readarray -d "@" -t arr
system="''${arr[0]}"
host="root@''${arr[1]}"
else
system=$1
host=$system
fi
local config
config=".#nixosConfigurations.$system.config.system.build.toplevel"
local top_level
exec > >(
trap "" INT TERM
sed "s/^/$system: /"
)
exec 2> >(
trap "" INT TERM
sed "s/^/$system: /" >&2
)
top_level=$(nix build --no-link --print-out-paths "${OPTIONS[@]}" "$config" || die "Failed building derivation for $system")
echo -e "Copying toplevel for \033[0;32m$system\033[0m"
nix copy --to "ssh://$host" "$top_level" ||
die "Failed copying closure to $system"
echo -e "Applying toplevel for \033[0;32m$system\033[0m"
(
prev_system=$(ssh "$host" -- readlink -e /nix/var/nix/profiles/system)
ssh "$host" -- /run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set "$top_level" ||
die "Error registering toplevel $system"
ssh "$host" -- "$top_level/bin/switch-to-configuration" "$ACTION" ||
die "Error activating toplevel for $system"
if [[ -n "$prev_system" ]]; then
ssh "$host" -- nvd --color always diff "$prev_system" "$top_level"
fi
)
}
echo -e "Building toplevels for \033[0;32m''${#HOSTS[*]} hosts\033[0m"
for host in "''${HOSTS[@]}"; do
main "$host" &
done
wait

View file

@ -1,8 +0,0 @@
{ writeShellApplication }:
writeShellApplication {
name = "usguardw";
text = ''
set -euo pipefail
printenv
'';
}

1
pr.txt
View file

@ -1,2 +1 @@
355216 # nixos/kanidm: allow origin url ending without slash
354038