xin/deploy

133 lines
3.2 KiB
Plaintext
Raw Normal View History

2022-08-25 12:21:35 -06:00
#!/usr/bin/env sh
. ./common.sh
trap error INT TERM
2022-09-03 06:35:01 -06:00
start
2022-08-25 12:21:35 -06:00
rebuild() {
host="$(resolveAlias $1)"
skip_check=$2
msg "Rebuilding: ${host}"
if ! tsAlive $host; then
msg "can't reach ${host}.. skipping.."
return
fi
hostVersion=$(${SSH} root@${host} 'nixos-version --json | jq -r .configurationRevision')
if [ $? != 0 ]; then
return $?
fi
if [ "$hostVersion" = "$CurrentVersion" ] && [ $skip_check = false ]; then
msg "Up-to-date: ${host}"
return 0
fi
nixos-rebuild --flake .#${1} --build-host root@${host} --target-host root@${host} switch
return $?
}
2022-08-27 10:08:46 -06:00
if [ "$1" = "status" ]; then
rev=$(git rev-parse HEAD)
msg "Currently at: ${rev}\t($(git log --format=%B -n 1 $rev | head -n1))"
2022-08-27 10:08:46 -06:00
for h in $(ls hosts); do
host="$(resolveAlias $h)"
if ! tsAlive $host; then
msg "can't reach ${host}.. skipping.."
continue
fi
echo -n "===> $h: "
2022-08-27 10:08:46 -06:00
host_data="$(${SSH} root@${host} 'nixos-version --json')"
remote_rev=$(echo $host_data | jq -r .configurationRevision)
remote_ver=$(echo $host_data | jq -r .nixosVersion)
2022-08-29 11:23:59 -06:00
rev_msg="DIRTY"
rev_status="✓";
2022-08-29 11:23:59 -06:00
if [ "$remote_rev" != "DIRTY" ]; then
rev_msg=$(git log --format=%B -n1 $remote_rev | head -n1)
if [ "${remote_rev}" != "${rev}" ]; then
rev_status="×"
fi
2022-08-29 11:23:59 -06:00
fi
echo -en "\t\t${remote_ver}\t${rev_status}\t(${rev_msg})"
if ${SSH} root@$host 'check-restart' >/dev/null 2>&1; then
echo -e "\tOK"
else
echo -e "\tREBOOT"
fi
2022-08-27 10:08:46 -06:00
done
exit 0
fi
2022-08-25 12:21:35 -06:00
if [ "$1" = "install" ]; then
h="$2"
2022-08-25 12:21:35 -06:00
host="$(resolveAlias $2)"
dest="${3:-/nix/store}"
2022-08-29 09:49:01 -06:00
shift
shift
2022-08-25 12:21:35 -06:00
if [ ! -d hosts/${h} ]; then
msg "No config found for $h"
2022-08-25 12:21:35 -06:00
exit 1
fi
set -eu
set -x
2022-08-25 12:21:35 -06:00
mkdir -p .gcroots
out=$(nix build -o .gcroots/${h} --json .#nixosConfigurations.${h}.config.system.build.toplevel | jq -r '.[0].outputs.out')
2022-08-25 12:21:35 -06:00
nix copy -s --to "ssh://root@${host}?remote-store=${dest}" "$out"
nix copy -s --derivation --to "ssh://root@${host}?remote-store=${dest}" "$out"
2022-08-25 12:21:35 -06:00
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- nix --extra-experimental-features nix-command build --profile /nix/var/nix/profiles/system "$out"
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- /run/current-system/bin/switch-to-configuration switch
2022-08-25 12:21:35 -06:00
exit 0
fi
if [ "$1" = "update" ]; then
single="$2"
2022-08-25 12:21:35 -06:00
can_sign=0
for i in $(ssh-add -L | awk '{print $NF}'); do
grep -q $i .allowed_signers && can_sign=1
done
if [ $can_sign = 1 ]; then
if [ "$single" != "" ]; then
nix flake lock --commit-lock-file --update-input "$single"
else
nix flake update --commit-lock-file
fi
2022-08-25 12:21:35 -06:00
exit
else
echo "Can't find signing key."
exit 1
fi
fi
if [ "$1" = "installer" ]; then
nix build .#nixosConfigurations.isoInstall.config.system.build.isoImage
exit $?
fi
if [ "$1" = "diff" ]; then
host="$(resolveAlias $2)"
mkdir -p .gcroots
out=$(nix build -o .gcroots/${host} --json .#nixosConfigurations.${2}.config.system.build.toplevel | jq -r '.[0].outputs.out')
nix copy -s --to "ssh://root@$host" "$out"
nix copy -s --derivation --to "ssh://root@$host" "$out"
${SSH} "root@$host" "nix-store -qd /run/current-system $out | xargs nix-diff --color=always" | less
exit $?
fi
ret=0
if [ ${#@} = 1 ]; then
rebuild $1 true || ret=1
else
for host in $(ls hosts); do
rebuild $host false || ret=1
done
fi