2022-08-25 12:21:35 -06:00
|
|
|
|
#!/usr/bin/env sh
|
|
|
|
|
|
|
|
|
|
. ./common.sh
|
|
|
|
|
|
|
|
|
|
trap error INT TERM
|
|
|
|
|
|
2022-09-03 06:35:01 -06:00
|
|
|
|
start
|
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
|
rebuild() {
|
|
|
|
|
host="$(resolveAlias $1)"
|
|
|
|
|
skip_check=$2
|
|
|
|
|
|
|
|
|
|
msg "Rebuilding: ${host}"
|
|
|
|
|
|
|
|
|
|
if ! tsAlive $host; then
|
2022-10-16 07:12:45 -06:00
|
|
|
|
msg "can't reach ${1}.. skipping.."
|
2022-08-25 12:21:35 -06:00
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
hostVersion=$(${SSH} root@${host} 'nixos-version --json | jq -r .configurationRevision')
|
|
|
|
|
if [ $? != 0 ]; then
|
|
|
|
|
return $?
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ "$hostVersion" = "$CurrentVersion" ] && [ $skip_check = false ]; then
|
|
|
|
|
msg "Up-to-date: ${host}"
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
|
2023-05-23 18:56:57 -06:00
|
|
|
|
nixos-rebuild ${TRACE} --flake .#${1} --build-host root@${host} --target-host root@${host} switch
|
2022-08-25 12:21:35 -06:00
|
|
|
|
return $?
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-23 12:05:33 -06:00
|
|
|
|
if [ "$1" = "watch" ]; then
|
2023-06-21 07:01:54 -06:00
|
|
|
|
if [ "$2" = "status" ]; then
|
|
|
|
|
for f in pull_requests/*.json; do
|
|
|
|
|
pr=$(basename $f .json)
|
|
|
|
|
title="$(jq -r '.title' <$f)"
|
|
|
|
|
status="$(jq -r '.status' <$f)"
|
|
|
|
|
echo "${pr}|${title}|${status}"
|
|
|
|
|
done | column -t -s '|'
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2023-05-23 12:05:33 -06:00
|
|
|
|
if [ "$2" = "update" ]; then
|
|
|
|
|
msg "updating watches..."
|
|
|
|
|
for f in pull_requests/*.json; do
|
|
|
|
|
pr=$(basename $f .json)
|
2023-05-23 20:07:29 -06:00
|
|
|
|
if [ "$(jq -r '.status' <$f)" = "open" ]; then
|
|
|
|
|
curl -s -o - https://pr-status.humpback-trout.ts.net/${pr} | jq -rS 'del(.queryTime)' >pull_requests/${pr}.json
|
|
|
|
|
msg "Updated watch for ${pr}: $(jq -r .title <pull_requests/${pr}.json)"
|
|
|
|
|
else
|
|
|
|
|
msg "$Skipping: ${pr} ($(jq -r .title <pull_requests/${pr}.json)), already complete"
|
|
|
|
|
fi
|
2023-05-23 12:05:33 -06:00
|
|
|
|
done
|
|
|
|
|
else
|
|
|
|
|
pr="$2"
|
2023-05-23 14:50:42 -06:00
|
|
|
|
curl -s -o - https://pr-status.humpback-trout.ts.net/${pr} | jq -rS 'del(.queryTime)' >pull_requests/${pr}.json
|
2023-05-23 12:05:33 -06:00
|
|
|
|
msg "Added watch for ${pr}: $(jq -r .title <pull_requests/${pr}.json)"
|
2023-06-01 18:46:23 -06:00
|
|
|
|
git add pull_requests/${pr}.json
|
2023-05-23 12:05:33 -06:00
|
|
|
|
fi
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2022-08-27 10:08:46 -06:00
|
|
|
|
if [ "$1" = "status" ]; then
|
2022-08-28 09:17:55 -06:00
|
|
|
|
rev=$(git rev-parse HEAD)
|
|
|
|
|
msg "Currently at: ${rev}\t($(git log --format=%B -n 1 $rev | head -n1))"
|
2022-10-05 07:33:13 -06:00
|
|
|
|
for h in $(listNixOSHosts); do
|
2022-08-27 10:08:46 -06:00
|
|
|
|
host="$(resolveAlias $h)"
|
2022-08-27 19:49:45 -06:00
|
|
|
|
if ! tsAlive $host; then
|
2022-10-16 07:12:45 -06:00
|
|
|
|
msg "can't reach ${h}.. skipping.."
|
2022-08-27 19:49:45 -06:00
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
echo -n "===> $h: "
|
2022-10-26 16:34:54 -06:00
|
|
|
|
host_data="$(${SSH} root@${host} 'xin-status')"
|
2022-08-28 09:17:55 -06:00
|
|
|
|
remote_rev=$(echo $host_data | jq -r .configurationRevision)
|
|
|
|
|
remote_ver=$(echo $host_data | jq -r .nixosVersion)
|
2022-10-26 16:34:54 -06:00
|
|
|
|
needs_reboot=$(echo $host_data | jq -r .needs_restart)
|
2022-08-29 11:23:59 -06:00
|
|
|
|
rev_msg="DIRTY"
|
2022-10-10 06:58:35 -06:00
|
|
|
|
rev_status="✓"
|
2022-08-29 11:23:59 -06:00
|
|
|
|
if [ "$remote_rev" != "DIRTY" ]; then
|
|
|
|
|
rev_msg=$(git log --format=%B -n1 $remote_rev | head -n1)
|
2022-09-06 07:42:45 -06:00
|
|
|
|
if [ "${remote_rev}" != "${rev}" ]; then
|
|
|
|
|
rev_status="×"
|
|
|
|
|
fi
|
2022-08-29 11:23:59 -06:00
|
|
|
|
fi
|
2022-09-14 06:50:22 -06:00
|
|
|
|
echo -en "\t\t${remote_ver}\t${rev_status}\t(${rev_msg})"
|
2022-10-26 16:34:54 -06:00
|
|
|
|
if [ "$needs_reboot" == "false" ]; then
|
2022-09-14 06:50:22 -06:00
|
|
|
|
echo -e "\tOK"
|
|
|
|
|
else
|
|
|
|
|
echo -e "\tREBOOT"
|
|
|
|
|
fi
|
2022-08-27 10:08:46 -06:00
|
|
|
|
done
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
|
if [ "$1" = "install" ]; then
|
2022-09-14 20:26:41 -06:00
|
|
|
|
h="$2"
|
2022-08-25 12:21:35 -06:00
|
|
|
|
host="$(resolveAlias $2)"
|
2022-09-14 20:26:41 -06:00
|
|
|
|
dest="${3:-/nix/store}"
|
2022-08-29 09:49:01 -06:00
|
|
|
|
shift
|
|
|
|
|
shift
|
2022-08-25 12:21:35 -06:00
|
|
|
|
|
2022-09-14 20:26:41 -06:00
|
|
|
|
if [ ! -d hosts/${h} ]; then
|
|
|
|
|
msg "No config found for $h"
|
2022-08-25 12:21:35 -06:00
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
set -eu
|
2022-09-14 20:26:41 -06:00
|
|
|
|
set -x
|
2022-08-25 12:21:35 -06:00
|
|
|
|
mkdir -p .gcroots
|
2022-09-14 20:26:41 -06:00
|
|
|
|
out=$(nix build -o .gcroots/${h} --json .#nixosConfigurations.${h}.config.system.build.toplevel | jq -r '.[0].outputs.out')
|
2022-08-25 12:21:35 -06:00
|
|
|
|
|
2022-09-14 20:26:41 -06:00
|
|
|
|
nix copy -s --to "ssh://root@${host}?remote-store=${dest}" "$out"
|
|
|
|
|
nix copy -s --derivation --to "ssh://root@${host}?remote-store=${dest}" "$out"
|
2022-08-25 12:21:35 -06:00
|
|
|
|
|
2022-09-14 20:26:41 -06:00
|
|
|
|
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- nix --extra-experimental-features nix-command build --profile /nix/var/nix/profiles/system "$out"
|
|
|
|
|
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- /run/current-system/bin/switch-to-configuration switch
|
2022-08-25 12:21:35 -06:00
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2022-10-16 07:06:11 -06:00
|
|
|
|
if [ "$1" = "local" ]; then
|
2023-05-23 18:56:57 -06:00
|
|
|
|
sudo nixos-rebuild ${TRACE} --flake .#$(uname -n) switch
|
2022-10-16 07:06:11 -06:00
|
|
|
|
exit $?
|
|
|
|
|
fi
|
|
|
|
|
|
2022-08-25 12:21:35 -06:00
|
|
|
|
if [ "$1" = "update" ]; then
|
2022-10-02 11:09:07 -06:00
|
|
|
|
single="$2"
|
2022-08-25 12:21:35 -06:00
|
|
|
|
can_sign=0
|
|
|
|
|
for i in $(ssh-add -L | awk '{print $NF}'); do
|
|
|
|
|
grep -q $i .allowed_signers && can_sign=1
|
|
|
|
|
done
|
|
|
|
|
|
2022-10-16 06:31:15 -06:00
|
|
|
|
# TODO: capture commit message and wrap it with what is being updated.
|
2022-08-25 12:21:35 -06:00
|
|
|
|
if [ $can_sign = 1 ]; then
|
2022-10-02 11:09:07 -06:00
|
|
|
|
if [ "$single" != "" ]; then
|
|
|
|
|
nix flake lock --commit-lock-file --update-input "$single"
|
|
|
|
|
else
|
|
|
|
|
nix flake update --commit-lock-file
|
|
|
|
|
fi
|
2022-08-25 12:21:35 -06:00
|
|
|
|
exit
|
|
|
|
|
else
|
|
|
|
|
echo "Can't find signing key."
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ "$1" = "installer" ]; then
|
|
|
|
|
nix build .#nixosConfigurations.isoInstall.config.system.build.isoImage
|
|
|
|
|
exit $?
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ "$1" = "diff" ]; then
|
|
|
|
|
host="$(resolveAlias $2)"
|
|
|
|
|
mkdir -p .gcroots
|
|
|
|
|
out=$(nix build -o .gcroots/${host} --json .#nixosConfigurations.${2}.config.system.build.toplevel | jq -r '.[0].outputs.out')
|
|
|
|
|
nix copy -s --to "ssh://root@$host" "$out"
|
|
|
|
|
nix copy -s --derivation --to "ssh://root@$host" "$out"
|
|
|
|
|
${SSH} "root@$host" "nix-store -qd /run/current-system $out | xargs nix-diff --color=always" | less
|
|
|
|
|
exit $?
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
ret=0
|
|
|
|
|
if [ ${#@} = 1 ]; then
|
|
|
|
|
rebuild $1 true || ret=1
|
|
|
|
|
else
|
2023-02-02 15:24:22 -07:00
|
|
|
|
lock
|
2022-10-05 07:33:13 -06:00
|
|
|
|
for host in $(listNixOSHosts); do
|
2022-08-25 12:21:35 -06:00
|
|
|
|
rebuild $host false || ret=1
|
|
|
|
|
done
|
|
|
|
|
fi
|