qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
alacritty
xin/bin/deploy

172 lines
4.4 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env sh
. ./common.sh
trap error INT TERM
start
rebuild() {
host="$(resolveAlias $1)"
skip_check=$2
msg "Rebuilding: ${host}"
if ! tsAlive $host; then
msg "can't reach ${1}.. skipping.."
return
fi
hostVersion=$(${SSH} root@${host} 'nixos-version --json | jq -r .configurationRevision')
if [ $? != 0 ]; then
return $?
fi
if [ "$hostVersion" = "$CurrentVersion" ] && [ $skip_check = false ]; then
msg "Up-to-date: ${host}"
return 0
fi
nixos-rebuild ${TRACE} --flake .#${1} --build-host root@${host} --target-host root@${host} switch
return $?
}
if [ "$1" = "watch" ]; then
if [ "$2" = "status" ]; then
for f in pull_requests/*.json; do
pr=$(basename $f .json)
title="$(jq -r '.title' <$f)"
status="$(jq -r '.status' <$f)"
echo "${pr}|${title}|${status}"
done | column -t -s '|'
exit 0
fi
if [ "$2" = "update" ]; then
msg "updating watches..."
for f in pull_requests/*.json; do
pr=$(basename $f .json)
if [ "$(jq -r '.status' <$f)" = "open" ]; then
curl -s -o - https://pr-status.otter-alligator.ts.net/${pr} | jq -rS 'del(.queryTime)' >pull_requests/${pr}.json
msg "Updated watch for ${pr}: $(jq -r .title <pull_requests/${pr}.json)"
else
msg "$Skipping: ${pr} ($(jq -r .title <pull_requests/${pr}.json)), already complete"
fi
done
else
pr="$2"
curl -s -o - https://pr-status.otter-alligator.ts.net/${pr} | jq -rS 'del(.queryTime)' >pull_requests/${pr}.json
msg "Added watch for ${pr}: $(jq -r .title <pull_requests/${pr}.json)"
git add pull_requests/${pr}.json
fi
exit 0
fi
if [ "$1" = "status" ]; then
rev=$(git rev-parse HEAD)
msg "Currently at: ${rev}\t($(git log --format=%B -n 1 $rev | head -n1))"
for h in $(listNixOSHosts); do
host="$(resolveAlias $h)"
if ! tsAlive $host; then
msg "can't reach ${h}.. skipping.."
continue
fi
echo -n "===> $h: "
host_data="$(${SSH} root@${host} 'xin-status')"
remote_rev=$(echo $host_data | jq -r .configurationRevision)
remote_ver=$(echo $host_data | jq -r .nixosVersion)
needs_reboot=$(echo $host_data | jq -r .needs_restart)
rev_msg="DIRTY"
rev_status="✓"
if [ "$remote_rev" != "DIRTY" ]; then
rev_msg=$(git log --format=%B -n1 $remote_rev | head -n1)
if [ "${remote_rev}" != "${rev}" ]; then
rev_status="×"
fi
fi
echo -en "\t\t${remote_ver}\t${rev_status}\t(${rev_msg})"
if [ "$needs_reboot" == "false" ]; then
echo -e "\tOK"
else
echo -e "\tREBOOT"
fi
done
exit 0
fi
if [ "$1" = "install" ]; then
h="$2"
host="$(resolveAlias $2)"
dest="${3:-/nix/store}"
shift
shift
if [ ! -d hosts/${h} ]; then
msg "No config found for $h"
exit 1
fi
set -eu
set -x
mkdir -p .gcroots
out=$(nix build -o .gcroots/${h} --json .#nixosConfigurations.${h}.config.system.build.toplevel | jq -r '.[0].outputs.out')
nix copy -s --to "ssh://root@${host}?remote-store=${dest}" "$out"
nix copy -s --derivation --to "ssh://root@${host}?remote-store=${dest}" "$out"
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- nix --extra-experimental-features nix-command build --profile /nix/var/nix/profiles/system "$out"
${SSH} "root@${host}" NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$dest" -- /run/current-system/bin/switch-to-configuration switch
exit 0
fi
if [ "$1" = "local" ]; then
sudo nixos-rebuild ${TRACE} --flake .#$(uname -n) switch
exit $?
fi
if [ "$1" = "update" ]; then
single="$2"
can_sign=0
for i in $(ssh-add -L | awk '{print $2}'); do
grep -q $i .allowed_signers && can_sign=1
done
# TODO: capture commit message and wrap it with what is being updated.
if [ $can_sign = 1 ]; then
if [ "$single" != "" ]; then
nix flake update --commit-lock-file "$single"
else
nix flake update --commit-lock-file
fi
exit
else
echo "Can't find signing key."
exit 1
fi
fi
if [ "$1" = "installer" ]; then
nix build .#nixosConfigurations.isoInstall.config.system.build.isoImage
exit $?
fi
if [ "$1" = "diff" ]; then
host="$(resolveAlias $2)"
mkdir -p .gcroots
out=$(nix build -o .gcroots/${host} --json .#nixosConfigurations.${2}.config.system.build.toplevel | jq -r '.[0].outputs.out')
nix copy -s --to "ssh://root@$host" "$out"
nix copy -s --derivation --to "ssh://root@$host" "$out"
${SSH} "root@$host" "nix-store -qd /run/current-system $out | xargs nix-diff --color=always" | less
exit $?
fi
ret=0
if [ ${#@} = 1 ]; then
rebuild $1 true || ret=1
else
lock
for host in $(listNixOSHosts); do
rebuild $host false || ret=1
done
fi
Reference in New Issue View Git Blame Copy Permalink