1
0
Fork 0
mirror of https://cgit.krebsco.de/krops synced 2024-11-13 06:39:46 +01:00
krops/pkgs/populate/default.nix

144 lines
3.9 KiB
Nix
Raw Normal View History

2018-07-12 14:30:10 +02:00
with import ../../lib;
with shell;
2018-09-19 19:40:36 +02:00
{ coreutils, dash, findutils, git, jq, openssh, pass, rsync, writeDash }:
let
2018-07-12 14:30:10 +02:00
check = { force, target }: let
sentinelFile = "${target.path}/.populate";
in shell' target /* sh */ ''
${optionalString force /* sh */ ''
mkdir -vp ${quote (dirOf sentinelFile)}
touch ${quote sentinelFile}
''}
if ! test -f ${quote sentinelFile}; then
>&2 printf 'error: missing sentinel file: %s\n' ${quote (
optionalString (!isLocalTarget target) "${target.host}:" +
sentinelFile
)}
exit 1
fi
'';
2018-09-19 19:40:36 +02:00
pop.file = target: source: rsync' target (quote source.path);
2018-07-12 14:30:10 +02:00
2018-09-19 19:40:36 +02:00
pop.git = target: source: shell' target /* sh */ ''
2018-07-12 14:30:10 +02:00
if ! test -e ${quote target.path}; then
2018-09-19 19:40:36 +02:00
git clone --recurse-submodules ${quote source.url} ${quote target.path}
2018-07-12 14:30:10 +02:00
fi
cd ${quote target.path}
if ! url=$(git config remote.origin.url); then
2018-09-19 19:40:36 +02:00
git remote add origin ${quote source.url}
elif test "$url" != ${quote source.url}; then
git remote set-url origin ${quote source.url}
2018-07-12 14:30:10 +02:00
fi
# TODO resolve git_ref to commit hash
2018-09-19 19:40:36 +02:00
hash=${quote source.ref}
2018-07-12 14:30:10 +02:00
if ! test "$(git log --format=%H -1)" = "$hash"; then
if ! git log -1 "$hash" >/dev/null 2>&1; then
git fetch origin
fi
2018-11-13 22:52:44 +01:00
git reset --hard "$hash" >&2
2018-08-14 19:34:22 +02:00
git submodule update --init --recursive
2018-07-12 14:30:10 +02:00
fi
2018-10-31 18:24:57 +01:00
git clean -dfx \
${concatMapStringsSep " "
(pattern: /* sh */ "-e ${quote pattern}")
source.clean.exclude }
2018-07-12 14:30:10 +02:00
'';
2018-09-19 19:40:36 +02:00
pop.pass = target: source: let
passPrefix = "${source.dir}/${source.name}";
2018-07-12 14:30:10 +02:00
in /* sh */ ''
umask 0077
tmp_dir=$(${coreutils}/bin/mktemp -dt populate-pass.XXXXXXXX)
trap cleanup EXIT
cleanup() {
rm -fR "$tmp_dir"
}
${findutils}/bin/find ${quote passPrefix} -type f |
while read -r gpg_path; do
rel_name=''${gpg_path#${quote passPrefix}}
rel_name=''${rel_name%.gpg}
pass_date=$(
2018-09-19 19:40:36 +02:00
${git}/bin/git -C ${quote source.dir} log -1 --format=%aI "$gpg_path"
2018-07-12 14:30:10 +02:00
)
2018-09-19 19:40:36 +02:00
pass_name=${quote source.name}/$rel_name
2018-07-12 14:30:10 +02:00
tmp_path=$tmp_dir/$rel_name
${coreutils}/bin/mkdir -p "$(${coreutils}/bin/dirname "$tmp_path")"
2018-09-19 19:40:36 +02:00
PASSWORD_STORE_DIR=${quote source.dir} ${pass}/bin/pass show "$pass_name" > "$tmp_path"
2018-07-12 14:30:10 +02:00
${coreutils}/bin/touch -d "$pass_date" "$tmp_path"
done
${rsync' target /* sh */ "$tmp_dir"}
'';
2018-09-19 19:40:36 +02:00
pop.pipe = target: source: /* sh */ ''
${quote source.command} | {
2018-07-12 14:30:10 +02:00
${shell' target /* sh */ "cat > ${quote target.path}"}
}
'';
# TODO rm -fR instead of ln -f?
2018-09-19 19:40:36 +02:00
pop.symlink = target: source: shell' target /* sh */ ''
ln -fns ${quote source.target} ${quote target.path}
2018-07-12 14:30:10 +02:00
'';
populate = target: name: source: let
source' = source.${source.type};
target' = target // { path = "${target.path}/${name}"; };
in writeDash "populate.${target'.host}.${name}" ''
set -efu
${pop.${source.type} target' source'}
'';
rsync' = target: sourcePath: /* sh */ ''
source_path=${sourcePath}
if test -d "$source_path"; then
source_path=$source_path/
fi
${rsync}/bin/rsync \
-e ${quote (ssh' target)} \
-vFrlptD \
--delete-excluded \
"$source_path" \
${quote (
optionalString (!isLocalTarget target)
"${target.user}@${target.host}:" +
target.path
2018-09-13 21:41:00 +02:00
)} \
>&2
2018-07-12 14:30:10 +02:00
'';
shell' = target: script:
if isLocalTarget target
then script
else /* sh */ ''
${ssh' target} ${quote target.host} ${quote script}
'';
ssh' = target: concatMapStringsSep " " quote [
"${openssh}/bin/ssh"
"-l" target.user
"-o" "ControlPersist=no"
"-p" target.port
"-T"
];
2018-07-12 14:30:10 +02:00
in
2018-07-12 14:30:10 +02:00
{ force ? false, source, target }: writeDash "populate.${target.host}" ''
set -efu
${check { inherit force target; }}
set -x
${concatStringsSep "\n" (mapAttrsToList (populate target) source)}
''