eeva
/
krops
mirror of https://cgit.krebsco.de/krops
1
0
Fork 0
Code Issues Releases Wiki Activity

treewide: harmonize ssh calls

This commit is contained in:
tv 2020-06-08 23:11:36 +02:00
parent 1eb67a9b78
commit 44e8dd5cea
2 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/krops/default.nix
View File

@ -5,7 +5,7 @@ in
{ nix, openssh, populate, writers }: rec {
build = target:
remoteCommand target (lib.concatStringsSep " " [
runShell target (lib.concatStringsSep " " [
"nix build"
"-I ${lib.escapeShellArg target.path}"
"--no-link -f '<nixpkgs/nixos>'"
@ -13,11 +13,11 @@ in
]);
rebuild = args: target:
remoteCommand target "nixos-rebuild -I ${lib.escapeShellArg target.path} ${
runShell target "nixos-rebuild -I ${lib.escapeShellArg target.path} ${
lib.concatMapStringsSep " " lib.escapeShellArg args
}";
remoteCommand = target: command:
runShell = target: command:
if lib.isLocalTarget target
then command
else
@ -25,7 +25,7 @@ in
exec ${openssh}/bin/ssh ${lib.escapeShellArgs (lib.flatten [
(lib.optionals (target.user != "") ["-l" target.user])
"-p" target.port
"-t"
"-T"
target.extraOptions
target.host
(if target.sudo then "sudo ${command}" else command)])}
@ -43,7 +43,7 @@ in
writers.writeDash name ''
set -efu
${populate { inherit backup force source; target = target'; }}
${remoteCommand target' (command target'.path)}
${runShell target' (command target'.path)}
'';
writeDeploy = name: {

23
pkgs/populate/default.nix
View File

@ -6,7 +6,7 @@ with shell;
let
check = { force, target }: let
sentinelFile = "${target.path}/.populate";
in shell' target /* sh */ ''
in runShell target /* sh */ ''
${optionalString force /* sh */ ''
mkdir -vp ${quote (dirOf sentinelFile)} >&2
touch ${quote sentinelFile}
@ -23,7 +23,7 @@ let
do-backup = { target }: let
sentinelFile = "${target.path}/.populate";
in
shell' target /* sh */ ''
runShell target /* sh */ ''
if ! test -d ${quote sentinelFile}; then
>&2 printf 'error" sentinel file is not a directory: %s\n' ${quote (
optionalString (!isLocalTarget target) "${target.host}:" +
@ -40,7 +40,7 @@ let
${target.path}/.populate/backup/
'';
pop.derivation = target: source: shell' target /* sh */ ''
pop.derivation = target: source: runShell target /* sh */ ''
nix-build -E ${quote source.text} -o ${quote target.path} >&2
'';
@ -50,7 +50,7 @@ let
in
rsync' target config (quote source.path);
pop.git = target: source: shell' target /* sh */ ''
pop.git = target: source: runShell target /* sh */ ''
set -efu
if ! test -e ${quote target.path}; then
git clone --recurse-submodules ${quote source.url} ${quote target.path}
@ -92,7 +92,7 @@ let
if test -e ${quote source.dir}/.git; then
local_pass_info=${quote source.name}\ $(${git}/bin/git -C ${quote source.dir} log -1 --format=%H ${quote source.name})
remote_pass_info=$(${shell' target /* sh */ ''
remote_pass_info=$(${runShell target /* sh */ ''
cat ${quote target.path}/.pass_info || :
''})
@ -133,12 +133,12 @@ let
pop.pipe = target: source: /* sh */ ''
${quote source.command} | {
${shell' target /* sh */ "cat > ${quote target.path}"}
${runShell target /* sh */ "cat > ${quote target.path}"}
}
'';
# TODO rm -fR instead of ln -f?
pop.symlink = target: source: shell' target /* sh */ ''
pop.symlink = target: source: runShell target /* sh */ ''
ln -fnsT ${quote source.target} ${quote target.path}
'';
@ -178,20 +178,19 @@ let
>&2
'';
shell' = target: script:
runShell = target: command:
if isLocalTarget target
then script
then command
else
if target.sudo then /* sh */ ''
${ssh' target} ${quote target.host} ${quote "sudo bash -c ${quote script}"}
${ssh' target} ${quote target.host} ${quote "sudo bash -c ${quote command}"}
'' else ''
${ssh' target} ${quote target.host} ${quote script}
${ssh' target} ${quote target.host} ${quote command}
'';
ssh' = target: concatMapStringsSep " " quote (flatten [
"${openssh}/bin/ssh"
(optionals (target.user != "") ["-l" target.user])
"-o" "ControlPersist=no"
"-p" target.port
"-T"
target.extraOptions