mirror of https://cgit.krebsco.de/krops
144 lines
3.8 KiB
Nix
144 lines
3.8 KiB
Nix
let
|
|
lib = import ../../lib;
|
|
in
|
|
|
|
{ nix, openssh, populate, writers }: rec {
|
|
|
|
rebuild = {
|
|
useNixOutputMonitor
|
|
}:
|
|
args: target:
|
|
runShell target {}
|
|
(withNixOutputMonitor useNixOutputMonitor /* sh */ ''
|
|
nixos-rebuild -I ${
|
|
lib.concatMapStringsSep " " lib.escapeShellArg ([target.path] ++ args)
|
|
}
|
|
'');
|
|
|
|
runShell = target: {
|
|
allocateTTY ? false
|
|
}: command:
|
|
let
|
|
command' = if target.sudo then "sudo ${command}" else command;
|
|
in
|
|
if lib.isLocalTarget target
|
|
then command'
|
|
else
|
|
writers.writeDash "krops.${target.host}.${lib.firstWord command}" ''
|
|
exec ${openssh}/bin/ssh ${lib.escapeShellArgs (lib.flatten [
|
|
(lib.mkUserPortSSHOpts target)
|
|
(if allocateTTY then "-t" else "-T")
|
|
target.extraOptions
|
|
target.host
|
|
command'
|
|
])}
|
|
'';
|
|
|
|
withNixOutputMonitor = mode_: command: let
|
|
mode =
|
|
lib.getAttr (lib.typeOf mode_) {
|
|
bool = lib.toJSON mode_;
|
|
string = mode_;
|
|
};
|
|
in /* sh */ ''
|
|
printf '# use nix-output-monitor: %s\n' ${lib.escapeShellArg mode} >&2
|
|
${lib.getAttr mode rec {
|
|
opportunistic = /* sh */ ''
|
|
if command -v nom >/dev/null; then
|
|
${optimistic}
|
|
else
|
|
${false}
|
|
fi
|
|
'';
|
|
optimistic = /* sh */ ''
|
|
(${command}) 2>&1 | nom
|
|
'';
|
|
pessimistic = /* sh */ ''
|
|
nix-shell -p nix-output-monitor --run ${lib.escapeShellArg optimistic}
|
|
'';
|
|
true = /* sh */ ''
|
|
if command -v nom >/dev/null; then
|
|
${optimistic}
|
|
else
|
|
${pessimistic}
|
|
fi
|
|
'';
|
|
false = command;
|
|
}}
|
|
'';
|
|
|
|
writeCommand = name: {
|
|
command ? (targetPath: "echo ${targetPath}"),
|
|
backup ? false,
|
|
force ? false,
|
|
allocateTTY ? false,
|
|
source,
|
|
target
|
|
}: let
|
|
target' = lib.mkTarget target;
|
|
in
|
|
writers.writeDash name ''
|
|
set -efu
|
|
${populate { inherit backup force source; target = target'; }}
|
|
${runShell target' { inherit allocateTTY; } (command target'.path)}
|
|
'';
|
|
|
|
writeDeploy = name: {
|
|
backup ? false,
|
|
buildTarget ? null,
|
|
crossDeploy ? false,
|
|
fast ? null,
|
|
force ? false,
|
|
operation ? "switch",
|
|
source,
|
|
target,
|
|
useNixOutputMonitor ? "opportunistic"
|
|
}: let
|
|
buildTarget' =
|
|
if buildTarget == null
|
|
then target'
|
|
else lib.mkTarget buildTarget;
|
|
target' = lib.mkTarget target;
|
|
in
|
|
lib.traceIf (fast != null) "writeDeploy: it's now always fast, setting the `fast` attribute is deprecated and will be removed in future" (
|
|
writers.writeDash name ''
|
|
set -efu
|
|
${lib.optionalString (buildTarget' != target')
|
|
(populate { inherit backup force source; target = buildTarget'; })}
|
|
${populate { inherit backup force source; target = target'; }}
|
|
${rebuild { inherit useNixOutputMonitor; } ([
|
|
operation
|
|
] ++ lib.optionals crossDeploy [
|
|
"--no-build-nix"
|
|
] ++ lib.optionals (buildTarget' != target') [
|
|
"--build-host" "${buildTarget'.user}@${buildTarget'.host}"
|
|
"--target-host" "${target'.user}@${target'.host}"
|
|
] ++ lib.optionals target'.sudo [
|
|
"--use-remote-sudo"
|
|
]) buildTarget'}
|
|
''
|
|
);
|
|
|
|
writeTest = name: {
|
|
backup ? false,
|
|
force ? false,
|
|
source,
|
|
target,
|
|
trace ? false
|
|
}: let
|
|
target' = lib.mkTarget target;
|
|
in
|
|
assert lib.isLocalTarget target';
|
|
writers.writeDash name ''
|
|
set -efu
|
|
${populate { inherit backup force source; target = target'; }} >&2
|
|
NIX_PATH=${lib.escapeShellArg target'.path} \
|
|
${nix}/bin/nix-build \
|
|
-A system \
|
|
--keep-going \
|
|
--no-out-link \
|
|
${lib.optionalString trace "--show-trace"} \
|
|
'<nixpkgs/nixos>'
|
|
'';
|
|
}
|