#!/usr/bin/env bash set -euo pipefail cd "$( dirname "${BASH_SOURCE[0]}" )" export NIX_PATH= host=$1 COPY_USER=yorick decrypt() { if ! [ -e secrets.nix ] then git crypt unlock fi } get_target_host() { TARGET_HOST=$(nix eval --raw -f vpn.nix ips.$host) TARGET_HOST=$(ssh $TARGET_HOST ip --json r get 1.1.1.1 | jq -r '.[0].prefsrc') } peek() { echo $ "$@" > /dev/stderr command "$@" } nix() { decrypt peek nix --extra-experimental-features nix-command "$@" } nix-build() { decrypt peek nix-build "$@" } case $2 in copy-keys) nix build -f ../. yorick.machine."$host".config.deployment.keys-copy --out-link copy-keys get_target_host peek ./copy-keys/bin/copy-keys "$TARGET_HOST" # rm ./copy-keys ;; ssh) get_target_host peek ssh root@"$TARGET_HOST" ;; build) nix build -f servers.nix "$host" --show-trace ;; copy) get_target_host nix copy -f servers.nix "$host" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST" ;; test) get_target_host outPath=$(nix-build servers.nix -A "$host") nix copy -f servers.nix "$host" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST" peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration test ;; boot) get_target_host outPath=$(nix-build servers.nix -A "$host") nix copy "$outPath" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST" peek ssh root@"$TARGET_HOST" nix-env -p "/nix/var/nix/profiles/system" --set "$outPath" peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration boot ;; switch) get_target_host outPath=$(nix-build servers.nix -A "$host") nix copy "$outPath" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST" peek ssh root@"$TARGET_HOST" nix-env -p "/nix/var/nix/profiles/system" --set "$outPath" peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration switch ;; esac