68 lines
2 KiB
Bash
Executable file
68 lines
2 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
cd "$( dirname "${BASH_SOURCE[0]}" )"
|
|
export NIX_PATH=
|
|
host=$1
|
|
COPY_USER=yorick
|
|
decrypt() {
|
|
if ! [ -e secrets.nix ]
|
|
then
|
|
git crypt unlock
|
|
fi
|
|
}
|
|
get_target_host() {
|
|
TARGET_HOST=$(nix eval --raw -f vpn.nix ips.$host)
|
|
TARGET_HOST=$(ssh $TARGET_HOST ip --json r get 1.1.1.1 | jq -r '.[0].prefsrc')
|
|
}
|
|
peek() {
|
|
echo $ "$@" > /dev/stderr
|
|
command "$@"
|
|
}
|
|
nix() {
|
|
decrypt
|
|
peek nix --extra-experimental-features nix-command "$@"
|
|
}
|
|
nix-build() {
|
|
decrypt
|
|
peek nix-build "$@"
|
|
}
|
|
case $2 in
|
|
copy-keys)
|
|
nix build -f ../. yorick.machine."$host".config.deployment.keys-copy --out-link copy-keys
|
|
get_target_host
|
|
peek ./copy-keys/bin/copy-keys "$TARGET_HOST"
|
|
# rm ./copy-keys
|
|
;;
|
|
ssh)
|
|
get_target_host
|
|
peek ssh root@"$TARGET_HOST"
|
|
;;
|
|
build)
|
|
nix build -f servers.nix "$host" --show-trace
|
|
;;
|
|
copy)
|
|
get_target_host
|
|
nix copy -f servers.nix "$host" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST"
|
|
;;
|
|
test)
|
|
get_target_host
|
|
outPath=$(nix-build servers.nix -A "$host")
|
|
nix copy -f servers.nix "$host" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST"
|
|
peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration test
|
|
;;
|
|
boot)
|
|
get_target_host
|
|
outPath=$(nix-build servers.nix -A "$host")
|
|
nix copy "$outPath" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST"
|
|
peek ssh root@"$TARGET_HOST" nix-env -p "/nix/var/nix/profiles/system" --set "$outPath"
|
|
peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration boot
|
|
;;
|
|
switch)
|
|
get_target_host
|
|
outPath=$(nix-build servers.nix -A "$host")
|
|
nix copy "$outPath" --show-trace --to "ssh://$COPY_USER@$TARGET_HOST"
|
|
peek ssh root@"$TARGET_HOST" nix-env -p "/nix/var/nix/profiles/system" --set "$outPath"
|
|
peek ssh root@"$TARGET_HOST" $outPath/bin/switch-to-configuration switch
|
|
;;
|
|
esac
|