Fediversity/paste

declare substituters trusted_public_keys drv_path

host="root@fedi203.abundos.eu"

sshOpts=(
  -o BatchMode=yes
  -o StrictHostKeyChecking=no
)

command=(nix-instantiate --expr '
  let
    sources = import ./npins;
    configuration = {
      imports = [
        ./infra/common/proxmox-qemu-vm.nix
        ./infra/common/nixos/users.nix
        ./deployment/check/common/sharedOptions.nix
        ./deployment/check/common/targetNode.nix
        "${sources.disko}/module.nix"
      ];
    };
    eval = import "${sources.nixpkgs}/nixos/lib/eval-config.nix" {
      system = builtins.currentSystem;
      specialArgs = {
        inherit sources;
      };
      modules = [ configuration ];
    };
    os = {
      inherit (eval) pkgs config options;
      system = eval.config.system.build.toplevel;
      inherit (eval.config.system.build) vm vmWithBootLoader;
    };
  in
  {
    substituters = builtins.concatStringsSep " " os.config.nix.settings.substituters;
    trusted_public_keys = builtins.concatStringsSep " " os.config.nix.settings.trusted-public-keys;
    drv_path = os.config.system.build.toplevel.drvPath;
    out_path = os.config.system.build.toplevel;
  }
')

buildArgs=(
  --option extra-binary-caches https://cache.nixos.org/
  --option substituters "$substituters"
  --option trusted-public-keys "$trusted_public_keys"
)

"${command[@]}" -A out_path

json="$("${command[@]}" --eval --strict --json)"

eval "export $(echo $json | jq -r 'to_entries | map("\(.key)=\(.value)") | @sh')"

outPath=$(nix-store --realize "$drv_path" "${buildArgs[@]}")

NIX_SSHOPTS="${sshOpts[*]}" nix-copy-closure --to "$host" "$outPath" --gzip --use-substitutes

ssh "${sshOpts[@]}" "$host" "nix-env --profile /nix/var/nix/profiles/system --set $outPath; $outPath/bin/switch-to-configuration switch"