forked from fediversity/fediversity
50 lines
1.6 KiB
Bash
Executable file
50 lines
1.6 KiB
Bash
Executable file
#! /usr/bin/env bash
|
|
set -xeuo pipefail
|
|
declare username host key_file ssh_opts nixos_conf
|
|
readarray -t ssh_opts < <(echo "$ssh_opts" | jq -r '.[]')
|
|
|
|
# DEPLOY
|
|
sshOptsInit=(
|
|
-o BatchMode=yes
|
|
-o StrictHostKeyChecking=no
|
|
)
|
|
if [[ -n "$key_file" ]]; then
|
|
sshOptsInit+=(
|
|
-i "$key_file"
|
|
)
|
|
fi
|
|
# [@] will quote variables containing spaces itself
|
|
sshOptsAt=("${sshOptsInit[@]}")
|
|
for ssh_opt in "${ssh_opts[@]}"; do
|
|
sshOptsAt+=(
|
|
-o "${ssh_opt}"
|
|
)
|
|
done
|
|
# [*] needs manual quoting
|
|
sshOptsAsterisk=("${sshOptsInit[@]}")
|
|
for ssh_opt in "${ssh_opts[@]}"; do
|
|
sshOptsAsterisk+=(
|
|
-o "\"${ssh_opt}\""
|
|
)
|
|
done
|
|
|
|
destination="$username@$host"
|
|
|
|
command=(nix-instantiate --show-trace "${nixos_conf}")
|
|
|
|
# INSTANTIATE
|
|
# instantiate the config in /nix/store
|
|
"${command[@]}" -A config.system.build.toplevel
|
|
|
|
# get the realized derivation so we can deploy it
|
|
"${command[@]}" -A config.system.build.toplevel --eval --strict --json
|
|
|
|
# FIXME explore import/readFile as ways to instantiate the derivation, potentially allowing to realize the store path up-front from Nix?
|
|
outPath=$(nix-store --realize "$("${command[@]}" -A config.system.build.toplevel.drvPath --eval --strict --json | jq -r '.')")
|
|
# deploy the config by nix-copy-closure
|
|
NIX_SSHOPTS="${sshOptsAsterisk[*]}" nix-copy-closure --to "$destination" "$outPath" --gzip --use-substitutes
|
|
# switch the remote host to the config
|
|
# shellcheck disable=SC2029
|
|
ssh "${sshOptsAt[@]}" "$destination" "nix-env --profile /nix/var/nix/profiles/system --set $outPath"
|
|
# shellcheck disable=SC2029
|
|
ssh -o "ConnectTimeout=5" -o "ServerAliveInterval=1" "${sshOptsAt[@]}" "$destination" "nohup env $outPath/bin/switch-to-configuration switch &" 2>&1
|