diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-03-22 18:02:28 +0100 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-03-22 18:02:28 +0100 |
| commit | 4bed25e00a5873f27554c385d669756d2da15660 (patch) | |
| tree | 0df18276a50986f86480123c0abfd7d459cb512a /scripts | |
| parent | hosts/server3/websites: Remove the now-deprecated `.git` suffixes (diff) | |
| download | nixos-server-4bed25e00a5873f27554c385d669756d2da15660.zip | |
scripts/update_hosts: Init
That works cleaner than the `deploy-rs` based solution.
Diffstat (limited to '')
| -rw-r--r-- | scripts/update_hosts.remote | 41 | ||||
| -rwxr-xr-x | scripts/update_hosts.sh | 24 |
2 files changed, 65 insertions, 0 deletions
diff --git a/scripts/update_hosts.remote b/scripts/update_hosts.remote new file mode 100644 index 0000000..7323a33 --- /dev/null +++ b/scripts/update_hosts.remote @@ -0,0 +1,41 @@ +#! /usr/bin/env sh + +# This is the remote side of `update_hosts.sh`, it will be copied to the remote host +# and is responsible for performing the update. + +set -e + +PATH_add() { + nix_expr="$1" + what="$(nix build "nixpkgs#$nix_expr.out" --print-out-paths --no-link)" + + printf "Adding '%s' (%s/bin) to PATH..\n" "$nix_expr" "$what" + + PATH="$what/bin:$PATH" + export PATH +} + +branch="$1" + +# We don't have access to git by default, so evaluate it here +PATH_add git + +# By-default these systems use cppnix, which can't build our config. So let's switch to +# lix. +PATH_add lixPackageSets.latest.lix + +# We might or might not have python, and we need it, because we use the unwrapped +# `nixos-update`. +PATH_add python3 +PATH_add nixos-rebuild-ng + +set -x +cd /etc/nixos + +sudo git fetch --all --prune +sudo git switch "$branch" +sudo git pull --rebase + +PYTHONNOUSERSITE='true' sudo --preserve-env=PATH --preserve-env=PYTHONNOUSERSITE ".nixos-rebuild-ng-wrapped" --no-reexec boot + +sudo reboot diff --git a/scripts/update_hosts.sh b/scripts/update_hosts.sh new file mode 100755 index 0000000..505f061 --- /dev/null +++ b/scripts/update_hosts.sh @@ -0,0 +1,24 @@ +#! /usr/bin/env sh +set -e + +base_dir="$(git rev-parse --show-toplevel)" + +user="${1-$USER}" +hosts="${2-server2 server3}" +branch="${3-main}" + +for host in $hosts; do + echo "Updating '$user@$host.vhack.eu' ..." + + new_system="$(nix build ".#nixosConfigurations.$host.config.system.build.toplevel" --no-link --print-out-paths)" + + printf "Copying closure ..\n" + nix-copy-closure "$user@$host.vhack.eu" "$new_system" + + printf "Deploying remote side script ..\n" + scp "$base_dir/scripts/update_hosts.remote" "$user@$host.vhack.eu:update_host.remote" + + printf "Executing remote side script ..\n" + ssh -t "$user@$host.vhack.eu" "chmod +x update_host.remote; ./update_host.remote '$branch'" +done +# vim: ft=sh |