diff options
Diffstat (limited to '')
| -rwxr-xr-x | scripts/build.sh | 7 | ||||
| -rwxr-xr-x | scripts/check.sh | 20 | ||||
| -rwxr-xr-x | scripts/ping_hosts.sh | 12 | ||||
| -rwxr-xr-x | scripts/system_info.sh | 25 | ||||
| -rwxr-xr-x | scripts/test.sh | 12 | ||||
| -rw-r--r-- | scripts/update_hosts.remote | 41 | ||||
| -rwxr-xr-x | scripts/update_hosts.sh | 24 |
7 files changed, 141 insertions, 0 deletions
diff --git a/scripts/build.sh b/scripts/build.sh new file mode 100755 index 0000000..a3ff064 --- /dev/null +++ b/scripts/build.sh @@ -0,0 +1,7 @@ +#! /usr/bin/env sh + +for host in "server2" "server3"; do + nix build ".#nixosConfigurations.$host.config.system.build.toplevel" --print-out-paths --no-link --option max-jobs 1 +done + +# vim: ft=sh diff --git a/scripts/check.sh b/scripts/check.sh new file mode 100755 index 0000000..f152cbb --- /dev/null +++ b/scripts/check.sh @@ -0,0 +1,20 @@ +#! /usr/bin/env sh + +# --log-format multiline-with-logs \ +nix build \ + --option max-jobs 1 \ + --print-out-paths --no-link \ + .#checks.x86_64-linux.atuin-sync \ + .#checks.x86_64-linux.back \ + .#checks.x86_64-linux.deploy-activate \ + .#checks.x86_64-linux.deploy-schema \ + .#checks.x86_64-linux.dns \ + .#checks.x86_64-linux.formatting \ + .#checks.x86_64-linux.git-server \ + .#checks.x86_64-linux.rust-motd \ + .#checks.x86_64-linux.sharkey \ + .#checks.x86_64-linux.sharkey-cpu \ + .#checks.x86_64-linux.taskchampion-sync +# .#checks.x86_64-linux.email-dns \ +# .#checks.x86_64-linux.email-http \ +# .#checks.x86_64-linux.email-ip \ diff --git a/scripts/ping_hosts.sh b/scripts/ping_hosts.sh new file mode 100755 index 0000000..fba2490 --- /dev/null +++ b/scripts/ping_hosts.sh @@ -0,0 +1,12 @@ +#! /usr/bin/env sh + +user="${1-$USER}" +hosts="${2-server2 server3}" + +for host in $hosts; do + echo "Checking status of '$user@$host.vhack.eu' ..." + + ssh "$user@$host.vhack.eu" "set -x; systemctl --failed" +done + +# vim: ft=sh diff --git a/scripts/system_info.sh b/scripts/system_info.sh new file mode 100755 index 0000000..940406a --- /dev/null +++ b/scripts/system_info.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env sh + +# Take a host name and return the nix store path to the host's system info. +# Type +# _system_info :: String -> Path +_system_info() { + nix --option warn-dirty false build .#nixosConfigurations."$1".config.vhack.system-info.markdown --print-out-paths --no-link +} + +_glow() { + if command -v glow >/dev/null; then + glow --width 0 + else + cat + fi +} + +# The expression is not meant to be expanded by the shell +# shellcheck disable=SC2016 +nix eval --expr '"${builtins.concatStringsSep "\n" (builtins.attrNames (builtins.fromTOML (builtins.readFile ./hosts/host-names.toml)))}\n"' --impure --raw | while read -r host; do + echo "# $host" | _glow + _glow <"$(_system_info "$host")" +done + +# vim: ft=sh diff --git a/scripts/test.sh b/scripts/test.sh new file mode 100755 index 0000000..58c3343 --- /dev/null +++ b/scripts/test.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env sh + +test_target="$1" + +[ -z "$test_target" ] && { + echo "You need to select a test target!" 1>&2 + echo "Usage: test_interactive TEST_TARGET" 1>&2 + exit 1 +} + +nix build --log-format multiline-with-logs .#checks.x86_64-linux."$test_target" +# vim: ft=sh diff --git a/scripts/update_hosts.remote b/scripts/update_hosts.remote new file mode 100644 index 0000000..7323a33 --- /dev/null +++ b/scripts/update_hosts.remote @@ -0,0 +1,41 @@ +#! /usr/bin/env sh + +# This is the remote side of `update_hosts.sh`, it will be copied to the remote host +# and is responsible for performing the update. + +set -e + +PATH_add() { + nix_expr="$1" + what="$(nix build "nixpkgs#$nix_expr.out" --print-out-paths --no-link)" + + printf "Adding '%s' (%s/bin) to PATH..\n" "$nix_expr" "$what" + + PATH="$what/bin:$PATH" + export PATH +} + +branch="$1" + +# We don't have access to git by default, so evaluate it here +PATH_add git + +# By-default these systems use cppnix, which can't build our config. So let's switch to +# lix. +PATH_add lixPackageSets.latest.lix + +# We might or might not have python, and we need it, because we use the unwrapped +# `nixos-update`. +PATH_add python3 +PATH_add nixos-rebuild-ng + +set -x +cd /etc/nixos + +sudo git fetch --all --prune +sudo git switch "$branch" +sudo git pull --rebase + +PYTHONNOUSERSITE='true' sudo --preserve-env=PATH --preserve-env=PYTHONNOUSERSITE ".nixos-rebuild-ng-wrapped" --no-reexec boot + +sudo reboot diff --git a/scripts/update_hosts.sh b/scripts/update_hosts.sh new file mode 100755 index 0000000..505f061 --- /dev/null +++ b/scripts/update_hosts.sh @@ -0,0 +1,24 @@ +#! /usr/bin/env sh +set -e + +base_dir="$(git rev-parse --show-toplevel)" + +user="${1-$USER}" +hosts="${2-server2 server3}" +branch="${3-main}" + +for host in $hosts; do + echo "Updating '$user@$host.vhack.eu' ..." + + new_system="$(nix build ".#nixosConfigurations.$host.config.system.build.toplevel" --no-link --print-out-paths)" + + printf "Copying closure ..\n" + nix-copy-closure "$user@$host.vhack.eu" "$new_system" + + printf "Deploying remote side script ..\n" + scp "$base_dir/scripts/update_hosts.remote" "$user@$host.vhack.eu:update_host.remote" + + printf "Executing remote side script ..\n" + ssh -t "$user@$host.vhack.eu" "chmod +x update_host.remote; ./update_host.remote '$branch'" +done +# vim: ft=sh |