path: root/pkgs/krops
diff options
Diffstat (limited to 'pkgs/krops')
1 files changed, 123 insertions, 23 deletions
diff --git a/pkgs/krops/default.nix b/pkgs/krops/default.nix
index d5a75d7..04c38cf 100644
--- a/pkgs/krops/default.nix
+++ b/pkgs/krops/default.nix
@@ -2,45 +2,145 @@ let
lib = import ../../lib;
-{ exec, nix, openssh, populate, writeDash }: rec {
+{ nix, openssh, populate, writers }: rec {
- rebuild = args: target:
- exec "rebuild.${target.host}" rec {
- filename = "${openssh}/bin/ssh";
- argv = [
- filename
- "-l" target.user
- "-p" target.port
- target.host
- "nixos-rebuild -I ${lib.escapeShellArg target.path} ${
- lib.concatMapStringsSep " " lib.escapeShellArg args
- }"
- ];
- };
+ rebuild = {
+ useNixOutputMonitor
+ }:
+ args: target:
+ runShell target {}
+ (withNixOutputMonitor target useNixOutputMonitor /* sh */ ''
+ NIX_PATH=${lib.escapeShellArg target.path} \
+ nixos-rebuild ${lib.escapeShellArgs args}
+ '');
- writeDeploy = name: { force ? false, source, target }: let
+ runShell = target: {
+ allocateTTY ? false
+ }: command:
+ let
+ command' = /* sh */ ''
+ ${lib.optionalString target.sudo "sudo"} \
+ /bin/sh -c ${lib.escapeShellArg command}
+ '';
+ in
+ if lib.isLocalTarget target
+ then command'
+ else
+ writers.writeDash "krops.${target.host}.${lib.firstWord command}" ''
+ exec ${openssh}/bin/ssh ${lib.escapeShellArgs (lib.flatten [
+ (lib.mkUserPortSSHOpts target)
+ (if allocateTTY then "-t" else "-T")
+ target.extraOptions
+ target.host
+ command'
+ ])}
+ '';
+ withNixOutputMonitor = target: mode_: command: let
+ mode =
+ lib.getAttr (lib.typeOf mode_) {
+ bool = lib.toJSON mode_;
+ string = mode_;
+ };
+ in /* sh */ ''
+ printf '# use nix-output-monitor: %s\n' ${lib.escapeShellArg mode} >&2
+ ${lib.getAttr mode rec {
+ opportunistic = /* sh */ ''
+ if command -v nom >/dev/null; then
+ ${optimistic}
+ else
+ ${false}
+ fi
+ '';
+ optimistic = /* sh */ ''
+ (${command}) 2>&1 | nom
+ '';
+ pessimistic = /* sh */ ''
+ NIX_PATH=${lib.escapeShellArg target.path} \
+ nix-shell -p nix-output-monitor --run ${lib.escapeShellArg optimistic}
+ '';
+ true = /* sh */ ''
+ if command -v nom >/dev/null; then
+ ${optimistic}
+ else
+ ${pessimistic}
+ fi
+ '';
+ false = command;
+ }}
+ '';
+ writeCommand = name: {
+ command ? (targetPath: "echo ${targetPath}"),
+ backup ? false,
+ force ? false,
+ allocateTTY ? false,
+ source,
+ target
+ }: let
target' = lib.mkTarget target;
- writeDash name ''
+ writers.writeDash name ''
set -efu
- ${populate { inherit force source; target = target'; }}
- ${rebuild ["switch"] target'}
+ ${populate { inherit backup force source; target = target'; }}
+ ${runShell target' { inherit allocateTTY; } (command target'.path)}
- writeTest = name: { force ? false, source, target }: let
+ writeDeploy = name: {
+ backup ? false,
+ buildTarget ? null,
+ crossDeploy ? false,
+ fast ? null,
+ force ? false,
+ operation ? "switch",
+ source,
+ target,
+ useNixOutputMonitor ? "opportunistic"
+ }: let
+ buildTarget' =
+ if buildTarget == null
+ then target'
+ else lib.mkTarget buildTarget;
+ target' = lib.mkTarget target;
+ in
+ lib.traceIf (fast != null) "writeDeploy: it's now always fast, setting the `fast` attribute is deprecated and will be removed in future" (
+ writers.writeDash name ''
+ set -efu
+ ${lib.optionalString (buildTarget' != target')
+ (populate { inherit backup force source; target = buildTarget'; })}
+ ${populate { inherit backup force source; target = target'; }}
+ ${rebuild { inherit useNixOutputMonitor; } ([
+ operation
+ ] ++ lib.optionals crossDeploy [
+ "--no-build-nix"
+ ] ++ lib.optionals (buildTarget' != target') [
+ "--build-host" "${buildTarget'.user}@${buildTarget'.host}"
+ "--target-host" "${target'.user}@${target'.host}"
+ ] ++ lib.optionals target'.sudo [
+ "--use-remote-sudo"
+ ]) buildTarget'}
+ ''
+ );
+ writeTest = name: {
+ backup ? false,
+ force ? false,
+ source,
+ target,
+ trace ? false
+ }: let
target' = lib.mkTarget target;
assert lib.isLocalTarget target';
- writeDash name ''
+ writers.writeDash name ''
set -efu
- ${populate { inherit force source; target = target'; }} >&2
+ ${populate { inherit backup force source; target = target'; }} >&2
NIX_PATH=${lib.escapeShellArg target'.path} \
${nix}/bin/nix-build \
-A system \
--keep-going \
--no-out-link \
- --show-trace \
+ ${lib.optionalString trace "--show-trace"} \