1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
let
lib = import ../../lib;
in
{ nix, openssh, populate, writers }: rec {
rebuild = {
useNixOutputMonitor
}:
args: target:
runShell target {}
(withNixOutputMonitor useNixOutputMonitor /* sh */ ''
nixos-rebuild -I ${
lib.concatMapStringsSep " " lib.escapeShellArg ([target.path] ++ args)
}
'');
runShell = target: {
allocateTTY ? false
}: command:
let
command' = /* sh */ ''
${lib.optionalString target.sudo "sudo"} \
/bin/sh -c ${lib.escapeShellArg command}
'';
in
if lib.isLocalTarget target
then command'
else
writers.writeDash "krops.${target.host}.${lib.firstWord command}" ''
exec ${openssh}/bin/ssh ${lib.escapeShellArgs (lib.flatten [
(lib.mkUserPortSSHOpts target)
(if allocateTTY then "-t" else "-T")
target.extraOptions
target.host
command'
])}
'';
withNixOutputMonitor = mode_: command: let
mode =
lib.getAttr (lib.typeOf mode_) {
bool = lib.toJSON mode_;
string = mode_;
};
in /* sh */ ''
printf '# use nix-output-monitor: %s\n' ${lib.escapeShellArg mode} >&2
${lib.getAttr mode rec {
opportunistic = /* sh */ ''
if command -v nom >/dev/null; then
${optimistic}
else
${false}
fi
'';
optimistic = /* sh */ ''
(${command}) 2>&1 | nom
'';
pessimistic = /* sh */ ''
nix-shell -p nix-output-monitor --run ${lib.escapeShellArg optimistic}
'';
true = /* sh */ ''
if command -v nom >/dev/null; then
${optimistic}
else
${pessimistic}
fi
'';
false = command;
}}
'';
writeCommand = name: {
command ? (targetPath: "echo ${targetPath}"),
backup ? false,
force ? false,
allocateTTY ? false,
source,
target
}: let
target' = lib.mkTarget target;
in
writers.writeDash name ''
set -efu
${populate { inherit backup force source; target = target'; }}
${runShell target' { inherit allocateTTY; } (command target'.path)}
'';
writeDeploy = name: {
backup ? false,
buildTarget ? null,
crossDeploy ? false,
fast ? null,
force ? false,
operation ? "switch",
source,
target,
useNixOutputMonitor ? "opportunistic"
}: let
buildTarget' =
if buildTarget == null
then target'
else lib.mkTarget buildTarget;
target' = lib.mkTarget target;
in
lib.traceIf (fast != null) "writeDeploy: it's now always fast, setting the `fast` attribute is deprecated and will be removed in future" (
writers.writeDash name ''
set -efu
${lib.optionalString (buildTarget' != target')
(populate { inherit backup force source; target = buildTarget'; })}
${populate { inherit backup force source; target = target'; }}
${rebuild { inherit useNixOutputMonitor; } ([
operation
] ++ lib.optionals crossDeploy [
"--no-build-nix"
] ++ lib.optionals (buildTarget' != target') [
"--build-host" "${buildTarget'.user}@${buildTarget'.host}"
"--target-host" "${target'.user}@${target'.host}"
] ++ lib.optionals target'.sudo [
"--use-remote-sudo"
]) buildTarget'}
''
);
writeTest = name: {
backup ? false,
force ? false,
source,
target,
trace ? false
}: let
target' = lib.mkTarget target;
in
assert lib.isLocalTarget target';
writers.writeDash name ''
set -efu
${populate { inherit backup force source; target = target'; }} >&2
NIX_PATH=${lib.escapeShellArg target'.path} \
${nix}/bin/nix-build \
-A system \
--keep-going \
--no-out-link \
${lib.optionalString trace "--show-trace"} \
'<nixpkgs/nixos>'
'';
}
|