aboutsummaryrefslogtreecommitdiffstats
path: root/pkgs/krops/default.nix
blob: 04c38cfd0fe1613510d44e7b33c1326239d3a667 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
let
  lib = import ../../lib;
in

{ nix, openssh, populate, writers }: rec {

  rebuild = {
    useNixOutputMonitor
  }:
  args: target:
    runShell target {}
      (withNixOutputMonitor target useNixOutputMonitor /* sh */ ''
        NIX_PATH=${lib.escapeShellArg target.path} \
        nixos-rebuild ${lib.escapeShellArgs args}
      '');

  runShell = target: {
    allocateTTY ? false
  }: command:
    let
      command' = /* sh */ ''
        ${lib.optionalString target.sudo "sudo"} \
        /bin/sh -c ${lib.escapeShellArg command}
      '';
    in
      if lib.isLocalTarget target
      then command'
      else
        writers.writeDash "krops.${target.host}.${lib.firstWord command}" ''
          exec ${openssh}/bin/ssh ${lib.escapeShellArgs (lib.flatten [
            (lib.mkUserPortSSHOpts target)
            (if allocateTTY then "-t" else "-T")
            target.extraOptions
            target.host
            command'
          ])}
        '';

  withNixOutputMonitor = target: mode_: command: let
    mode =
      lib.getAttr (lib.typeOf mode_)  {
        bool = lib.toJSON mode_;
        string = mode_;
      };
  in /* sh */ ''
    printf '# use nix-output-monitor: %s\n' ${lib.escapeShellArg mode} >&2
    ${lib.getAttr mode rec {
      opportunistic = /* sh */ ''
        if command -v nom >/dev/null; then
          ${optimistic}
        else
          ${false}
        fi
      '';
      optimistic = /* sh */ ''
        (${command}) 2>&1 | nom
      '';
      pessimistic = /* sh */ ''
        NIX_PATH=${lib.escapeShellArg target.path} \
        nix-shell -p nix-output-monitor --run ${lib.escapeShellArg optimistic}
      '';
      true = /* sh */ ''
        if command -v nom >/dev/null; then
          ${optimistic}
        else
          ${pessimistic}
        fi
      '';
      false = command;
    }}
  '';

  writeCommand = name: {
    command ? (targetPath: "echo ${targetPath}"),
    backup ? false,
    force ? false,
    allocateTTY ? false,
    source,
    target
  }: let
    target' = lib.mkTarget target;
  in
    writers.writeDash name ''
      set -efu
      ${populate { inherit backup force source; target = target'; }}
      ${runShell target' { inherit allocateTTY; } (command target'.path)}
    '';

  writeDeploy = name: {
    backup ? false,
    buildTarget ? null,
    crossDeploy ? false,
    fast ? null,
    force ? false,
    operation ? "switch",
    source,
    target,
    useNixOutputMonitor ? "opportunistic"
  }: let
    buildTarget' =
      if buildTarget == null
        then target'
        else lib.mkTarget buildTarget;
    target' = lib.mkTarget target;
  in
    lib.traceIf (fast != null) "writeDeploy: it's now always fast, setting the `fast` attribute is deprecated and will be removed in future" (
      writers.writeDash name ''
        set -efu
        ${lib.optionalString (buildTarget' != target')
          (populate { inherit backup force source; target = buildTarget'; })}
        ${populate { inherit backup force source; target = target'; }}
        ${rebuild { inherit useNixOutputMonitor; } ([
          operation
        ] ++ lib.optionals crossDeploy [
          "--no-build-nix"
        ] ++ lib.optionals (buildTarget' != target') [
          "--build-host" "${buildTarget'.user}@${buildTarget'.host}"
          "--target-host" "${target'.user}@${target'.host}"
        ] ++ lib.optionals target'.sudo [
          "--use-remote-sudo"
        ]) buildTarget'}
      ''
    );

  writeTest = name: {
    backup ? false,
    force ? false,
    source,
    target,
    trace ? false
  }: let
    target' = lib.mkTarget target;
  in
    assert lib.isLocalTarget target';
    writers.writeDash name ''
      set -efu
      ${populate { inherit backup force source; target = target'; }} >&2
      NIX_PATH=${lib.escapeShellArg target'.path} \
      ${nix}/bin/nix-build \
          -A system \
          --keep-going \
          --no-out-link \
          ${lib.optionalString trace "--show-trace"} \
          '<nixpkgs/nixos>'
    '';
}