summaryrefslogtreecommitdiffstats
path: root/bin
diff options
context:
space:
mode:
Diffstat (limited to 'bin')
-rwxr-xr-xbin/copy-secrets17
-rwxr-xr-xbin/new-nixos-query8
-rwxr-xr-xbin/nixos-query21
3 files changed, 14 insertions, 32 deletions
diff --git a/bin/copy-secrets b/bin/copy-secrets
index 50a0e1982..27b41bdc4 100755
--- a/bin/copy-secrets
+++ b/bin/copy-secrets
@@ -15,11 +15,18 @@ if ! test -e "$secrets_rsync"; then
exit # nothing to do
fi
-retiolum_secret=$(nixos-query $system_name tv.retiolum.privateKeyFile)
-retiolum_uid=$(nixos-query $system_name users.extraUsers.retiolum-tinc.uid)
-
-ejabberd_secret=$(nixos-query $system_name services.ejabberd-cd.certFile)
-ejabberd_uid=$(nixos-query $system_name users.extraUsers.ejabberd.uid)
+# XXX this is ugly
+# Notice NIX_PATH used from host
+# Notice secrets required to evaluate configuration
+NIX_PATH=$NIX_PATH:nixos-config=$PWD/modules/$system_name
+NIX_PATH=$NIX_PATH:secrets=$PWD/secrets/$system_name/nix
+export NIX_PATH
+
+retiolum_secret=$(new-nixos-query tv.retiolum.privateKeyFile)
+retiolum_uid=$(new-nixos-query users.extraUsers.retiolum-tinc.uid)
+
+ejabberd_secret=$(new-nixos-query services.ejabberd-cd.certFile)
+ejabberd_uid=$(new-nixos-query users.extraUsers.ejabberd.uid)
(set -x
rsync \
diff --git a/bin/new-nixos-query b/bin/new-nixos-query
deleted file mode 100755
index 57761b520..000000000
--- a/bin/new-nixos-query
+++ /dev/null
@@ -1,8 +0,0 @@
-#! /bin/sh
-set -euf
-nix-instantiate \
- -A config."$1" \
- --eval \
- --json \
- '<nixos>' \
- | jq -r .
diff --git a/bin/nixos-query b/bin/nixos-query
index 65b5c9672..1111aead5 100755
--- a/bin/nixos-query
+++ b/bin/nixos-query
@@ -1,21 +1,4 @@
#! /bin/sh
set -euf
-
-host=$1
-attr=$2
-
-nixpkgs=$nixpkgs_root/$host
-nixos_config=$config_root/modules/$host
-secrets_nix=$secrets_root/$host/nix
-secrets_rsync=$secrets_root/$host/rsync
-
-nix-instantiate \
- -I "$nixpkgs" \
- -I nixos-config="$nixos_config" \
- -I retiolum-hosts="$retiolum_hosts" \
- -I secrets="$secrets_nix" \
- -A config."$attr" \
- '<nixos>' \
- --eval \
- --json \
- | jq -r .
+result=$(nix-instantiate -A config."$1" --eval --json '<nixos>')
+echo $result | jq -r .