diff options
Diffstat (limited to 'default.nix')
-rw-r--r-- | default.nix | 151 |
1 files changed, 0 insertions, 151 deletions
diff --git a/default.nix b/default.nix deleted file mode 100644 index 841534824..000000000 --- a/default.nix +++ /dev/null @@ -1,151 +0,0 @@ -{ system-name -, rsync-target ? null -, deploy-target ? null -}: - -# TODO assert that only one of rsync-target or deploy-target is not null - -with builtins; -assert (typeOf system-name == "string"); -with import <nixpkgs/lib>; -let - paths-file = toPath "${dirOf __curPos.file}/modules/${system-name}/paths.nix"; - - paths = import paths-file; - - prefetch.file = '' - echo "$prefetch_in_url" - ''; - - prefetch.git = '' - ${concatMapStringsSep "\n" (attr-name: '' - case ''${prefetch_in_${escapeShellArg attr-name}-?} in \?) - printf '%s: %s: missing attribute: %s' \ - ${escapeShellArg paths-file} \ - "$prefetch_name" \ - ${escapeShellArg attr-name} \ - >&2 - return 1 - esac - '') [ "rev" "url" "cache" ]} - - git_rev=$prefetch_in_rev - git_url=$prefetch_in_url - - # cache_dir points to a (maybe non-existent) directory, where a shared cache of - # the repository should be maintained. The shared cache is used to create - # multiple working trees of the repository. - cache_dir=$prefetch_in_cache/$(echo "$git_url" | urlencode) - cache_git() { - git --git-dir="$cache_dir" "$@" - } - - # work_dir points to a (maybe non-existent) directory, where a specific - # revision of the repository is checked out. - # XXX this is probably a bad idea if git_rev is not a commit - work_dir=$cache_dir-$(cache_git rev-parse --verify "$git_rev" | urlencode) - work_git() { - git -C "$work_dir" "$@" - } - - is_up_to_date() { - test -d "$cache_dir" && - test -d "$work_dir" && - test "$(cache_git rev-parse --verify "$git_rev")" = "$git_rev" && - test "$(work_git rev-parse --verify HEAD)" = "$git_rev" - } - - # Notice how the remote name "origin" has been chosen arbitrarily, but must be - # kept in sync with the default value of nixpkgs.rev. - if ! is_up_to_date; then - if ! test -d "$cache_dir"; then - mkdir -p "$cache_dir" - cache_git init --bare - fi - if ! cache_git_url=$(cache_git config remote.origin.url); then - cache_git remote add origin "$git_url" - elif test "$cache_git_url" != "$git_url"; then - cache_git remote set-url origin "$git_url" - fi - cache_git fetch origin - if ! test -d "$work_dir"; then - git clone -n --shared "$cache_dir" "$work_dir" - fi - commit_name=$(cache_git rev-parse --verify "$git_rev") - work_git checkout "$commit_name" -- "$(readlink -f "$work_dir")" - work_git checkout -q "$commit_name" - work_git submodule init - work_git submodule update - fi - work_git clean -dxf - - echo "$work_dir" - ''; - - - f = pkg-name: pkg-spec: - let - types = attrNames pkg-spec; - type = elemAt types 0; - in - assert (length types == 1); # there can be only one source type - '' - out=$(${concatStringsSep " \\\n" (mapAttrsToList (k: v: - "prefetch_in_${escapeShellArg k}=${escapeShellArg (toString v)}") pkg-spec.${type})} \ - prefetch_name=${escapeShellArg pkg-name} \ - __prefetch_${escapeShellArg type}) - printf '%s=%s\n' \ - ${escapeShellArg pkg-name} \ - "$out" - ''; -in -'' -#! /bin/sh -set -euf - -PATH=${toString ./.}/bin:$PATH -export PATH - -__prefetch_file() { -${prefetch.file} -} -__prefetch_git() { -${prefetch.git} -} - -# TODO make sure x contains only sane chars -x=$(${concatStrings (mapAttrsToList f paths)}) - -${optionalString (rsync-target != null) '' - proot $(echo "$x" | sed -n 's@^\([^=]\+\)=\(.*\)@-b \2:/shitment/\1@p') \ - rsync --delete --delete-excluded \ - --filter='- /*/.git' \ - --rsync-path='mkdir -p -m 0700 /shitment/ && rsync' \ - -vaz \ - --no-owner \ - --no-group \ - '/shitment/' \ - ${escapeShellArg rsync-target} -''} - - -${optionalString (deploy-target != null) '' - system_path=$(proot $(echo "$x" | sed -n 's@^\([^=]\+\)=\(.*\)@-b \2:/shitment/\1@p') \ - env \ - NIX_PATH=/shitment \ - NIXOS_CONFIG=/shitment/modules/${escapeShellArg system-name} \ - nix-build -A system --no-out-link '<nixpkgs/nixos>') - - system_name=${escapeShellArg system-name} - target=${escapeShellArg deploy-target} - - nix-copy-closure --gzip --to "$target" "$system_path" - - secrets_root=${toString ./.}/secrets \ - config_root=${toString ./.} \ - copy-secrets "$system_name" "$target" - - ssh ''${NIX_SSHOPTS-} "$target" "$system_path/bin/switch-to-configuration" switch -''} - -'' |