steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
infra/Justfile

243 lines
7.5 KiB
Makefile
Executable file
Raw Blame History

_DEFAULT_VERSION_TMPL:
echo "{{invocation_directory()}}/nix/variables/versions.tmpl.nix"
_DEFAULT_VERSION:
echo "{{invocation_directory()}}/nix/variables/versions.nix"
_usage:
just -l
update-default-versions:
#!/usr/bin/env bash
template="$(just _DEFAULT_VERSION_TMPL)"
outfile="$(just _DEFAULT_VERSION)"
esh -o ${outfile} ${template}
_get_nix_path versionsPath:
echo $(set -x; nix-build --no-link --show-trace {{invocation_directory()}}/nix/default.nix -A channelSources --argstr versionsPath {{versionsPath}} --argstr rebuildarg "dummy")
_device recipe dir +moreargs="":
#!/usr/bin/env bash
set -ex
source $(just -v _get_nix_path {{invocation_directory()}}/{{dir}}/versions.nix)
$(set -x; nix-build --no-link --show-trace $(dirname {{dir}})/default.nix -A recipes.{{recipe}} --argstr dir {{dir}} {{moreargs}})
_render_templates:
#!/usr/bin/env bash
set -ex
source $(just -v _get_nix_path {{invocation_directory()}}/nix/variables/versions.nix)
nix/scripts/pre-eval-fixed.sh nix/home-manager/profiles/dotfiles/vcsh{.tmpl,}.nix
_rebuild-device dir rebuildarg="dry-activate" +moreargs="": _render_templates
#!/usr/bin/env bash
set -ex
just -v _device rebuild {{dir}} --argstr rebuildarg {{rebuildarg}} {{moreargs}}
rebuild-remote-device device target rebuildarg="dry-activate" :
#!/usr/bin/env bash
set -ex
just -v _rebuild-device nix/os/devices/{{device}} {{rebuildarg}} --argstr moreargs "'--target-host\ {{target}}'"
# Rebuild this device's NixOS
rebuild-this-device rebuildarg="dry-activate":
#!/usr/bin/env bash
set -e
function parse_hm_rebuildarg() {
case $1 in
switch)
echo switch
;;
*)
echo build
;;
esac
}
export SYSREBUILD_LOG=.$(hostname -s)_sysrebuild.log
export HOMEREBUILD_LOG=.$(hostname -s)_homerebuild.log
echo Rebuilding system in {{rebuildarg}}-mode...
if just -v _rebuild-device nix/os/devices/$(hostname -s) {{rebuildarg}} > ${SYSREBUILD_LOG} 2>&1 ; then
echo System rebuild successful
else
cat ${SYSREBUILD_LOG}
echo ERROR: system rebuild failed
exit 1
fi
if type home-manager > /dev/null 2>&1; then
echo Rebuilding home in $(parse_hm_rebuildarg {{rebuildarg}})-mode...
source $(just -v _get_nix_path {{invocation_directory()}}/nix/os/devices/$(hostname -s)/versions.nix)
if home-manager -v $(parse_hm_rebuildarg {{rebuildarg}}) > ${HOMEREBUILD_LOG} 2>&1 ; then
echo Home rebuild successful
else
cat ${HOMEREBUILD_LOG}
echo ERROR: home rebuild failed
exit 1
fi
fi
update-remote-device device target rebuildmode='switch':
#!/usr/bin/env bash
set -e
template=nix/os/devices/{{device}}/versions.tmpl.nix
outfile=nix/os/devices/{{device}}/versions.nix
if ! test -e ${template}; then
template="$(just _DEFAULT_VERSION_TMPL)"
fi
esh -o ${outfile} ${template}
if ! test "$(git diff ${outfile})"; then
echo Already on latest versions
exit 0
fi
just -v rebuild-remote-device {{device}} {{target}} dry-activate || {
echo ERROR: rebuild in mode 'dry-active' failed after updating ${outfile}
exit 1
}
just -v rebuild-remote-device {{ device }} {{ target }} {{ rebuildmode }} || {
echo ERROR: rebuild in mode '{{ rebuildmode }}' failed after updating ${outfile}
exit 1
}
git commit -v ${outfile} -m "nix/os/devices/{{ device }}: bump versions"
# Update the channel versions and (by default) switch to new environment
update-this-device rebuild-mode='switch':
#!/usr/bin/env bash
set -e
template=nix/os/devices/$(hostname -s)/versions.tmpl.nix
outfile=nix/os/devices/$(hostname -s)/versions.nix
if ! test -e ${template}; then
template="$(just _DEFAULT_VERSION_TMPL)"
fi
esh -o ${outfile} ${template}
if ! test "$(git diff ${outfile})"; then
echo Already on latest versions
exit 0
fi
export SYSREBUILD_LOG=.$(hostname -s)_sysrebuild.log
just -v rebuild-this-device dry-activate || {
echo ERROR: Update failed, reverting ${outfile}...
exit 1
}
just -v rebuild-this-device {{rebuild-mode}} || {
echo ERROR: Rebuilding in {{rebuild-mode}}-mode failed
exit 1
}
git commit -v ${outfile} -m "nix/os/devices/$(hostname -s): bump versions"
# Iterate on a qtile config by running it inside Xephyr. (un-/grab the mouse with Ctrl + Shift-L)
hm-iterate-qtile:
#!/usr/bin/env bash
set -xe
home-manager switch || just -v rebuild-this-device switch
Xephyr -ac -br -resizeable :1 &
XEPHYR_PID=$!
echo ${XEPHYR_PID}
DISPLAY=:1 $(grep qtile ~/.xsession) &
echo "Xephyr started. un-/grab the mouse with Ctrl + Shift-L"
wait $!
kill ${XEPHYR_PID}
# !!! DANGERIOUS !!! This wipes the disk which is configured for the given device.
disk-prepare dir:
just -v _device diskPrepare {{dir}} --argstr rebuildarg "dummy"
disk-relabel dir previous:
just -v _device diskRelabel {{dir}} --argstr rebuildarg "dummy" --argstr previousDiskId {{previous}}
# Mount the target disk specified by device configuration directory. The 'dir' argument points to a device configuration, e.g. 'nix/os/devices/steveej-live-mmc-SL32G_0x259093f6'
disk-mount dir:
just -v _device diskMount {{dir}} --argstr rebuildarg "dummy"
# Unmount target disk, specified by device configuration directory
disk-umount dir:
just -v _device diskUmount {{dir}} --argstr rebuildarg "dummy"
# Perform an offline installation on the mounted target disk, specified by device configuration directory
disk-install dir: _render_templates
just -v _device diskInstall {{dir}} --argstr rebuildarg "dummy"
verify-n-unlock sshserver attempts="10":
#!/usr/bin/env bash
set -e
: ${VNCSOCK:?VNCSOCK must be set}
: ${VNCPW:?VNCPW must be set}
export MAGICK_ARGS="-filter Catrom -density 72 -resample 300 -contrast -normalize -despeckle -type grayscale -sharpen 1 -posterize 3 -negate -gamma 100 -blur 1x65535"
export TESS_ARGS="-c debug_file=/dev/null --psm 4"
function send() {
local what="${1:?need something to send}"
ssh -4 ${SSHOPTS:?need sshopts} root@{{sshserver}} "echo -e ${what}>> /dev/tty0" &>/dev/null
}
function expect() {
local what="${1:?need something to expect}"
vncdo --server=${VNCSOCK} --password=${VNCPW} --disable-desktop-resizing --nocursor capture $PWD/screenshot.bmp
convert ${MAGICK_ARGS} screenshot.bmp screenshot.tiff
tesseract ${TESS_ARGS} screenshot.tiff screenshot
grep --quiet "${what}" screenshot.txt
}
function send_and_expect() {
local send="${1:?need something to send}"
local expect="${2:?need something to expect}"
if ! send "${send}"; then
echo warning: cannot send > /dev/stderr
return -1
fi
expect "${expect}"
}
trap 'E=$?; set +e; rm screenshot.*; echo Exiting...; kill $(jobs -p | cut -d " " -f 4); exit $E' EXIT
for i in `seq 1 {{attempts}}`; do
echo Attempt $i...
expect="$(pwgen -0 12)"
send="'\0033\0143'${expect}"
if send_and_expect "${send}" "${expect}"; then
pipe=$(mktemp -u)
mkfifo ${pipe}
exec 3<>${pipe}
rm ${pipe}
echo Verification succeeded at attempt $i. Unlocking remote drive...
ssh -4 ${SSHOPTS} root@{{sshserver}} "cryptsetup-askpass" <&3 &>/dev/null &
eval ${GETPW} | head -n1 >&3
for j in `seq 1 120`; do
sleep 0.5
if expect '— success'; then
echo Unlock successful.
exit 0
fi
done
echo Unlock failed...
exit 1
fi
done
echo Verification failed {{attempts}} times. Giving up...
exit 1
_get_pass_entry path key:
pass show {{path}}| grep -E "^{{key}}:" | awk '{ print $2 }'
# jq -sR 'split("\n") | map(split(":"))' <(pass show Infrastructure/VPS/CFB4ED74 | grep -E "^[A-Za-z_]+:")
run-with-channels +cmds:
#!/usr/bin/env bash
source $(just -v _get_nix_path {{invocation_directory()}}/nix/variables/versions.nix)
{{cmds}}
Reference in a new issue View git blame Copy permalink