Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-25 21:30:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

bootstrap script in shell

Browse source
This commit is contained in:
Julien Malka 2024-04-06 02:04:56 +02:00
parent c697eaa7e9
commit 32e78a8423
Signed by: Luj
GPG key ID: 6FC74C847011FD83
3 changed files with 33 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
scripts/bootstrap-machine.nix Normal file
View file

@ -0,0 +1,31 @@
let
inputs = import ../deps;
pkgs = import inputs.nixpkgs { };
in
pkgs.writeShellScriptBin "bootstrap-machine" ''
pushd $(git rev-parse --show-toplevel)
machine=$1
ip=$2
extra_args=("''${@:3}")
# Create a temporary directory
temp=$(mktemp -d)
# Function to cleanup temporary directory on exit
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
# Create the directory where sshd expects to find the host keys
install -d -m755 "$temp/etc/ssh"
# Decrypt your private key from the password store and copy it to the temporary directory
rbw get "$machine"_ssh_host_ed25519_key -f notes > "$temp/etc/ssh/ssh_host_ed25519_key"
# Set the correct permissions so sshd will accept the key
chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
nixos-anywhere --extra-files "$temp" --store-paths $(nix-build -A nixosConfigurations.\"$machine\".config.system.build.diskoScript) $(nix-build -A nixosConfigurations.\"$machine\".config.system.build.toplevel) "''${extra_args[@]}" root@"$ip"
popd
''

23
scripts/bootstrap-machine.sh
View file

@ -1,23 +0,0 @@
#!/usr/bin/env bash
machine=$1
ip=$2
extra_args=("${@:3}")
# Create a temporary directory
temp=$(mktemp -d)
# Function to cleanup temporary directory on exit
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
# Create the directory where sshd expects to find the host keys
install -d -m755 "$temp/etc/ssh"
# Decrypt your private key from the password store and copy it to the temporary directory
rbw get "$machine"_ssh_host_ed25519_key -f notes > "$temp/etc/ssh/ssh_host_ed25519_key"
# Set the correct permissions so sshd will accept the key
chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
nixos-anywhere --extra-files "$temp" --store-paths $(nix-build -A nixosConfigurations.\"$machine\".config.system.build.diskoScript) $(nix-build -A nixosConfigurations.\"$machine\".config.system.build.toplevel) "${extra_args[@]}" root@"$ip"

3
shell.nix
View file

@ -3,9 +3,10 @@ let
pkgs = import inputs.nixpkgs { };
nixos-anywhere = pkgs.callPackage "${inputs.nixos-anywhere}/src/default.nix" { };
agenix = pkgs.callPackage "${inputs.agenix}/pkgs/agenix.nix" { };
bootstrap = import scripts/bootstrap-machine.nix;
in
pkgs.mkShell {
nativeBuildInputs = with pkgs; [ colmena npins nixos-anywhere agenix ];
nativeBuildInputs = with pkgs; [ colmena npins nixos-anywhere agenix bootstrap ];
}