justfile at main · isabelroses.com/dotfiles

isabelroses.com / dotfiles
fork
my over complex system configurations dotfiles.isabelroses.com/
nixos nix flake dotfiles linux
fork
dotfiles / justfile
at main 197 lines 5.0 kB view raw
wrap content
isabel systems/hephaestus: remove take 2 8d ago
d8d5938c
  1flake := env('FLAKE', justfile_directory())
  2
  3# rebuild is also set as a var so you can add --set to change it if you need to
  4
  5rebuild := if os() == "macos" { "sudo darwin-rebuild" } else { "nixos-rebuild" }
  6system-args := if os() == "macos" { "" } else { "--sudo --no-reexec" }
  7
  8[private]
  9default:
 10    @just --list --unsorted
 11
 12# rebuild group
 13
 14[group('rebuild')]
 15[no-exit-message]
 16[private]
 17builder goal *args:
 18    #!/usr/bin/env bash
 19    set -euo pipefail
 20    {{ rebuild }} {{ goal }} \
 21      --flake {{ flake }} \
 22      --log-format internal-json \
 23      {{ system-args }} \
 24      {{ args }} \
 25      |& nom --json
 26
 27[group('rebuild')]
 28[no-exit-message]
 29[private]
 30deployer host goal *args:
 31    #!/usr/bin/env bash
 32    set -euo pipefail
 33    before=$(ssh -q {{ host }} 'readlink /run/current-system')
 34    just builder {{ goal }} --target-host {{ host }} --use-substitutes {{ args }}
 35
 36    if [[ -n "${DEPLOY_SUMMARY:-}" ]]; then
 37        {
 38            echo "===== {{ host }} ====="
 39            ssh -q {{ host }} TERM=xterm-256color lix diff "$before"
 40            echo
 41        } >> "$DEPLOY_SUMMARY"
 42    else
 43        ssh {{ host }} TERM=xterm-256color lix diff "$before"
 44    fi
 45
 46# deploy by switching the new system configuration
 47[group('rebuild')]
 48[no-exit-message]
 49deploy host *args: (deployer host "switch" args)
 50
 51# deploy by setting the boot configuration
 52[group('rebuild')]
 53[no-exit-message]
 54deploy-boot host *args: (deployer host "boot" args)
 55
 56[group('rebuild')]
 57[no-exit-message]
 58[private]
 59deployer-all goal:
 60    #!/usr/bin/env bash
 61    set -euo pipefail
 62    export DEPLOY_SUMMARY=".deploy-summary"
 63    : > "$DEPLOY_SUMMARY"
 64
 65    just deployer minerva {{ goal }}
 66    just deployer athena {{ goal }}
 67    just deployer aphrodite {{ goal }}
 68    just deployer skadi {{ goal }}
 69    just deployer isis {{ goal }}
 70
 71    echo
 72    echo "===== DEPLOYMENT SUMMARY ====="
 73    cat "$DEPLOY_SUMMARY"
 74    rm "$DEPLOY_SUMMARY"
 75
 76# deploy to all hosts by switching
 77[group('rebuild')]
 78[no-exit-message]
 79deploy-all: (deployer-all "switch")
 80
 81# deploy to all hosts by setting boot
 82[group('rebuild')]
 83[no-exit-message]
 84deploy-all-boot: (deployer-all "boot")
 85
 86# rebuild the boot
 87[group('rebuild')]
 88[no-exit-message]
 89boot *args: (builder "boot" args)
 90
 91# test what happens when you switch
 92[group('rebuild')]
 93[no-exit-message]
 94test *args: (builder "test" args)
 95
 96# switch the new system configuration
 97[group('rebuild')]
 98[no-exit-message]
 99switch *args:
100    #!/usr/bin/env bash
101    set -euo pipefail
102    before=$(readlink /run/current-system)
103    just builder switch {{ args }}
104    lix diff "$before"
105
106[group('rebuild')]
107[macos]
108[no-exit-message]
109provision host:
110    sudo nix run github:LnL7/nix-darwin -- switch --flake {{ flake }}#{{ host }}
111    sudo -i nix-env --uninstall lix # we need to remove the none declarative install of lix
112
113# package group
114# build the package, you must specify the package you want to build
115
116# build the iso image, you must specify the image you want to build
117[group('package')]
118[no-exit-message]
119iso image:
120    nom build {{ flake }}#nixosConfigurations.{{ image }}.config.system.build.isoImage
121
122# build the tarball, you must specify the host you want to build
123[group('package')]
124[no-exit-message]
125tar host:
126    sudo nix run {{ flake }}#nixosConfigurations.{{ host }}.config.system.build.tarballBuilder
127
128# dev group
129
130# check the flake for errors
131[group('dev')]
132[no-exit-message]
133check *args:
134    nix flake check --option allow-import-from-derivation false {{ args }}
135
136[group('dev')]
137[no-exit-message]
138repl-host host=`hostname`:
139    nix repl .#nixosConfigurations.{{ host }}
140
141# update a set of given inputs
142[group('dev')]
143[no-exit-message]
144update *input:
145    nix flake update {{ input }} \
146      --refresh \
147      --commit-lock-file \
148      --commit-lockfile-summary "flake.lock: update {{ if input == "" { "all inputs" } else { input } }}" \
149      --flake {{ flake }}
150
151# build & serve the docs locally
152[group('dev')]
153[no-exit-message]
154serve:
155    nix run {{ flake }}#docs.serve
156
157# push to the mirrors
158[group('dev')]
159[no-exit-message]
160push-mirrors:
161    git push git@gitlab.com:isabelroses/dotfiles.git
162    git push --mirror ssh://git@codeberg.org/isabel/dotfiles.git
163    git push --mirror git@tangled.org:isabelroses.com/dotfiles
164
165# rotate all secrets
166[group('dev')]
167[no-exit-message]
168roate-secrets:
169    find secrets/ -name "*.yaml" | xargs -I {} sops rotate -i {}
170
171# update the secret keys
172[group('dev')]
173[no-exit-message]
174update-secrets:
175    find secrets/ -name "*.yaml" | xargs -I {} sops updatekeys -y {}
176
177# utils group
178
179alias fix := repair
180
181# verify the integrity of the nix store
182[group('utils')]
183[no-exit-message]
184verify *args:
185    nix-store --verify {{ args }}
186
187# repairs the nix store from any breakages it may have
188[group('utils')]
189[no-exit-message]
190repair: (verify "--check-contents --repair")
191
192# clean the nix store and optimise it
193[group('utils')]
194[no-exit-message]
195clean:
196    nix-collect-garbage --delete-older-than 3d
197    nix store optimise
Configure Feed

Configure Feed
