default.nix 1.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. args:
  2. let
  3. hostPkgs = import <nixpkgs> {};
  4. importJson = hostPkgs.lib.importJSON;
  5. krops = hostPkgs.fetchgit {
  6. "url" = "https://cgit.krebsco.de/krops/";
  7. "rev"= "2e93a93ac264a480b427acc2684993476732539d";
  8. "sha256"= "1s6b2cs60xa270ynhr32qj1rcy3prvf9pidap0qbbvgg008iafxk";
  9. };
  10. lib = import "${krops}/lib";
  11. pkgs = import "${krops}/pkgs" args;
  12. # interface to krops
  13. core = {
  14. populate = target: sources:
  15. pkgs.writeDash "populate-${target.host}" /* sh */ ''
  16. ${pkgs.populate {
  17. inherit target;
  18. force = true;
  19. source = lib.evalSource [ sources ];
  20. }}
  21. '';
  22. jobs = name: listOfJobs:
  23. pkgs.writeShellScriptBin name /* sh */ ''
  24. set -eu
  25. ${lib.concatStringsSep "\n" (map toString listOfJobs)}
  26. '';
  27. switch = target:
  28. pkgs.writeDash "switch-${target.host}" /* sh */ ''
  29. set -eu
  30. ${pkgs.openssh}/bin/ssh \
  31. ${target.user}@${target.host} -p ${target.port} \
  32. nixos-rebuild switch \
  33. -I ${target.path} \
  34. -I "/run/plops-secrets"
  35. '';
  36. };
  37. # high level syntax sugar
  38. ops = {
  39. populate = sources: target:
  40. core.populate target sources;
  41. switch = target:
  42. core.switch target;
  43. jobs = name: target: listOfJobs:
  44. ops.jobs' name (lib.mkTarget target) listOfJobs;
  45. jobs' = name: target: listOfJobs:
  46. core.jobs name (map (elem: elem target) listOfJobs);
  47. populateTmpfs = sources: target:
  48. with lib;
  49. let
  50. tmpfs = "/run/plops-secrets/";
  51. in
  52. core.populate (target // { path = tmpfs; }) sources;
  53. };
  54. in
  55. {
  56. inherit lib core importJson pkgs;
  57. inherit (ops) populate switch jobs populateTmpfs;
  58. # todo improve this
  59. # separate to make ti overwritable
  60. #pkgs = import "${krops}/pkgs";
  61. }