justfile at main · isabelroses.com/dotfiles

isabelroses.com / dotfiles
fork atom
my over complex system configurations dotfiles.isabelroses.com/
nixos nix flake dotfiles linux
fork atom
dotfiles / justfile
at main 176 lines 4.4 kB view raw
wrap content
isabelroses.com justfile: add color back to diff 6w ago
123aba73
  1flake := env('FLAKE', justfile_directory())
  2
  3# rebuild is also set as a var so you can add --set to change it if you need to
  4
  5rebuild := if os() == "macos" { "sudo darwin-rebuild" } else { "nixos-rebuild" }
  6system-args := if os() == "macos" { "" } else { "--sudo --no-reexec" }
  7
  8[private]
  9default:
 10    @just --list --unsorted
 11
 12# rebuild group
 13
 14[group('rebuild')]
 15[no-exit-message]
 16[private]
 17builder goal *args:
 18    #!/usr/bin/env bash
 19    set -euo pipefail
 20    {{ rebuild }} {{ goal }} \
 21      --flake {{ flake }} \
 22      --log-format internal-json \
 23      {{ system-args }} \
 24      {{ args }} \
 25      |& nom --json
 26
 27[group('rebuild')]
 28[no-exit-message]
 29deploy host *args:
 30    #!/usr/bin/env bash
 31    set -euo pipefail
 32    before=$(ssh -q {{ host }} 'readlink /run/current-system')
 33    just builder switch --target-host {{ host }} --use-substitutes {{ args }}
 34
 35    if [[ -n "${DEPLOY_SUMMARY:-}" ]]; then
 36        {
 37            echo "===== {{ host }} ====="
 38            ssh -q {{ host }} TERM=xterm-256color lix diff "$before"
 39            echo
 40        } >> "$DEPLOY_SUMMARY"
 41    else
 42        ssh {{ host }} TERM=xterm-256color lix diff "$before"
 43    fi
 44
 45[group('rebuild')]
 46[no-exit-message]
 47deploy-all:
 48    #!/usr/bin/env bash
 49    set -euo pipefail
 50    export DEPLOY_SUMMARY=".deploy-summary"
 51    : > "$DEPLOY_SUMMARY"
 52
 53    just deploy minerva
 54    just deploy athena
 55    just deploy aphrodite
 56    just deploy skadi
 57    just deploy hephaestus
 58    just deploy isis
 59
 60    echo
 61    echo "===== DEPLOYMENT SUMMARY ====="
 62    cat "$DEPLOY_SUMMARY"
 63    rm "$DEPLOY_SUMMARY"
 64
 65# rebuild the boot
 66[group('rebuild')]
 67[no-exit-message]
 68boot *args: (builder "boot" args)
 69
 70# test what happens when you switch
 71[group('rebuild')]
 72[no-exit-message]
 73test *args: (builder "test" args)
 74
 75# switch the new system configuration
 76[group('rebuild')]
 77[no-exit-message]
 78switch *args:
 79    #!/usr/bin/env bash
 80    set -euo pipefail
 81    before=$(readlink /run/current-system)
 82    just builder switch {{ args }}
 83    lix diff "$before"
 84
 85[group('rebuild')]
 86[macos]
 87[no-exit-message]
 88provision host:
 89    sudo nix run github:LnL7/nix-darwin -- switch --flake {{ flake }}#{{ host }}
 90    sudo -i nix-env --uninstall lix # we need to remove the none declarative install of lix
 91
 92# package group
 93# build the package, you must specify the package you want to build
 94
 95# build the iso image, you must specify the image you want to build
 96[group('package')]
 97[no-exit-message]
 98iso image:
 99    nom build {{ flake }}#nixosConfigurations.{{ image }}.config.system.build.isoImage
100
101# build the tarball, you must specify the host you want to build
102[group('package')]
103[no-exit-message]
104tar host:
105    sudo nix run {{ flake }}#nixosConfigurations.{{ host }}.config.system.build.tarballBuilder
106
107# dev group
108
109# check the flake for errors
110[group('dev')]
111[no-exit-message]
112check *args:
113    nix flake check --option allow-import-from-derivation false {{ args }}
114
115[group('dev')]
116[no-exit-message]
117repl-host host=`hostname`:
118    nix repl .#nixosConfigurations.{{ host }}
119
120# update a set of given inputs
121[group('dev')]
122[no-exit-message]
123update *input:
124    nix flake update {{ input }} \
125      --refresh \
126      --commit-lock-file \
127      --commit-lockfile-summary "flake.lock: update {{ if input == "" { "all inputs" } else { input } }}" \
128      --flake {{ flake }}
129
130# build & serve the docs locally
131[group('dev')]
132[no-exit-message]
133serve:
134    nix run {{ flake }}#docs.serve
135
136# push to the mirrors
137[group('dev')]
138[no-exit-message]
139push-mirrors:
140    git push git@gitlab.com:isabelroses/dotfiles.git
141    git push --mirror ssh://git@codeberg.org/isabel/dotfiles.git
142    git push --mirror git@tangled.org:isabelroses.com/dotfiles
143
144# rotate all secrets
145[group('dev')]
146[no-exit-message]
147roate-secrets:
148    find secrets/ -name "*.yaml" | xargs -I {} sops rotate -i {}
149
150# update the secret keys
151[group('dev')]
152[no-exit-message]
153update-secrets:
154    find secrets/ -name "*.yaml" | xargs -I {} sops updatekeys -y {}
155
156# utils group
157
158alias fix := repair
159
160# verify the integrity of the nix store
161[group('utils')]
162[no-exit-message]
163verify *args:
164    nix-store --verify {{ args }}
165
166# repairs the nix store from any breakages it may have
167[group('utils')]
168[no-exit-message]
169repair: (verify "--check-contents --repair")
170
171# clean the nix store and optimise it
172[group('utils')]
173[no-exit-message]
174clean:
175    nix-collect-garbage --delete-older-than 3d
176    nix store optimise