run: rsync nix imports

This commit is contained in:
tv 2015-03-18 12:13:29 +01:00
parent df503a6679
commit 4df17e9962
2 changed files with 71 additions and 9 deletions

70
run
View File

@ -18,12 +18,25 @@ deploy() {(
target=$2 target=$2
hosts=$(list_hosts) hosts=$(list_hosts)
imports=$(set -euf; list_imports "$main") module_imports=$(set -euf; list_module_imports "$main")
secrets=$(echo "$imports" | xargs cat | quoted_strings | filter_secrets) other_imports=$(
echo "$module_imports" \
| xargs grep -H . \
| import_statements \
| slash_path_relpath \
| undot_paths \
| sort \
| uniq \
| sed '/\.nix$/!s:$:/default.nix:' \
)
secrets=$(echo "$module_imports" | xargs cat | quoted_strings | filter_secrets)
# TODO collect all other paths from *_imports
abs_deps=$( abs_deps=$(
echo "$hosts" echo "$hosts"
echo "$imports" echo "$module_imports"
echo "$other_imports"
echo "$secrets" echo "$secrets"
) )
@ -35,8 +48,8 @@ deploy() {(
ssh "$target" nixos-rebuild switch -I nixos-config=/etc/nixos/"$main" ssh "$target" nixos-rebuild switch -I nixos-config=/etc/nixos/"$main"
)} )}
# list_imports : nix-file -> lines nix-file # list_module_imports : nix-file -> lines nix-file
list_imports() { list_module_imports() {
if echo "$1" | grep -q ^/; then if echo "$1" | grep -q ^/; then
: :
else else
@ -65,6 +78,38 @@ filter_secrets() {
sed -n 's:^\(.*/\)\?\(secrets/.*\):'"${PWD//:/\\:}"'/\2:p' sed -n 's:^\(.*/\)\?\(secrets/.*\):'"${PWD//:/\\:}"'/\2:p'
} }
# import_statements : lines (path ": " string) |> lines (path ": " relpath)
import_statements() {
sed -n '
s@^\([^:]\+: \)\('"$(bre_invert_word import)"'\)*\<import\s\+@\1@
t1;d
:1; s@^\([^:]\+: \)\(\.*/\S*\)@\1\2\n@
t2;d
:2; P;D
'
}
# slash_path_relpath : lines (path ": " relpath) |> lines path
#
# Example: "/foo/bar: baz" => "/foo/baz"
#
slash_path_relpath() {
sed -n 's@/[^/]\+: @/@p'
}
# undot_paths : lines path |> lines path
# Remove all dots (. and ..) from input paths.
undot_paths() {
sed '
:0
s://\+:/:g
s:/\.\(/\|$\):\1:g
s:/[^/]\+/\.\.\(/\|$\):\1:g
s:^/\(\.\./\)\+:/:
t0
s:^$:/:
'
}
# quoted_strings : lines string |> lines string # quoted_strings : lines string |> lines string
# Extract all (double-) quoted strings from stdin. # Extract all (double-) quoted strings from stdin.
@ -86,6 +131,21 @@ bre_escape() {
sed 's:[\.\[\\\*\^\$]:\\&:g' sed 's:[\.\[\\\*\^\$]:\\&:g'
} }
# bre_invert_word : string -> BRE
# TODO escape chars in the resulting BRE.
bre_invert_word() {
awk -v input="$1" '
BEGIN {
split(input,s,"")
for (i in s) {
c=s[i]
printf "\\|%s[^%s]", y, c
y = y c
}
}
'
}
# ls_bre : directory -> BRE # ls_bre : directory -> BRE
# Create a BRE from the files in a directory. # Create a BRE from the files in a directory.
ls_bre() { ls_bre() {

10
wu.nix
View File

@ -9,7 +9,7 @@ with (import ./lib { inherit pkgs; });
./modules/urxvt.nix ./modules/urxvt.nix
./modules/iptables.nix ./modules/iptables.nix
./modules/users.nix ./modules/users.nix
./modules/tools.nix #./modules/tools.nix
./modules/hosts.nix ./modules/hosts.nix
./modules/xserver.nix ./modules/xserver.nix
./modules/exim.nix ./modules/exim.nix
@ -280,9 +280,11 @@ with (import ./lib { inherit pkgs; });
"slock" "slock"
]; ];
security.pki.certificateFiles = [ # TODO
./certs/zalora-ca.crt # Currently ./run doesn't know about certificates
]; #security.pki.certificateFiles = [
# ./certs/zalora-ca.crt
#];
#security.pam.loginLimits = [ #security.pam.loginLimits = [
# # for jack # # for jack