up

Signed-off-by: Christoph Schmatzler <christoph@schmatzler.com>
2025-08-23 16:37:54 +00:00
parent acd58a2f53
commit 3d127819ea
16 changed files with 252 additions and 633 deletions
--- a/apps/x86_64-linux/apply
+++ b/apps/x86_64-linux/apply
@@ -1,169 +1,29 @@
 #!/usr/bin/env bash

+set -euo pipefail
+
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
-NC='\033[0m' # No Color
+BLUE='\033[0;34m'
+NC='\033[0m'

-# Determine the operating system
-export OS=$(uname)
-
-# Primary network interface
-if [[ "$OS" != "Darwin" ]]; then
-  export PRIMARY_IFACE=$(ip -o -4 route show to default | awk '{print $5}')
-  echo -e "${GREEN}Found primary network interface $PRIMARY_IFACE${NC}"
-fi
-
-# Custom print function
-_print() {
-  if [[ "$OS" == "Darwin" ]]; then
-    echo -e "$1"
-  else
-    echo "$1"
-  fi
+print_info() {
+    echo -e "${BLUE}ℹ ${NC} $1"
 }

-# Custom prompt function
-_prompt() {
-  local message="$1"
-  local variable="$2"
-
-  _print "$message"
-  read -r $variable
+print_success() {
+    echo -e "${GREEN}✓${NC} $1"
 }

+HOSTNAME="${1:-tahani}"

+print_info "Applying configuration for $HOSTNAME"

-# Fetch username from the system
-export USERNAME=$(whoami)
-
-# If the username is 'nixos' or 'root', ask the user for their username
-if [[ "$USERNAME" == "nixos" ]] || [[ "$USERNAME" == "root" ]]; then
-  _prompt "${YELLOW}You're running as $USERNAME. Please enter your desired username: ${NC}" USERNAME
-fi
-
-# Check if git is available
-if command -v git >/dev/null 2>&1; then
-  # Fetch email and name from git config
-  export GIT_EMAIL=$(git config --get user.email)
-  export GIT_NAME=$(git config --get user.name)
+if [[ "$EUID" -ne 0 ]]; then
+    sudo nixos-rebuild switch --flake ".#$HOSTNAME" "${@:2}"
 else
-  _print "${RED}Git is not available on this system.${NC}"
+    nixos-rebuild switch --flake ".#$HOSTNAME" "${@:2}"
 fi

-# If git email is not found or git is not available, ask the user
-if [[ -z "$GIT_EMAIL" ]]; then
-  _prompt "${YELLOW}Please enter your email: ${NC}" GIT_EMAIL
-fi
-
-# If git name is not found or git is not available, ask the user
-if [[ -z "$GIT_NAME" ]]; then
-  _prompt "${YELLOW}Please enter your name: ${NC}" GIT_NAME
-fi
-
-if [[ -z "$GITHUB_USER" ]]; then
-  _prompt "${YELLOW}Please enter your Github username: ${NC}" GITHUB_USER
-fi
-
-if [[ -z "$GITHUB_SECRETS_REPO" ]]; then
-  _prompt "${YELLOW}Please enter your Github secrets repository name: ${NC}" GITHUB_SECRETS_REPO
-fi
-
-export GITHUB_USER
-export GITHUB_SECRETS_REPO
-
-select_boot_disk() {
-  local disks
-  local _boot_disk
-
-  _print "${YELLOW}Available disks:${NC}"
-  disks=$(lsblk -nd --output NAME,SIZE | grep -v loop)
-  echo "$disks"
-
-  # Warning message for data deletion
-  _print "${RED}WARNING: All data on the chosen disk will be erased during the installation!${NC}"
-  _prompt "${YELLOW}Please enter the name of your boot disk (e.g., sda, nvme0n1). Do not include the full path ("/dev/"): ${NC}" _boot_disk
-
-  # Confirmation for disk selection to prevent accidental data loss
-  _print "${YELLOW}You have selected $_boot_disk as the boot disk. This will delete everything on this disk. Are you sure? (Y/N): ${NC}"
-  read -r confirmation
-  if [[ "$confirmation" =~ ^[Yy]$ ]]; then
-    export BOOT_DISK=$_boot_disk
-  else
-    _print "${RED}Disk selection cancelled by the user. Please run the script again to select the correct disk.${NC}"
-    exit 1
-  fi
-}
-
-# Set hostname and find primary disk if this is NixOS
-if [[ "$OS" != "Darwin" ]]; then
-  _prompt "${YELLOW}Please enter a hostname for the system: ${NC}" HOST_NAME
-  export HOST_NAME
-  select_boot_disk
-fi
-
-# Confirmation step
-confirm_details() {
-  _print "${GREEN}Username: $USERNAME"
-  _print "Email: $GIT_EMAIL"
-  _print "Name: $GIT_NAME${NC}"
-
-  if([[ "$OS" != "Darwin" ]]); then
-    _print "${GREEN}Primary interface: $PRIMARY_IFACE"
-    _print "Boot disk: $BOOT_DISK"
-    _print "Hostname: $HOST_NAME${NC}"
-  fi
-
-  _print "${GREEN}Secrets repository: $GITHUB_USER/$GITHUB_SECRETS_REPO${NC}"
-
-  _prompt "${YELLOW}Is this correct? yes/no: ${NC}" choice
-
-  case "$choice" in
-    [Nn] | [Nn][Oo] )
-      _print "${RED}Exiting script.${NC}"
-      exit 1
-      ;;
-    [Yy] | [Yy][Ee][Ss] )
-      _print "${GREEN}Continuing...${NC}"
-      ;;
-    * )
-      _print "${RED}Invalid option. Exiting script.${NC}"
-      exit 1
-      ;;
-  esac
-}
-
-# Call the confirmation function
-confirm_details
-
-# Function to replace tokens in each file
-replace_tokens() {
-  local file="$1"
-  if [[ $(basename $1) != "apply" ]]; then
-    if [[ "$OS" == "Darwin" ]]; then
-      # macOS
-      LC_ALL=C LANG=C sed -i '' -e "s/%USER%/$USERNAME/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%EMAIL%/$GIT_EMAIL/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%NAME%/$GIT_NAME/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      LC_ALL=C LANG=C sed -i '' -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
-    else
-      # Linux or other
-      sed -i -e "s/%USER%/$USERNAME/g" "$file"
-      sed -i -e "s/%EMAIL%/$GIT_EMAIL/g" "$file"
-      sed -i -e "s/%NAME%/$GIT_NAME/g" "$file"
-      sed -i -e "s/%INTERFACE%/$PRIMARY_IFACE/g" "$file"
-      sed -i -e "s/%DISK%/$BOOT_DISK/g" "$file"
-      sed -i -e "s/%HOST%/$HOST_NAME/g" "$file"
-      sed -i -e "s/%GITHUB_USER%/$GITHUB_USER/g" "$file"
-      sed -i -e "s/%GITHUB_SECRETS_REPO%/$GITHUB_SECRETS_REPO/g" "$file"
-    fi
-  fi
-}
-
-# Traverse directories and call replace_tokens on each Nix file
-export -f replace_tokens
-find . -type f -exec bash -c 'replace_tokens "$0"' {} \;
-
-echo "$USERNAME" > /tmp/username.txt
-_print "${GREEN}User $USERNAME information applied.${NC}"
+print_success "Configuration applied successfully"
--- a/apps/x86_64-linux/build
+++ b/apps/x86_64-linux/build
@@ -1,15 +1,29 @@
-#!/bin/sh -e
+#!/usr/bin/env bash

-GREEN='\033[1;32m'
+set -euo pipefail
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
-RED='\033[1;31m'
+BLUE='\033[0;34m'
 NC='\033[0m'

-HOSTNAME="tahani"
+print_info() {
+    echo -e "${BLUE}ℹ ${NC} $1"
+}

-export NIXPKGS_ALLOW_UNFREE=1
+print_success() {
+    echo -e "${GREEN}✓${NC} $1"
+}

-echo "${YELLOW}Starting build...${NC}"
-nix --extra-experimental-features 'nix-command flakes' build --print-out-paths '.#nixosConfigurations."tahani".config.system.build.toplevel' --no-link $@
+HOSTNAME="${1:-tahani}"

-echo "${GREEN}Build complete!${NC}"
+print_info "Building configuration for $HOSTNAME"
+
+nix build ".#nixosConfigurations.$HOSTNAME.config.system.build.toplevel" --show-trace "${@:2}"
+
+if [[ -L ./result ]]; then
+    unlink ./result
+fi
+
+print_success "Build completed successfully"
--- a/apps/x86_64-linux/build-switch
+++ b/apps/x86_64-linux/build-switch
@@ -1,17 +1,44 @@
-#!/bin/sh -e
+#!/usr/bin/env bash

-VERSION=1.0
+set -euo pipefail

-GREEN='\033[1;32m'
-RED='\033[1;31m'
+RED='\033[0;31m'
+GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
 NC='\033[0m'

-HOSTNAME="tahani"
+print_info() {
+    echo -e "${BLUE}ℹ ${NC} $1"
+}

-echo -e "${YELLOW}Starting...${NC}"
+print_success() {
+    echo -e "${GREEN}✓${NC} $1"
+}

-# We pass SSH from user to root so root can download secrets from our private Github
-sudo SSH_AUTH_SOCK=$SSH_AUTH_SOCK /run/current-system/sw/bin/nixos-rebuild switch --flake .#$HOSTNAME $@
+print_error() {
+    echo -e "${RED}✗${NC} $1"
+}

-echo -e "${GREEN}Switch to new generation complete!${NC}"
+HOSTNAME="${1:-tahani}"
+
+print_info "Building and switching configuration for $HOSTNAME"
+
+# Build
+print_info "Building configuration..."
+if ! nix build ".#nixosConfigurations.$HOSTNAME.config.system.build.toplevel" --no-link "${@:2}"; then
+    print_error "Build failed"
+    exit 1
+fi
+
+print_success "Build completed"
+
+# Switch - note this requires sudo permissions
+print_info "Switching to new configuration (requires sudo)..."
+if [[ "$EUID" -ne 0 ]]; then
+    sudo nixos-rebuild switch --flake ".#$HOSTNAME" "${@:2}"
+else
+    nixos-rebuild switch --flake ".#$HOSTNAME" "${@:2}"
+fi
+
+print_success "Build and switch completed successfully"
--- a/apps/x86_64-linux/rollback
+++ b/apps/x86_64-linux/rollback
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+print_info() {
+    echo -e "${BLUE}ℹ ${NC} $1"
+}
+
+print_success() {
+    echo -e "${GREEN}✓${NC} $1"
+}
+
+print_error() {
+    echo -e "${RED}✗${NC} $1"
+}
+
+print_warning() {
+    echo -e "${YELLOW}⚠${NC} $1"
+}
+
+print_info "Available system generations:"
+if [[ "$EUID" -ne 0 ]]; then
+    sudo nix-env --profile /nix/var/nix/profiles/system --list-generations
+else
+    nix-env --profile /nix/var/nix/profiles/system --list-generations
+fi
+
+echo -n "Enter generation number to rollback to: "
+read -r GEN_NUM
+
+if [[ -z "$GEN_NUM" ]]; then
+    print_error "No generation number provided"
+    exit 1
+fi
+
+print_warning "Rolling back to generation $GEN_NUM..."
+if [[ "$EUID" -ne 0 ]]; then
+    sudo nix-env --profile /nix/var/nix/profiles/system --switch-generation "$GEN_NUM" && \
+    sudo /nix/var/nix/profiles/system/bin/switch-to-configuration switch
+else
+    nix-env --profile /nix/var/nix/profiles/system --switch-generation "$GEN_NUM" && \
+    /nix/var/nix/profiles/system/bin/switch-to-configuration switch
+fi
+
+print_success "Rollback to generation $GEN_NUM complete"