swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 17:17:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: chaostheatre not building after secret changes

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-03-22 00:32:10 +01:00
parent 1f47b46916
commit 5c207050a3
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
7 changed files with 254 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

93
SwarselSystems.org
View file

@ -1981,7 +1981,7 @@ I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to ru
#+begin_src nix :tangle hosts/nixos/chaostheatre/default.nix #+begin_src nix :tangle hosts/nixos/chaostheatre/default.nix
{ self, pkgs, lib, ... }: { self, config, pkgs, lib, ... }:
let let
profilesPath = "${self}/profiles"; profilesPath = "${self}/profiles";
in in
@ -1989,6 +1989,10 @@ I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to ru
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./disk-config.nix
{
_module.args.diskDevice = config.swarselsystems.rootDisk;
}
"${profilesPath}/nixos/optional/autologin.nix" "${profilesPath}/nixos/optional/autologin.nix"
]; ];
@ -2015,6 +2019,12 @@ I also set the =WLR_RENDERER_ALLOW_SOFTWARE=1= to allow this configuration to ru
initialSetup = true; initialSetup = true;
isPublic = true; isPublic = true;
isLinux = true; isLinux = true;
isImpermanence = true;
isCrypted = true;
isSecureBoot = false;
isSwap = true;
swapSize = "4G";
rootDisk = "/dev/vda";
}; };
home-manager.users.swarsel.swarselsystems = { home-manager.users.swarsel.swarselsystems = {
@ -3109,7 +3119,15 @@ This program builds a configuration locally.
yellow "The ssh key for this configuration is not available." yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable" green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
git add flake.nix sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
nix flake update vbc-nix
git add .
else else
green "Valid SSH key found! Continuing with installation" green "Valid SSH key found! Continuing with installation"
fi fi
@ -3146,18 +3164,20 @@ This program sets up a new NixOS host locally.
target_hostname="chaostheatre" target_hostname="chaostheatre"
target_user="swarsel" target_user="swarsel"
persist_dir="" persist_dir=""
target_disk="/dev/vda"
disk_encryption=0 disk_encryption=0
function help_and_exit() { function help_and_exit() {
echo echo
echo "Locally installs SwarselSystem on this machine." echo "Locally installs SwarselSystem on this machine."
echo echo
echo "USAGE: $0 -n <target_config> [OPTIONS]" echo "USAGE: $0 -n <target_config> -d <target_disk> [OPTIONS]"
echo echo
echo "ARGS:" echo "ARGS:"
echo " -n <target_config> specify the nixos config to deploy." echo " -n <target_config> specify the nixos config to deploy."
echo " Default: chaostheatre" echo " Default: chaostheatre"
echo " Default: chaostheatre" echo " -d <target_disk> specify disk to install on."
echo " Default: /dev/vda"
echo " -u <target_user> specify user to deploy for." echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel" echo " Default: swarsel"
echo " -h | --help Print this help." echo " -h | --help Print this help."
@ -3194,6 +3214,10 @@ This program sets up a new NixOS host locally.
shift shift
target_user=$1 target_user=$1
;; ;;
-d)
shift
target_disk=$1
;;
-h | --help) help_and_exit ;; -h | --help) help_and_exit ;;
,*) ,*)
echo "Invalid option detected." echo "Invalid option detected."
@ -3209,7 +3233,7 @@ This program sets up a new NixOS host locally.
} }
trap cleanup exit trap cleanup exit
green "~SwarselSystems~ remote installer" green "~SwarselSystems~ local installer"
cd /home/"$target_user" cd /home/"$target_user"
@ -3220,9 +3244,31 @@ This program sets up a new NixOS host locally.
green "Cloning repository from GitHub" green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git git clone https://github.com/Swarsel/.dotfiles.git
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable ..."
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
green "Reading system information for $target_config ..." green "Reading system information for $target_config ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)" DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk: $DISK" green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)" CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then if [[ $CRYPTED == "true" ]]; then
@ -3256,25 +3302,6 @@ This program sets up a new NixOS host locally.
red "Secure Boot: X" red "Secure Boot: X"
fi fi
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
if [ "$disk_encryption" -eq 1 ]; then if [ "$disk_encryption" -eq 1 ]; then
while true; do while true; do
green "Set disk encryption passphrase:" green "Set disk encryption passphrase:"
@ -3290,16 +3317,20 @@ This program sets up a new NixOS host locally.
done done
fi fi
green "Setting up disk" green "Setting up disk ..."
if [[ $target_config == "chaostheatre" ]]; then
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk"
else
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks
fi
sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/ sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/
sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/ sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/
sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user" sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user"
green "Generating hardware configuration" green "Generating hardware configuration ..."
sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/ sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/
green "Injecting initialSetup" green "Injecting initialSetup ..."
sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix
@ -8717,10 +8748,10 @@ This holds packages that I can use as provided, or with small modifications (as
This is just a separate container for derivations defined in [[#h:64a5cc16-6b16-4802-b421-c67ccef853e1][Packages]]. This is a good idea so that I do not lose track of package names I have defined myself, as this was once a problem in the past already. This is just a separate container for derivations defined in [[#h:64a5cc16-6b16-4802-b421-c67ccef853e1][Packages]]. This is a good idea so that I do not lose track of package names I have defined myself, as this was once a problem in the past already.
#+begin_src nix :tangle profiles/home/common/custom-packages.nix #+begin_src nix :tangle profiles/home/common/custom-packages.nix
{ pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = with pkgs; [ home.packages = with pkgs; lib.mkIf (!config.swarselsystems.isPublic) [
pass-fuzzel pass-fuzzel
cura5 cura5
cdw cdw
@ -9678,7 +9709,7 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
# this is needed so that mbsync can use the passwords from sops # this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
accounts = { accounts = lib.mkIf (!config.swarselsystems.isPublic) {
email = { email = {
maildirBasePath = "Mail"; maildirBasePath = "Mail";
accounts = { accounts = {

12
hosts/nixos/chaostheatre/default.nix
View file

@ -1,4 +1,4 @@
{ self, pkgs, lib, ... }: { self, config, pkgs, lib, ... }:
let let
profilesPath = "${self}/profiles"; profilesPath = "${self}/profiles";
in in
@ -6,6 +6,10 @@ in
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./disk-config.nix
{
_module.args.diskDevice = config.swarselsystems.rootDisk;
}
"${profilesPath}/nixos/optional/autologin.nix" "${profilesPath}/nixos/optional/autologin.nix"
]; ];
@ -32,6 +36,12 @@ in
initialSetup = true; initialSetup = true;
isPublic = true; isPublic = true;
isLinux = true; isLinux = true;
isImpermanence = true;
isCrypted = true;
isSecureBoot = false;
isSwap = true;
swapSize = "4G";
rootDisk = "/dev/vda";
}; };
home-manager.users.swarsel.swarselsystems = { home-manager.users.swarsel.swarselsystems = {

128
hosts/nixos/chaostheatre/disk-config.nix Normal file
View file

@ -0,0 +1,128 @@
# NOTE: ... is needed because dikso passes diskoFile
{ lib
, pkgs
, config
, diskDevice ? config.swarselsystem.rootDisk
, ...
}:
let
type = "btrfs";
extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"subvol=root"
"compress=zstd"
"noatime"
];
};
"/home" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/home";
mountOptions = [
"subvol=home"
"compress=zstd"
"noatime"
];
};
"/persist" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/persist";
mountOptions = [
"subvol=persist"
"compress=zstd"
"noatime"
];
};
"/log" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/var/log";
mountOptions = [
"subvol=log"
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
"/swap" = lib.mkIf config.swarselsystems.isSwap {
mountpoint = "/.swapvol";
swap.swapfile.size = config.swarselsystems.swapSize;
};
};
in
{
disko.devices = {
disk = {
disk0 = {
type = "disk";
device = diskDevice;
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
root = lib.mkIf (!config.swarselsystems.isCrypted) {
size = "100%";
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
luks = lib.mkIf config.swarselsystems.isCrypted {
size = "100%";
content = {
type = "luks";
name = "cryptroot";
passwordFile = "/tmp/disko-password"; # this is populated by bootstrap.sh
settings = {
allowDiscards = true;
# https://github.com/hmajid2301/dotfiles/blob/a0b511c79b11d9b4afe2a5e2b7eedb2af23e288f/systems/x86_64-linux/framework/disks.nix#L36
crypttabExtraOpts = [
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/mapper/cryptroot" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
environment.systemPackages = [
pkgs.yubikey-manager
];
}

4
profiles/home/common/custom-packages.nix
View file

@ -1,7 +1,7 @@
{ pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = with pkgs; [ home.packages = with pkgs; lib.mkIf (!config.swarselsystems.isPublic) [
pass-fuzzel pass-fuzzel
cura5 cura5
cdw cdw

2
profiles/home/common/mail.nix
View file

@ -26,7 +26,7 @@ in
# this is needed so that mbsync can use the passwords from sops # this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
accounts = { accounts = lib.mkIf (!config.swarselsystems.isPublic) {
email = { email = {
maildirBasePath = "Mail"; maildirBasePath = "Mail";
accounts = { accounts = {

67
scripts/swarsel-install.sh
View file

@ -4,18 +4,20 @@ target_config="chaostheatre"
target_hostname="chaostheatre" target_hostname="chaostheatre"
target_user="swarsel" target_user="swarsel"
persist_dir="" persist_dir=""
target_disk="/dev/vda"
disk_encryption=0 disk_encryption=0
function help_and_exit() { function help_and_exit() {
echo echo
echo "Locally installs SwarselSystem on this machine." echo "Locally installs SwarselSystem on this machine."
echo echo
echo "USAGE: $0 -n <target_config> [OPTIONS]" echo "USAGE: $0 -n <target_config> -d <target_disk> [OPTIONS]"
echo echo
echo "ARGS:" echo "ARGS:"
echo " -n <target_config> specify the nixos config to deploy." echo " -n <target_config> specify the nixos config to deploy."
echo " Default: chaostheatre" echo " Default: chaostheatre"
echo " Default: chaostheatre" echo " -d <target_disk> specify disk to install on."
echo " Default: /dev/vda"
echo " -u <target_user> specify user to deploy for." echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel" echo " Default: swarsel"
echo " -h | --help Print this help." echo " -h | --help Print this help."
@ -52,6 +54,10 @@ while [[ $# -gt 0 ]]; do
shift shift
target_user=$1 target_user=$1
;; ;;
-d)
shift
target_disk=$1
;;
-h | --help) help_and_exit ;; -h | --help) help_and_exit ;;
*) *)
echo "Invalid option detected." echo "Invalid option detected."
@ -67,7 +73,7 @@ function cleanup() {
} }
trap cleanup exit trap cleanup exit
green "~SwarselSystems~ remote installer" green "~SwarselSystems~ local installer"
cd /home/"$target_user" cd /home/"$target_user"
@ -78,9 +84,31 @@ sudo rm -rf .dotfiles
green "Cloning repository from GitHub" green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git git clone https://github.com/Swarsel/.dotfiles.git
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable ..."
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
green "Reading system information for $target_config ..." green "Reading system information for $target_config ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)" DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk: $DISK" green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)" CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then if [[ $CRYPTED == "true" ]]; then
@ -114,25 +142,6 @@ else
red "Secure Boot: X" red "Secure Boot: X"
fi fi
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/keys/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
if [ "$disk_encryption" -eq 1 ]; then if [ "$disk_encryption" -eq 1 ]; then
while true; do while true; do
green "Set disk encryption passphrase:" green "Set disk encryption passphrase:"
@ -148,16 +157,20 @@ if [ "$disk_encryption" -eq 1 ]; then
done done
fi fi
green "Setting up disk" green "Setting up disk ..."
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks if [[ $target_config == "chaostheatre" ]]; then
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk"
else
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks
fi
sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/ sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/
sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/ sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/
sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user" sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user"
green "Generating hardware configuration" green "Generating hardware configuration ..."
sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/ sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/
green "Injecting initialSetup" green "Injecting initialSetup ..."
sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix sudo sed -i '/ boot.extraModulePackages /a \ swarselsystems.initialSetup = true;' /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_config"/hardware-configuration.nix

10
scripts/swarsel-rebuild.sh
View file

@ -75,7 +75,15 @@ if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available." yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable" green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
git add flake.nix sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm profiles/home/common/env.nix
rm profiles/home/common/gammastep.nix
rm profiles/home/common/git.nix
rm profiles/home/common/mail.nix
rm profiles/nixos/common/home-manager-extra.nix
nix flake update vbc-nix
git add .
else else
green "Valid SSH key found! Continuing with installation" green "Valid SSH key found! Continuing with installation"
fi fi