diff options
author | Alex Auvolat <alex@adnab.me> | 2022-02-09 12:09:49 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-02-09 12:09:49 +0100 |
commit | f03cafd49b48eabc4743b3a3791fd22f19cb0de1 (patch) | |
tree | e31d1c68502e4ee2f8f4dc67235eac0e220b2fbd /deploy.sh | |
parent | cce5cd17f5429295eb2165480ca941dd3f49b788 (diff) | |
download | nixcfg-f03cafd49b48eabc4743b3a3791fd22f19cb0de1.tar.gz nixcfg-f03cafd49b48eabc4743b3a3791fd22f19cb0de1.zip |
Modularize and prepare to support multiple clusters
Diffstat (limited to 'deploy.sh')
-rwxr-xr-x | deploy.sh | 36 |
1 files changed, 25 insertions, 11 deletions
@@ -1,15 +1,27 @@ #!/usr/bin/env bash +# Get cluster subdirectory name + cd $(dirname $0) +CLUSTER="$1" +if [ -z "$CLUSTER" ] || [ ! -d "cluster/$CLUSTER" ]; then + echo "Usage: $0 <cluster name>" + echo "The cluster name must be the name of a subdirectory of cluster/" + exit 1 +fi +shift 1 + +# Do actual stuff + if [ -z "$1" ]; then - NIXHOSTLIST=$(ls node | grep -v '\.site\.') + NIXHOSTLIST=$(ls cluster/$CLUSTER/node | grep -v '\.site\.') else NIXHOSTLIST="$@" fi TMP_PATH=/tmp/tmp-deploy-$(date +%s) - +SSH_CONFIG=cluster/$CLUSTER/ssh_config YEAR=$(date +%Y) for NIXHOST in $NIXHOSTLIST; do @@ -25,25 +37,27 @@ for NIXHOST in $NIXHOSTLIST; do echo "Sending NixOS config files" - ssh -F ssh_config $SSH_DEST mkdir -p $TMP_PATH $TMP_PATH/pki - cat configuration.nix | ssh -F ssh_config $SSH_DEST tee $TMP_PATH/configuration.nix > /dev/null - cat node/$NIXHOST.nix | ssh -F ssh_config $SSH_DEST tee $TMP_PATH/node.nix > /dev/null - cat node/$NIXHOST.site.nix | ssh -F ssh_config $SSH_DEST tee $TMP_PATH/site.nix > /dev/null + ssh -F $SSH_CONFIG $SSH_DEST mkdir -p $TMP_PATH $TMP_PATH/pki + cat configuration.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/configuration.nix > /dev/null + cat nix/deuxfleurs.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/deuxfleurs.nix > /dev/null + cat cluster/$CLUSTER/cluster.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/cluster.nix > /dev/null + cat cluster/$CLUSTER/node/$NIXHOST.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/node.nix > /dev/null + cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null echo "Sending secret files" for SECRET in rclone.conf \ pki/consul-ca.crt pki/consul$YEAR.crt pki/consul$YEAR.key pki/consul$YEAR-client.crt pki/consul$YEAR-client.key \ pki/nomad-ca.crt pki/nomad$YEAR.crt pki/nomad$YEAR.key; do - test -f secrets/$SECRET && (cat secrets/$SECRET | ssh -F ssh_config $SSH_DEST tee $TMP_PATH/$SECRET > /dev/null) + test -f cluster/$CLUSTER/secrets/$SECRET && (cat cluster/$CLUSTER/secrets/$SECRET | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/$SECRET > /dev/null) done echo "Rebuilding NixOS" - ssh -F ssh_config $SSH_DEST tee $TMP_PATH/deploy.sh > /dev/null <<EOF + ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/deploy.sh > /dev/null <<EOF set -ex cd $TMP_PATH -mv configuration.nix node.nix site.nix /etc/nixos +mv deuxfleurs.nix configuration.nix cluster.nix node.nix site.nix /etc/nixos test -f rclone.conf && (mv rclone.conf /root; chmod 600 /root/rclone.conf) @@ -71,6 +85,6 @@ consul kv put secrets/consul/consul-client.crt - < /var/lib/consul/pki/consul$YE consul kv put secrets/consul/consul-client.key - < /var/lib/consul/pki/consul$YEAR-client.key EOF - ssh -t -F ssh_config $SSH_DEST sudo sh $TMP_PATH/deploy.sh - ssh -F ssh_config $SSH_DEST rm -rv '/tmp/tmp-deploy-*' + ssh -t -F $SSH_CONFIG $SSH_DEST sudo sh $TMP_PATH/deploy.sh + ssh -F $SSH_CONFIG $SSH_DEST rm -rv '/tmp/tmp-deploy-*' done |