bento/populate_chroot.sh

#!/bin/sh

if test -f config.sh
then
    . ./config.sh
else
    echo "You are missing config.sh"
    exit 2
fi

if [ "$(id -u)" -ne 0 ]
then
  echo "you need to be root to run this script"
  exit 1
fi

cd hosts
# load all hosts or the one defined in environment variable NAME
if [ -z "$NAME" ]
then
  NAME=*
fi

for i in $NAME
do
    printf "Copying $i: "

    # we only want directories
    if [ -d "$i" ]
    then

        STAGING_DIR="$(mktemp -d /tmp/bento-staging-dispatch.XXXXXXXXXXXXXX)"

        # sftp chroot requires the home directory to be owned by root
        install -d -o root -g sftp_users -m 755 "${STAGING_DIR}"
        install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}"
        install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}/config"
        install -d -o ${i} -g sftp_users -m 755 "${STAGING_DIR}/${i}/logs"

        # copy files in the chroot
        rsync --delete -rltgoDL "$i/" "${STAGING_DIR}/${i}/config/"

        # create the script that will check for updates
        cat > "${STAGING_DIR}/${i}/config/update.sh" <<EOF
#!/bin/sh
set -e

install -d -o root -g root -m 700 /var/bento
cd /var/bento
touch .state

STATE="\$(echo "ls -l last_change_date" | sftp ${i}@${REMOTE_IP})"
CURRENT_STATE="\$(cat /var/bento/.state)"

if [ "\$STATE" = "\$CURRENT_STATE" ]
then
    echo "no update required"
else
    echo "update required"
    sftp ${i}@${REMOTE_IP}:/config/bootstrap.sh .
    /bin/sh bootstrap.sh
    echo "\$STATE" > /var/bento/.state
fi
EOF

        # script used to download changes and rebuild
        # also used to run it manually the first time to configure the system
        cat > "${STAGING_DIR}/${i}/config/bootstrap.sh" <<EOF
#!/bin/sh
set -e

# accept the remote ssh fingerprint if not already known
ssh-keygen -F "${REMOTE_IP}" >/dev/null || ssh-keyscan "${REMOTE_IP}" >> /root/.ssh/known_hosts

install -d -o root -g root -m 700 /var/bento
cd /var/bento

printf "%s\n" "cd config" "get -R ." | sftp -r ${i}@${REMOTE_IP}:

# for flakes
test -d .git || git init
git add .

# check the current build if it exists
if test -L result
then
    RESULT="\$(readlink -f result)"
fi

LOGFILE=\$(mktemp /tmp/build-log.XXXXXXXXXXXXXXXXXXXX)

SUCCESS=2
if test -f flake.nix
then
    nixos-rebuild build --flake .#bento-machine
    if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
    then
        nixos-rebuild switch --flake .#bento-machine 2>&1 | tee \$LOGFILE
        SUCCESS=\$?
    else
        SUCCESS=nothing
    fi
else
    export NIX_PATH=/root/.nix-defexpr/channels:nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/var/bento/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
    nixos-rebuild build --no-flake --upgrade 2>&1 | tee \$LOGFILE
    if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
    then
        nixos-rebuild switch --no-flake --upgrade 2>&1 | tee -a \$LOGFILE
        SUCCESS=\$?
    else
        SUCCESS=nothing
    fi
fi

gzip -9 \$LOGFILE
#mv \$LOGFILE \$LOGFILE.gz
if [ ! "\$SUCCESS" = "nothing" ]
then
  if [ "\$SUCCESS" -eq 0 ]
  then
      echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-success.log.gz" | sftp ${i}@${REMOTE_IP}:
  else
      echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-failure.log.gz" | sftp ${i}@${REMOTE_IP}:
  fi
fi
EOF

        # to make flakes using caching, we must avoid repositories to change everytime
        # we must ignore files that change everytime
        cat > "${STAGING_DIR}/${i}/config/.gitignore" <<EOF
bootstrap.sh
update.sh
.state
result
last_change_date
EOF

        # only distribute changes if they changed
        # this avoids bumping the time and trigger a rebuild for nothing
        diff -r "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/" >/dev/null
        CHANGES=$?

        if [ "$CHANGES" -ne 0 ]
        then
            echo " update"
            # copy files in the chroot
            install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}"
            install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}"
            install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}/config"
            install -d -o ${i} -g sftp_users -m 755 "${CHROOT_DIR}/${i}/logs"
            rsync --delete -rltgoDvL "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/"
            touch "${CHROOT_DIR}/${i}/last_change_date"
        else
            echo " no changes"
        fi

        rm -fr "${STAGING_DIR}"
    fi
done
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`#!/bin/sh`

			`if test -f config.sh`
			`then`
			`. ./config.sh`
			`else`
			`echo "You are missing config.sh"`
			`exit 2`
			`fi`

			`if [ "$(id -u)" -ne 0 ]`
			`then`
			`echo "you need to be root to run this script"`
			`exit 1`
			`fi`

			`cd hosts`
			`# load all hosts or the one defined in environment variable NAME`
			`if [ -z "$NAME" ]`
			`then`
			`NAME=*`
			`fi`

			`for i in $NAME`
			`do`
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`printf "Copying $i: "`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00
			`# we only want directories`
			`if [ -d "$i" ]`
			`then`

populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`STAGING_DIR="$(mktemp -d /tmp/bento-staging-dispatch.XXXXXXXXXXXXXX)"`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`# sftp chroot requires the home directory to be owned by root`
			`install -d -o root -g sftp_users -m 755 "${STAGING_DIR}"`
			`install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}"`
			`install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}/config"`
			`install -d -o ${i} -g sftp_users -m 755 "${STAGING_DIR}/${i}/logs"`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`# copy files in the chroot`
			`rsync --delete -rltgoDL "$i/" "${STAGING_DIR}/${i}/config/"`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`# create the script that will check for updates`
			`cat > "${STAGING_DIR}/${i}/config/update.sh" <<EOF`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`#!/bin/sh`
			`set -e`

			`install -d -o root -g root -m 700 /var/bento`
			`cd /var/bento`
			`touch .state`

			`STATE="\$(echo "ls -l last_change_date" \| sftp ${i}@${REMOTE_IP})"`
			`CURRENT_STATE="\$(cat /var/bento/.state)"`

			`if [ "\$STATE" = "\$CURRENT_STATE" ]`
			`then`
			`echo "no update required"`
			`else`
			`echo "update required"`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`sftp ${i}@${REMOTE_IP}:/config/bootstrap.sh .`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`/bin/sh bootstrap.sh`
			`echo "\$STATE" > /var/bento/.state`
			`fi`
			`EOF`

populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`# script used to download changes and rebuild`
			`# also used to run it manually the first time to configure the system`
			`cat > "${STAGING_DIR}/${i}/config/bootstrap.sh" <<EOF`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`#!/bin/sh`
			`set -e`

populate_chroot: accept ssh fingerprints if it's a new remote 2022-09-04 09:07:38 +00:00			`# accept the remote ssh fingerprint if not already known`
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`ssh-keygen -F "${REMOTE_IP}" >/dev/null \|\| ssh-keyscan "${REMOTE_IP}" >> /root/.ssh/known_hosts`
populate_chroot: accept ssh fingerprints if it's a new remote 2022-09-04 09:07:38 +00:00
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`install -d -o root -g root -m 700 /var/bento`
			`cd /var/bento`

populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`printf "%s\n" "cd config" "get -R ." \| sftp -r ${i}@${REMOTE_IP}:`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00
			`# for flakes`
			`test -d .git \|\| git init`
			`git add .`

			`# check the current build if it exists`
			`if test -L result`
			`then`
			`RESULT="\$(readlink -f result)"`
			`fi`

populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`LOGFILE=\$(mktemp /tmp/build-log.XXXXXXXXXXXXXXXXXXXX)`

			`SUCCESS=2`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`if test -f flake.nix`
			`then`
			`nixos-rebuild build --flake .#bento-machine`
			`if [ ! "\${RESULT}" = "\$(readlink -f result)" ]`
			`then`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`nixos-rebuild switch --flake .#bento-machine 2>&1 \| tee \$LOGFILE`
			`SUCCESS=\$?`
			`else`
			`SUCCESS=nothing`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`fi`
			`else`
populate_chroot: non flakes nix is more complicated to play with nixos-rebuild 2022-09-04 09:55:36 +00:00			`export NIX_PATH=/root/.nix-defexpr/channels:nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/var/bento/configuration.nix:/nix/var/nix/profiles/per-user/root/channels`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`nixos-rebuild build --no-flake --upgrade 2>&1 \| tee \$LOGFILE`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`if [ ! "\${RESULT}" = "\$(readlink -f result)" ]`
			`then`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00			`nixos-rebuild switch --no-flake --upgrade 2>&1 \| tee -a \$LOGFILE`
			`SUCCESS=\$?`
			`else`
			`SUCCESS=nothing`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`fi`
			`fi`
populate_chroot: move files into a subdirectory config 2022-09-04 17:06:33 +00:00
			`gzip -9 \$LOGFILE`
			`#mv \$LOGFILE \$LOGFILE.gz`
			`if [ ! "\$SUCCESS" = "nothing" ]`
			`then`
			`if [ "\$SUCCESS" -eq 0 ]`
			`then`
			`echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-success.log.gz" \| sftp ${i}@${REMOTE_IP}:`
			`else`
			`echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-failure.log.gz" \| sftp ${i}@${REMOTE_IP}:`
			`fi`
			`fi`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`EOF`

populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00			`# to make flakes using caching, we must avoid repositories to change everytime`
			`# we must ignore files that change everytime`
			`cat > "${STAGING_DIR}/${i}/config/.gitignore" <<EOF`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`bootstrap.sh`
			`update.sh`
			`.state`
			`result`
			`last_change_date`
			`EOF`
populate_chroot: avoid updating chroot files if no change to avoid triggering an useless rebuild 2022-09-05 16:38:13 +00:00
			`# only distribute changes if they changed`
			`# this avoids bumping the time and trigger a rebuild for nothing`
			`diff -r "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/" >/dev/null`
			`CHANGES=$?`

			`if [ "$CHANGES" -ne 0 ]`
			`then`
			`echo " update"`
			`# copy files in the chroot`
			`install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}"`
			`install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}"`
			`install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}/config"`
			`install -d -o ${i} -g sftp_users -m 755 "${CHROOT_DIR}/${i}/logs"`
			`rsync --delete -rltgoDvL "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/"`
			`touch "${CHROOT_DIR}/${i}/last_change_date"`
			`else`
			`echo " no changes"`
			`fi`

			`rm -fr "${STAGING_DIR}"`
populate_chroot: set of scripts to make bento 2022-09-04 00:29:38 +00:00			`fi`
			`done`