solene
/
bento
mirror of https://github.com/rapenne-s/bento
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libs: move most of shell code into libs.sh

This commit is contained in:
Solene Rapenne 2022-09-05 21:06:49 +02:00
parent e6bde74a54
commit c1ffcd2ecc
3 changed files with 223 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

216
libs.sh Normal file
View File

@ -0,0 +1,216 @@
deploy_files() {
i="$1"
printf "Copying $i: "
# we only want directories
if [ -d "$i" ]
then
STAGING_DIR="$(mktemp -d /tmp/bento-staging-dispatch.XXXXXXXXXXXXXX)"
# sftp chroot requires the home directory to be owned by root
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}"
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}"
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}/config"
install -d -o ${i} -g sftp_users -m 755 "${STAGING_DIR}/${i}/logs"
# copy files in the chroot
rsync --delete -rltgoDL "$i/" "${STAGING_DIR}/${i}/config/"
# create the script that will check for updates
cat > "${STAGING_DIR}/${i}/config/update.sh" <<EOF
#!/bin/sh
set -e
install -d -o root -g root -m 700 /var/bento
cd /var/bento
touch .state
STATE="\$(echo "ls -l last_change_date" | sftp ${i}@${REMOTE_IP})"
CURRENT_STATE="\$(cat /var/bento/.state)"
if [ "\$STATE" = "\$CURRENT_STATE" ]
then
echo "no update required"
else
echo "update required"
sftp ${i}@${REMOTE_IP}:/config/bootstrap.sh .
/bin/sh bootstrap.sh
echo "\$STATE" > /var/bento/.state
fi
EOF
# script used to download changes and rebuild
# also used to run it manually the first time to configure the system
cat > "${STAGING_DIR}/${i}/config/bootstrap.sh" <<EOF
#!/bin/sh
set -e
# accept the remote ssh fingerprint if not already known
ssh-keygen -F "${REMOTE_IP}" >/dev/null || ssh-keyscan "${REMOTE_IP}" >> /root/.ssh/known_hosts
install -d -o root -g root -m 700 /var/bento
cd /var/bento
printf "%s\n" "cd config" "get -R ." | sftp -r ${i}@${REMOTE_IP}:
# for flakes
test -d .git || git init
git add .
# check the current build if it exists
if test -L result
then
RESULT="\$(readlink -f result)"
fi
LOGFILE=\$(mktemp /tmp/build-log.XXXXXXXXXXXXXXXXXXXX)
SUCCESS=2
if test -f flake.nix
then
nixos-rebuild build --flake .#bento-machine
if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
then
nixos-rebuild switch --flake .#bento-machine 2>&1 | tee \$LOGFILE
SUCCESS=\$?
else
SUCCESS=nothing
fi
else
export NIX_PATH=/root/.nix-defexpr/channels:nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/var/bento/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
nixos-rebuild build --no-flake --upgrade 2>&1 | tee \$LOGFILE
if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
then
nixos-rebuild switch --no-flake --upgrade 2>&1 | tee -a \$LOGFILE
SUCCESS=\$?
else
SUCCESS=nothing
fi
fi
gzip -9 \$LOGFILE
#mv \$LOGFILE \$LOGFILE.gz
if [ ! "\$SUCCESS" = "nothing" ]
then
if [ "\$SUCCESS" -eq 0 ]
then
echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-\${RESULT#/nix/store/}-success.log.gz" | sftp ${i}@${REMOTE_IP}:
else
echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-\${RESULT#/nix/store/}-failure.log.gz" | sftp ${i}@${REMOTE_IP}:
fi
fi
EOF
# to make flakes using caching, we must avoid repositories to change everytime
# we must ignore files that change everytime
cat > "${STAGING_DIR}/${i}/config/.gitignore" <<EOF
bootstrap.sh
update.sh
.state
result
last_change_date
EOF
# only distribute changes if they changed
# this avoids bumping the time and trigger a rebuild for nothing
diff -r "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/" >/dev/null
CHANGES=$?
if [ "$CHANGES" -ne 0 ]
then
echo " update"
# copy files in the chroot
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}"
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}"
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}/config"
install -d -o ${i} -g sftp_users -m 755 "${CHROOT_DIR}/${i}/logs"
rsync --delete -rltgoDvL "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/"
touch "${CHROOT_DIR}/${i}/last_change_date"
else
echo " no changes"
fi
rm -fr "${STAGING_DIR}"
fi
}
elapsed_time() {
RAW="$1"
DAYS=$(( $RAW / (24 * 60 * 60) ))
RAW=$(( $RAW % (24 * 60 * 60) ))
HOURS=$(( $RAW / (60 * 60) ))
RAW=$(( $RAW % (60 * 60) ))
MINUTES=$(( $RAW / 60 ))
RAW=$(( $RAW % 60 ))
SEC=$RAW
if [ "$DAYS" -ne 0 ]; then DURATION="${DAYS}d " ; fi
if [ "$HOURS" -ne 0 ]; then DURATION="${DURATION}${HOURS}h " ; fi
if [ "$MINUTES" -ne 0 ]; then DURATION="${DURATION}${MINUTES}m " ; fi
if [ "$SEC" -ne 0 ]; then DURATION="${DURATION}${SEC}s" ; fi
if [ -z "$DURATION" ]; then DURATION="0s" ; fi
echo "$DURATION"
}
build_config()
{
NAME="$1"
COMMAND="$2"
SUDO="$3"
cd hosts
# load all hosts or the one defined in environment variable NAME
if [ -z "$NAME" ]
then
NAME=*
fi
SUCCESS=0
for i in $NAME
do
if test -d "$i"
then
TMP="$(mktemp -d /tmp/bento-build.XXXXXXXXXXXX)"
TMPLOG="$(mktemp /tmp/bento-build-log.XXXXXXXXXXXX)"
rsync -aL "$i/" "$TMP/"
printf "${COMMAND} ${i}: "
SECONDS=0
if test -f "$i/flake.nix"
then
cd "$TMP" || exit 5
# add files to a git repo
test -d .git || git init >/dev/null 2>/dev/null
git add . >/dev/null
$SUDO nixos-rebuild "${COMMAND}" --flake .#bento-machine 2>${TMPLOG} >${TMPLOG}
if [ $? -eq 0 ]; then printf "success " ; else printf "failure " ; SUCCESS=$(( SUCCESS + 1 )) ; cat ${TMPLOG} ; fi
ELAPSED=$(elapsed_time $SECONDS)
echo "($ELAPSED)"
else
cd "$TMP" || exit 5
$SUDO nixos-rebuild "${COMMAND}" --no-flake -I nixos-config="$TMP/configuration.nix" 2>${TMPLOG} >${TMPLOG}
if [ $? -eq 0 ]; then printf "success " ; else printf "failure " ; SUCCESS=$(( SUCCESS + 1 )) ; cat ${TMPLOG} ; fi
ELAPSED=$(elapsed_time $SECONDS)
echo "($ELAPSED)"
fi
cd - >/dev/null || exit 5
rm -fr "$TMP"
fi
done
# we don't want to allow this script to chain
# with another if it failed
if [ "$SUCCESS" -ne 0 ]
then
exit 1
fi
}

46
local_build.sh
View File

@ -1,5 +1,7 @@
#!/bin/sh
. ./libs.sh
if [ -z "$1" ]
then
COMMAND="dry-build"
@ -24,46 +26,4 @@ else # not using switch or test
SUDO=""
fi
cd hosts
# load all hosts or the one defined in environment variable NAME
if [ -z "$NAME" ]
then
NAME=*
fi
SUCCESS=0
for i in $NAME
do
if test -d "$i"
then
TMP="$(mktemp -d /tmp/bento-build.XXXXXXXXXXXX)"
TMPLOG="$(mktemp /tmp/bento-build-log.XXXXXXXXXXXX)"
rsync -aL "$i/" "$TMP/"
printf "${COMMAND} ${i}: "
if test -f "$i/flake.nix"
then
cd "$TMP" || exit 5
# add files to a git repo
test -d .git || git init >/dev/null 2>/dev/null
git add . >/dev/null
$SUDO nixos-rebuild "${COMMAND}" --flake .#bento-machine 2>${TMPLOG} >${TMPLOG}
if [ $? -eq 0 ]; then echo "success" ; else echo "failure" ; SUCCESS=$(( SUCCESS + 1 )) ; cat ${TMPLOG} ; fi
else
cd "$TMP" || exit 5
$SUDO nixos-rebuild "${COMMAND}" --no-flake -I nixos-config="$TMP/configuration.nix" 2>${TMPLOG} >${TMPLOG}
if [ $? -eq 0 ]; then echo "success" ; else echo "failure" ; SUCCESS=$(( SUCCESS + 1 )) ; cat ${TMPLOG} ; fi
fi
cd - >/dev/null || exit 5
rm -fr "$TMP"
fi
done
# we don't want to allow this script to chain
# with another if it failed
if [ "$SUCCESS" -ne 0 ]
then
exit 1
fi
build_config "$NAME" "$COMMAND" "$SUDO"

137
populate_chroot.sh
View File

@ -8,6 +8,8 @@ else
exit 2
fi
. ./libs.sh
if [ "$(id -u)" -ne 0 ]
then
echo "you need to be root to run this script"
@ -15,6 +17,7 @@ then
fi
cd hosts
# load all hosts or the one defined in environment variable NAME
if [ -z "$NAME" ]
then
@ -23,137 +26,5 @@ fi
for i in $NAME
do
printf "Copying $i: "
# we only want directories
if [ -d "$i" ]
then
STAGING_DIR="$(mktemp -d /tmp/bento-staging-dispatch.XXXXXXXXXXXXXX)"
# sftp chroot requires the home directory to be owned by root
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}"
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}"
install -d -o root -g sftp_users -m 755 "${STAGING_DIR}/${i}/config"
install -d -o ${i} -g sftp_users -m 755 "${STAGING_DIR}/${i}/logs"
# copy files in the chroot
rsync --delete -rltgoDL "$i/" "${STAGING_DIR}/${i}/config/"
# create the script that will check for updates
cat > "${STAGING_DIR}/${i}/config/update.sh" <<EOF
#!/bin/sh
set -e
install -d -o root -g root -m 700 /var/bento
cd /var/bento
touch .state
STATE="\$(echo "ls -l last_change_date" | sftp ${i}@${REMOTE_IP})"
CURRENT_STATE="\$(cat /var/bento/.state)"
if [ "\$STATE" = "\$CURRENT_STATE" ]
then
echo "no update required"
else
echo "update required"
sftp ${i}@${REMOTE_IP}:/config/bootstrap.sh .
/bin/sh bootstrap.sh
echo "\$STATE" > /var/bento/.state
fi
EOF
# script used to download changes and rebuild
# also used to run it manually the first time to configure the system
cat > "${STAGING_DIR}/${i}/config/bootstrap.sh" <<EOF
#!/bin/sh
set -e
# accept the remote ssh fingerprint if not already known
ssh-keygen -F "${REMOTE_IP}" >/dev/null || ssh-keyscan "${REMOTE_IP}" >> /root/.ssh/known_hosts
install -d -o root -g root -m 700 /var/bento
cd /var/bento
printf "%s\n" "cd config" "get -R ." | sftp -r ${i}@${REMOTE_IP}:
# for flakes
test -d .git || git init
git add .
# check the current build if it exists
if test -L result
then
RESULT="\$(readlink -f result)"
fi
LOGFILE=\$(mktemp /tmp/build-log.XXXXXXXXXXXXXXXXXXXX)
SUCCESS=2
if test -f flake.nix
then
nixos-rebuild build --flake .#bento-machine
if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
then
nixos-rebuild switch --flake .#bento-machine 2>&1 | tee \$LOGFILE
SUCCESS=\$?
else
SUCCESS=nothing
fi
else
export NIX_PATH=/root/.nix-defexpr/channels:nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/var/bento/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
nixos-rebuild build --no-flake --upgrade 2>&1 | tee \$LOGFILE
if [ ! "\${RESULT}" = "\$(readlink -f result)" ]
then
nixos-rebuild switch --no-flake --upgrade 2>&1 | tee -a \$LOGFILE
SUCCESS=\$?
else
SUCCESS=nothing
fi
fi
gzip -9 \$LOGFILE
#mv \$LOGFILE \$LOGFILE.gz
if [ ! "\$SUCCESS" = "nothing" ]
then
if [ "\$SUCCESS" -eq 0 ]
then
echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-success.log.gz" | sftp ${i}@${REMOTE_IP}:
else
echo "put \${LOGFILE}.gz /logs/\$(date +%Y%m%d-%H%M)-failure.log.gz" | sftp ${i}@${REMOTE_IP}:
fi
fi
EOF
# to make flakes using caching, we must avoid repositories to change everytime
# we must ignore files that change everytime
cat > "${STAGING_DIR}/${i}/config/.gitignore" <<EOF
bootstrap.sh
update.sh
.state
result
last_change_date
EOF
# only distribute changes if they changed
# this avoids bumping the time and trigger a rebuild for nothing
diff -r "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/" >/dev/null
CHANGES=$?
if [ "$CHANGES" -ne 0 ]
then
echo " update"
# copy files in the chroot
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}"
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}"
install -d -o root -g sftp_users -m 755 "${CHROOT_DIR}/${i}/config"
install -d -o ${i} -g sftp_users -m 755 "${CHROOT_DIR}/${i}/logs"
rsync --delete -rltgoDvL "${STAGING_DIR}/${i}/config/" "${CHROOT_DIR}/${i}/config/"
touch "${CHROOT_DIR}/${i}/last_change_date"
else
echo " no changes"
fi
rm -fr "${STAGING_DIR}"
fi
deploy_files "$i"
done