start improving justfile

This commit is contained in:
Markus Heurung 2024-08-13 12:50:21 +02:00
parent c37a577c1c
commit 884ee28bee

View file

@ -1,17 +1,71 @@
SOPS_FILE := "./secrets/secrets.yaml"
default: default:
@just --list @just --list
rebuild-pre: rebuild-pre: update-nix-secrets
git add *.nix git add *.nix
rebuild-post: rebuild-post:
just check-sops just check-sops
rebuild: rebuild # Requires sops to be running and you must have reboot after initial rebuild
sudo nixos-rebuild switch --flake .#$(hostname) rebuild: rebuild-pre
# sudo nixos-rebuild switch --flake .#$(hostname)
scripts/system-flake-rebuild.sh
home_rebuild: # Requires sops to be running and you must have reboot after initial rebuild
rebuild-trace: rebuild-pre && rebuild-post
scripts/system-flake-rebuild-trace.sh
home_rebuild: rebuild-pre
home-manager switch --flake .#muhh home-manager switch --flake .#muhh
update: update:
nix flake update nix flake update
rebuild-update: update && rebuild
sops:
echo "Editing {{SOPS_FILE}}"
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
age-key:
nix-shell -p age --run "age-keygen"
rekey:
cd ../nix-secrets && (\
sops updatekeys -y secrets.yaml && \
(pre-commit run --all-files || true) && \
git add -u && (git commit -m "chore: rekey" || true) && git push \
)
check-sops:
scripts/check-sops.sh
update-nix-secrets:
(cd ../nix-secrets && git fetch && git rebase) || true
nix flake lock --update-input nix-secrets
iso:
# If we dont remove this folder, libvirtd VM doesnt run with the new iso...
rm -rf result
nix build ./nixos-installer#nixosConfigurations.iso.config.system.build.isoImage
iso-install DRIVE: iso
sudo dd if=$(eza --sort changed result/iso/*.iso | tail -n1) of={{DRIVE}} bs=4M status=progress oflag=sync
disko DRIVE PASSWORD:
echo "{{PASSWORD}}" > /tmp/disko-password
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- \
--mode disko \
disks/btrfs-luks-impermanence-disko.nix \
--arg disk '"{{DRIVE}}"' \
--arg password '"{{PASSWORD}}"'
rm /tmp/disko-password
sync USER HOST:
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-config/
sync-secrets USER HOST:
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-secrets/