start improving justfile
This commit is contained in:
parent
c37a577c1c
commit
884ee28bee
1 changed files with 58 additions and 4 deletions
62
justfile
62
justfile
|
|
@ -1,17 +1,71 @@
|
||||||
|
SOPS_FILE := "./secrets/secrets.yaml"
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@just --list
|
@just --list
|
||||||
|
|
||||||
rebuild-pre:
|
rebuild-pre: update-nix-secrets
|
||||||
git add *.nix
|
git add *.nix
|
||||||
|
|
||||||
rebuild-post:
|
rebuild-post:
|
||||||
just check-sops
|
just check-sops
|
||||||
|
|
||||||
rebuild: rebuild
|
# Requires sops to be running and you must have reboot after initial rebuild
|
||||||
sudo nixos-rebuild switch --flake .#$(hostname)
|
rebuild: rebuild-pre
|
||||||
|
# sudo nixos-rebuild switch --flake .#$(hostname)
|
||||||
|
scripts/system-flake-rebuild.sh
|
||||||
|
|
||||||
home_rebuild:
|
# Requires sops to be running and you must have reboot after initial rebuild
|
||||||
|
rebuild-trace: rebuild-pre && rebuild-post
|
||||||
|
scripts/system-flake-rebuild-trace.sh
|
||||||
|
|
||||||
|
home_rebuild: rebuild-pre
|
||||||
home-manager switch --flake .#muhh
|
home-manager switch --flake .#muhh
|
||||||
|
|
||||||
update:
|
update:
|
||||||
nix flake update
|
nix flake update
|
||||||
|
|
||||||
|
rebuild-update: update && rebuild
|
||||||
|
|
||||||
|
sops:
|
||||||
|
echo "Editing {{SOPS_FILE}}"
|
||||||
|
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
|
||||||
|
|
||||||
|
age-key:
|
||||||
|
nix-shell -p age --run "age-keygen"
|
||||||
|
|
||||||
|
rekey:
|
||||||
|
cd ../nix-secrets && (\
|
||||||
|
sops updatekeys -y secrets.yaml && \
|
||||||
|
(pre-commit run --all-files || true) && \
|
||||||
|
git add -u && (git commit -m "chore: rekey" || true) && git push \
|
||||||
|
)
|
||||||
|
|
||||||
|
check-sops:
|
||||||
|
scripts/check-sops.sh
|
||||||
|
|
||||||
|
update-nix-secrets:
|
||||||
|
(cd ../nix-secrets && git fetch && git rebase) || true
|
||||||
|
nix flake lock --update-input nix-secrets
|
||||||
|
|
||||||
|
iso:
|
||||||
|
# If we dont remove this folder, libvirtd VM doesnt run with the new iso...
|
||||||
|
rm -rf result
|
||||||
|
nix build ./nixos-installer#nixosConfigurations.iso.config.system.build.isoImage
|
||||||
|
|
||||||
|
iso-install DRIVE: iso
|
||||||
|
sudo dd if=$(eza --sort changed result/iso/*.iso | tail -n1) of={{DRIVE}} bs=4M status=progress oflag=sync
|
||||||
|
|
||||||
|
disko DRIVE PASSWORD:
|
||||||
|
echo "{{PASSWORD}}" > /tmp/disko-password
|
||||||
|
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- \
|
||||||
|
--mode disko \
|
||||||
|
disks/btrfs-luks-impermanence-disko.nix \
|
||||||
|
--arg disk '"{{DRIVE}}"' \
|
||||||
|
--arg password '"{{PASSWORD}}"'
|
||||||
|
rm /tmp/disko-password
|
||||||
|
|
||||||
|
sync USER HOST:
|
||||||
|
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-config/
|
||||||
|
|
||||||
|
sync-secrets USER HOST:
|
||||||
|
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-secrets/
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue