From 25be2b18a0516c42eabaf0bc19e4b35f742a0950 Mon Sep 17 00:00:00 2001
From: madmin <madmin@noreply.codeberg.org>
Date: Wed, 7 Aug 2024 11:50:15 +0200
Subject: [PATCH] feat(global): add justfile for quick CICD commands

---
 justfile | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 justfile

diff --git a/justfile b/justfile
new file mode 100644
index 0000000..5b4ce61
--- /dev/null
+++ b/justfile
@@ -0,0 +1,91 @@
+# just is a command runner, Justfile is very similar to Makefile, but simpler.
+
+# use zsh for shell commands
+set shell := ["nu", "-c"]
+
+############################################################################
+#
+#  Common commands(suitable for all machines)
+#
+############################################################################
+
+SOPS_FILE := "../nix-secrets/secrets.yaml"
+
+# default recipe to display help information
+default:
+  @just --list
+
+rebuild-pre: update-nix-secrets
+  git add *.nix
+
+rebuild-post:
+  just check-sops
+
+# Add --option eval-cache false if you end up caching a failure you can't get around
+rebuild: rebuild-pre
+  scripts/system-flake-rebuild.sh
+
+# Requires sops to be running and you must have reboot after initial rebuild
+rebuild-full: rebuild-pre && rebuild-post
+  scripts/system-flake-rebuild.sh
+
+# Requires sops to be running and you must have reboot after initial rebuild
+rebuild-trace: rebuild-pre && rebuild-post
+  scripts/system-flake-rebuild-trace.sh
+
+update:
+  nix flake update
+
+rebuild-update: update && rebuild
+
+diff:
+  git diff ':!flake.lock'
+
+history:
+  nix profile history --profile /nix/var/nix/profiles/system
+
+repl:
+  nix repl -f flake:nixpkgs
+
+clean:
+  # remove all generations older than 7 days
+  sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
+
+gc:
+  # garbage collect all unused nix store entries
+  sudo nix-collect-garbage --delete-old
+
+sops:
+  echo "Editing {{SOPS_FILE}}"
+  nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
+
+age-key:
+  nix-shell -p age --run "age-keygen"
+
+rekey:
+  cd ../nix-secrets && (\
+    sops updatekeys -y secrets.yaml && \
+    (pre-commit run --all-files || true) && \
+    git add -u && (git commit -m "chore: rekey" || true) && git push \
+  )
+check-sops:
+  scripts/check-sops.sh
+
+update-nix-secrets:
+  (cd ../nix-secrets && git fetch && git rebase) || true
+  nix flake lock --update-input nix-secrets
+
+disko DRIVE PASSWORD:
+  echo "{{PASSWORD}}" > /tmp/disko-password
+  sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- \
+    --mode disko \
+    disks/btrfs-luks-impermanence-disko.nix \
+    --arg disk '"{{DRIVE}}"' \
+    --arg password '"{{PASSWORD}}"'
+  rm /tmp/disko-password
+
+sync USER HOST:
+  rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-config/
+
+sync-secrets USER HOST:
+  rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-secrets/