feat(global): add justfile for quick CICD commands
This commit is contained in:
parent
91b5b7a89e
commit
25be2b18a0
|
@ -0,0 +1,91 @@
|
|||
# just is a command runner, Justfile is very similar to Makefile, but simpler.
|
||||
|
||||
# use zsh for shell commands
|
||||
set shell := ["nu", "-c"]
|
||||
|
||||
############################################################################
|
||||
#
|
||||
# Common commands(suitable for all machines)
|
||||
#
|
||||
############################################################################
|
||||
|
||||
SOPS_FILE := "../nix-secrets/secrets.yaml"
|
||||
|
||||
# default recipe to display help information
|
||||
default:
|
||||
@just --list
|
||||
|
||||
rebuild-pre: update-nix-secrets
|
||||
git add *.nix
|
||||
|
||||
rebuild-post:
|
||||
just check-sops
|
||||
|
||||
# Add --option eval-cache false if you end up caching a failure you can't get around
|
||||
rebuild: rebuild-pre
|
||||
scripts/system-flake-rebuild.sh
|
||||
|
||||
# Requires sops to be running and you must have reboot after initial rebuild
|
||||
rebuild-full: rebuild-pre && rebuild-post
|
||||
scripts/system-flake-rebuild.sh
|
||||
|
||||
# Requires sops to be running and you must have reboot after initial rebuild
|
||||
rebuild-trace: rebuild-pre && rebuild-post
|
||||
scripts/system-flake-rebuild-trace.sh
|
||||
|
||||
update:
|
||||
nix flake update
|
||||
|
||||
rebuild-update: update && rebuild
|
||||
|
||||
diff:
|
||||
git diff ':!flake.lock'
|
||||
|
||||
history:
|
||||
nix profile history --profile /nix/var/nix/profiles/system
|
||||
|
||||
repl:
|
||||
nix repl -f flake:nixpkgs
|
||||
|
||||
clean:
|
||||
# remove all generations older than 7 days
|
||||
sudo nix profile wipe-history --profile /nix/var/nix/profiles/system --older-than 7d
|
||||
|
||||
gc:
|
||||
# garbage collect all unused nix store entries
|
||||
sudo nix-collect-garbage --delete-old
|
||||
|
||||
sops:
|
||||
echo "Editing {{SOPS_FILE}}"
|
||||
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
|
||||
|
||||
age-key:
|
||||
nix-shell -p age --run "age-keygen"
|
||||
|
||||
rekey:
|
||||
cd ../nix-secrets && (\
|
||||
sops updatekeys -y secrets.yaml && \
|
||||
(pre-commit run --all-files || true) && \
|
||||
git add -u && (git commit -m "chore: rekey" || true) && git push \
|
||||
)
|
||||
check-sops:
|
||||
scripts/check-sops.sh
|
||||
|
||||
update-nix-secrets:
|
||||
(cd ../nix-secrets && git fetch && git rebase) || true
|
||||
nix flake lock --update-input nix-secrets
|
||||
|
||||
disko DRIVE PASSWORD:
|
||||
echo "{{PASSWORD}}" > /tmp/disko-password
|
||||
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- \
|
||||
--mode disko \
|
||||
disks/btrfs-luks-impermanence-disko.nix \
|
||||
--arg disk '"{{DRIVE}}"' \
|
||||
--arg password '"{{PASSWORD}}"'
|
||||
rm /tmp/disko-password
|
||||
|
||||
sync USER HOST:
|
||||
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-config/
|
||||
|
||||
sync-secrets USER HOST:
|
||||
rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:nix-secrets/
|
Loading…
Reference in New Issue