dotfiles/terranix/lib/build_nixng_system.nix
magic_rb 98f69b92f8
Fix nix copy locking in terranix
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-02 23:59:38 +02:00

60 lines
1.3 KiB
Nix

{
tflib,
pkgs,
}: {
name,
flake ? "$FLAKE_ROOT",
hosts ? [],
}: {
lib,
config,
...
}: let
inherit
(tflib)
tf
;
inherit
(lib)
singleton
concatMapStringsSep
;
flakePath = "${flake}#nixngConfigurations.${name}.config.system.build.toplevel.outPath";
in {
data."external"."nixng-system-${name}" = {
program = singleton (pkgs.writeShellScript "build_nixng_system_${name}.sh" ''
set -euo pipefail
_system_path="$(nix eval --raw "${flakePath}")"
jq -n --arg _system_path "$_system_path" '{"out":$_system_path}'
'');
};
resource."terraform_data"."nixng-system-${name}-copy" = {
triggers_replace = [
(tf "data.external.nixng-system-${name}.result.out")
];
provisioner."local-exec" = {
interpreter = [
(pkgs.writeShellScript "copy_nixng_system_${name}.sh" ''
set -euo pipefail
_system_path="$1"
cd $FLAKE_ROOT
nix build "${flakePath}"
mkdir -p /tmp/terranix
${concatMapStringsSep "\n" (host: ''
flock -x /tmp/terranix/${host} nix copy "$_system_path" --to ssh-ng://${host} -s --no-check-sigs
'')
hosts}
'')
(tf "data.external.nixng-system-${name}.result.out")
];
command = "ignoreme";
};
};
}