mirror of
https://github.com/nix-community/nixos-anywhere.git
synced 2024-10-05 12:17:10 +03:00
extend terraform module to support extra_files_script
This commit is contained in:
parent
50e1df362e
commit
bd3f79f11d
@ -15,17 +15,20 @@ locals {
|
||||
}
|
||||
|
||||
module "install" {
|
||||
source = "../install"
|
||||
kexec_tarball_url = var.kexec_tarball_url
|
||||
target_user = local.install_user
|
||||
target_host = var.target_host
|
||||
target_port = var.target_port
|
||||
nixos_partitioner = module.partitioner-build.result.out
|
||||
nixos_system = module.system-build.result.out
|
||||
ssh_private_key = var.install_ssh_key
|
||||
debug_logging = var.debug_logging
|
||||
stop_after_disko = var.stop_after_disko
|
||||
instance_id = var.instance_id
|
||||
source = "../install"
|
||||
kexec_tarball_url = var.kexec_tarball_url
|
||||
target_user = local.install_user
|
||||
target_host = var.target_host
|
||||
target_port = var.target_port
|
||||
nixos_partitioner = module.partitioner-build.result.out
|
||||
nixos_system = module.system-build.result.out
|
||||
ssh_private_key = var.install_ssh_key
|
||||
debug_logging = var.debug_logging
|
||||
stop_after_disko = var.stop_after_disko
|
||||
extra_files_script = var.extra_files_script
|
||||
disk_encryption_key_scripts = var.disk_encryption_key_scripts
|
||||
extra_environment = var.extra_environment
|
||||
instance_id = var.instance_id
|
||||
}
|
||||
|
||||
module "nixos-rebuild" {
|
||||
|
@ -74,3 +74,24 @@ variable "stop_after_disko" {
|
||||
description = "Exit after disko formatting"
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "extra_files_script" {
|
||||
type = string
|
||||
description = "A script file that prepares extra files to be copied to the target host during installation. The script expected to write all its files to the current directory. This directory is rsynced to the target host during installation to the / directory."
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "disk_encryption_key_scripts" {
|
||||
type = list(object({
|
||||
path = string
|
||||
script = string
|
||||
}))
|
||||
description = "Each of these script files will be executed locally and the output of each of them will be made present at the given path to disko during installation. The keys will be not copied to the final system"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "extra_environment" {
|
||||
type = map(string)
|
||||
description = "Extra environment variables to be set during installation. This can be usefull to set extra variables for the extra_files_script or disk_encryption_key_scripts"
|
||||
default = {}
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
locals {
|
||||
nixos_anywhere_flags = "${var.stop_after_disko ? "--stop-after-disko" : ""} ${var.debug_logging ? "--debug" : ""} ${var.kexec_tarball_url != null ? "--kexec ${var.kexec_tarball_url}" : "" } --store-paths ${var.nixos_partitioner} ${var.nixos_system} ${var.target_user}@${var.target_host}"
|
||||
disk_encryption_key_scripts = [for k in var.disk_encryption_key_scripts : "\"${k.path}\" \"${k.script}\""]
|
||||
}
|
||||
|
||||
resource "null_resource" "nixos-remote" {
|
||||
@ -7,10 +7,18 @@ resource "null_resource" "nixos-remote" {
|
||||
instance_id = var.instance_id
|
||||
}
|
||||
provisioner "local-exec" {
|
||||
environment = {
|
||||
environment = merge({
|
||||
SSH_PRIVATE_KEY = var.ssh_private_key
|
||||
}
|
||||
command = "nix run --extra-experimental-features 'nix-command flakes' path:${path.module}/../..#nixos-anywhere -- ${local.nixos_anywhere_flags}"
|
||||
stop_after_disko = var.stop_after_disko
|
||||
debug_logging = var.debug_logging
|
||||
kexec_tarball_url = var.kexec_tarball_url
|
||||
nixos_partitioner = var.nixos_partitioner
|
||||
nixos_system = var.nixos_system
|
||||
target_user = var.target_user
|
||||
target_host = var.target_host
|
||||
extra_files_script = var.extra_files_script
|
||||
}, var.extra_environment)
|
||||
command = "${path.module}/run-nixos-anywhere.sh ${join(" ", local.disk_encryption_key_scripts)}"
|
||||
quiet = var.debug_logging
|
||||
}
|
||||
}
|
||||
|
61
terraform/install/run-nixos-anywhere.sh
Executable file
61
terraform/install/run-nixos-anywhere.sh
Executable file
@ -0,0 +1,61 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
|
||||
args=()
|
||||
|
||||
if [[ ${debug_logging-} == "true" ]]; then
|
||||
set -x
|
||||
args+=("--debug")
|
||||
fi
|
||||
if [[ ${stop_after_disko-} == "true" ]]; then
|
||||
args+=("--stop-after-disko")
|
||||
fi
|
||||
if [[ ${kexec_tarball_url-} != "" ]]; then
|
||||
args+=("--kexec" "${kexec_tarball_url}")
|
||||
fi
|
||||
args+=("--store-paths" "${nixos_partitioner}" "${nixos_system}")
|
||||
|
||||
tmpdir=$(mktemp -d)
|
||||
cleanup() {
|
||||
rm -rf "${tmpdir}"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
if [[ ${extra_files_script-} != "" ]]; then
|
||||
if [[ ! -f ${extra_files_script} ]]; then
|
||||
echo "extra_files_script '${extra_files_script}' does not exist"
|
||||
exit 1
|
||||
fi
|
||||
if [[ ! -x ${extra_files_script} ]]; then
|
||||
echo "extra_files_script '${extra_files_script}' is not executable"
|
||||
exit 1
|
||||
fi
|
||||
extra_files_script=$(realpath "${extra_files_script}")
|
||||
mkdir "${tmpdir}/extra-files"
|
||||
pushd "${tmpdir}/extra-files"
|
||||
$extra_files_script
|
||||
popd
|
||||
args+=("--extra-files" "${tmpdir}/extra-files")
|
||||
fi
|
||||
args+=("${target_user}@${target_host}")
|
||||
|
||||
keyIdx=0
|
||||
while [[ $# -gt 0 ]]; do
|
||||
if [[ ! -f $2 ]]; then
|
||||
echo "Script file '$2' does not exist"
|
||||
exit 1
|
||||
fi
|
||||
if [[ ! -x $2 ]]; then
|
||||
echo "Script file '$2' is not executable"
|
||||
exit 1
|
||||
fi
|
||||
mkdir "${tmpdir}/keys"
|
||||
"$2" >"${tmpdir}/keys/$keyIdx"
|
||||
args+=("--disk-encryption-keys" "$1" "${tmpdir}/keys/$keyIdx")
|
||||
shift
|
||||
shift
|
||||
keyIdx=$((keyIdx + 1))
|
||||
done
|
||||
|
||||
nix run --extra-experimental-features 'nix-command flakes' "path:${SCRIPT_DIR}/../..#nixos-anywhere" -- "${args[@]}"
|
@ -56,3 +56,24 @@ variable "stop_after_disko" {
|
||||
description = "Exit after disko formatting"
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "extra_files_script" {
|
||||
type = string
|
||||
description = "A script file that prepares extra files to be copied to the target host during installation. The script expected to write all its files to the current directory. This directory is rsynced to the target host during installation to the / directory."
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "disk_encryption_key_scripts" {
|
||||
type = list(object({
|
||||
path = string
|
||||
script = string
|
||||
}))
|
||||
description = "Each of these script files will be executed locally and the output of each of them will be made present at the given path to disko during installation. The keys will be not copied to the final system"
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "extra_environment" {
|
||||
type = map(string)
|
||||
description = "Extra environment variables to be set during installation. This can be usefull to set extra variables for the extra_files_script or disk_encryption_key_scripts"
|
||||
default = {}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user