yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

secrets deploy/generate: use nix_build_machine

Browse Source
This commit is contained in:
lassulus
2023-09-13 23:18:05 +02:00
committed by Mic92
parent 6153a9ee71
commit 23c979f8db
2 changed files with 24 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
pkgs/clan-cli/clan_cli/secrets/deploy.py
View File

@@ -4,25 +4,20 @@ import sys
from clan_cli.errors import ClanError
from ..dirs import get_clan_flake_toplevel
from ..nix import nix_build_machine
def deploy_secrets(machine: str) -> None:
clan_flake = get_clan_flake_toplevel()
proc = subprocess.run(
[
"nix",
"build",
"--impure",
"--print-out-paths",
"--expr",
f'let f = builtins.getFlake "{clan_flake}"; in '
"(f.nixosConfigurations."
f"{machine}"
".extendModules { modules = [{ clanCore.clanDir = "
f"{clan_flake}"
"; }]; }).config.system.clan.deploySecrets",
],
nix_build_machine(
machine=machine,
attr=[
"config",
"system",
"clan",
"deploySecrets",
],
),
capture_output=True,
text=True,
)
@@ -32,7 +27,10 @@ def deploy_secrets(machine: str) -> None:
secret_deploy_script = proc.stdout.strip()
secret_deploy = subprocess.run(
[secret_deploy_script],
[
secret_deploy_script,
f"root@{machine}",
],
)
if secret_deploy.returncode != 0:

25
pkgs/clan-cli/clan_cli/secrets/generate.py
View File

@@ -4,25 +4,20 @@ import sys
from clan_cli.errors import ClanError
from ..dirs import get_clan_flake_toplevel
from ..nix import nix_build_machine
def generate_secrets(machine: str) -> None:
clan_flake = get_clan_flake_toplevel()
proc = subprocess.run(
[
"nix",
"build",
"--impure",
"--print-out-paths",
"--expr",
f'let f = builtins.getFlake "{clan_flake}"; in '
"(f.nixosConfigurations."
f"{machine}"
".extendModules { modules = [{ clanCore.clanDir = "
f"{clan_flake}"
"; }]; }).config.system.clan.generateSecrets",
],
nix_build_machine(
machine=machine,
attr=[
"config",
"system",
"clan",
"generateSecrets",
],
),
capture_output=True,
text=True,
)