diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-07-21 13:00:38 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-07-21 13:00:38 -0700 |
| commit | 40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd (patch) | |
| tree | 45a0902743971b1789b1f5d03efde7390cc0e95e /nix/scripts/common.nix | |
| parent | move user configurations to top-level (diff) | |
| download | infra-40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd.tar.gz | |
move all profiles, modules, and flakes to top-level
Diffstat (limited to 'nix/scripts/common.nix')
| -rw-r--r-- | nix/scripts/common.nix | 81 |
1 files changed, 0 insertions, 81 deletions
diff --git a/nix/scripts/common.nix b/nix/scripts/common.nix deleted file mode 100644 index b457ea2..0000000 --- a/nix/scripts/common.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ pkgs }: -let - tofuSetup = '' - tofu_setup() { - # Ensure bucket exists - ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets describe \ - gs://fcuny-infra-tofu-state \ - --project=fcuny-infra \ - --quiet || \ - ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets create \ - gs://fcuny-infra-tofu-state \ - --project=fcuny-infra \ - --uniform-bucket-level-access \ - --public-access-prevention \ - --location=us-west1 \ - --default-storage-class=STANDARD \ - --quiet - - # Setup temp directory - TMPDIR=$(mktemp -d) - trap 'rm -rf "$TMPDIR"' EXIT - - # Install terraform configs - ${pkgs.coreutils}/bin/install -Dm 0644 ${ - import ../tofu/backups.nix { - inherit pkgs; - } - } "$TMPDIR/backups/backups.tf.json" - - ${pkgs.coreutils}/bin/install -Dm 0644 ${ - import ../tofu/dns.nix { - inherit pkgs; - } - } "$TMPDIR/cloudflare/cloudflare-dns.tf.json" - - # Initialize both workspaces - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" init - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" init - - # Fetch Cloudflare API token - CLOUDFLARE_API_TOKEN=$(${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/mcwt3evuidhalk3dfz4tqpzdpa/credential") - } - ''; -in -[ - (pkgs.writeScriptBin "update-deps" "nix flake update --commit-lock-file") - - (pkgs.writeShellScriptBin "gcloud-auth" '' - set -xeuo pipefail - ${pkgs.google-cloud-sdk}/bin/gcloud auth print-identity-token > /dev/null 2>&1 || \ - ${pkgs.google-cloud-sdk}/bin/gcloud auth login --quiet - ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default print-access-token > /dev/null 2>&1 || \ - ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default login --quiet - '') - - (pkgs.writeShellScriptBin "tofu-plan" '' - set -xeuo pipefail - - ${tofuSetup} - tofu_setup - - echo "=== Planning backups ===" - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" plan - - echo "=== Planning cloudflare ===" - CLOUDFLARE_API_TOKEN="$CLOUDFLARE_API_TOKEN" ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" plan - '') - - (pkgs.writeShellScriptBin "tofu-apply" '' - set -xeuo pipefail - - ${tofuSetup} - tofu_setup - - echo "=== Applying backups ===" - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" apply -auto-approve - - echo "=== Applying cloudflare ===" - CLOUDFLARE_API_TOKEN="$CLOUDFLARE_API_TOKEN" ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" apply -auto-approve - '') -] |