From 40d6a40b1de18f28003c4aa5f36d9b4b0ef4afdd Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 21 Jul 2025 13:00:38 -0700 Subject: move all profiles, modules, and flakes to top-level --- nix/scripts/common.nix | 81 ------------------------------------------------- nix/scripts/darwin.nix | 38 ----------------------- nix/scripts/default.nix | 20 ------------ nix/scripts/linux.nix | 19 ------------ 4 files changed, 158 deletions(-) delete mode 100644 nix/scripts/common.nix delete mode 100644 nix/scripts/darwin.nix delete mode 100644 nix/scripts/default.nix delete mode 100644 nix/scripts/linux.nix (limited to 'nix/scripts') diff --git a/nix/scripts/common.nix b/nix/scripts/common.nix deleted file mode 100644 index b457ea2..0000000 --- a/nix/scripts/common.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ pkgs }: -let - tofuSetup = '' - tofu_setup() { - # Ensure bucket exists - ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets describe \ - gs://fcuny-infra-tofu-state \ - --project=fcuny-infra \ - --quiet || \ - ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets create \ - gs://fcuny-infra-tofu-state \ - --project=fcuny-infra \ - --uniform-bucket-level-access \ - --public-access-prevention \ - --location=us-west1 \ - --default-storage-class=STANDARD \ - --quiet - - # Setup temp directory - TMPDIR=$(mktemp -d) - trap 'rm -rf "$TMPDIR"' EXIT - - # Install terraform configs - ${pkgs.coreutils}/bin/install -Dm 0644 ${ - import ../tofu/backups.nix { - inherit pkgs; - } - } "$TMPDIR/backups/backups.tf.json" - - ${pkgs.coreutils}/bin/install -Dm 0644 ${ - import ../tofu/dns.nix { - inherit pkgs; - } - } "$TMPDIR/cloudflare/cloudflare-dns.tf.json" - - # Initialize both workspaces - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" init - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" init - - # Fetch Cloudflare API token - CLOUDFLARE_API_TOKEN=$(${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/mcwt3evuidhalk3dfz4tqpzdpa/credential") - } - ''; -in -[ - (pkgs.writeScriptBin "update-deps" "nix flake update --commit-lock-file") - - (pkgs.writeShellScriptBin "gcloud-auth" '' - set -xeuo pipefail - ${pkgs.google-cloud-sdk}/bin/gcloud auth print-identity-token > /dev/null 2>&1 || \ - ${pkgs.google-cloud-sdk}/bin/gcloud auth login --quiet - ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default print-access-token > /dev/null 2>&1 || \ - ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default login --quiet - '') - - (pkgs.writeShellScriptBin "tofu-plan" '' - set -xeuo pipefail - - ${tofuSetup} - tofu_setup - - echo "=== Planning backups ===" - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" plan - - echo "=== Planning cloudflare ===" - CLOUDFLARE_API_TOKEN="$CLOUDFLARE_API_TOKEN" ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" plan - '') - - (pkgs.writeShellScriptBin "tofu-apply" '' - set -xeuo pipefail - - ${tofuSetup} - tofu_setup - - echo "=== Applying backups ===" - ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/backups" apply -auto-approve - - echo "=== Applying cloudflare ===" - CLOUDFLARE_API_TOKEN="$CLOUDFLARE_API_TOKEN" ${pkgs.opentofu}/bin/tofu -chdir="$TMPDIR/cloudflare" apply -auto-approve - '') -] diff --git a/nix/scripts/darwin.nix b/nix/scripts/darwin.nix deleted file mode 100644 index c1bbbde..0000000 --- a/nix/scripts/darwin.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - pkgs, - system, - inputs, -}: -[ - (pkgs.writeScriptBin "nbuild" '' - set -e - echo "> Running darwin-rebuild build..." - ${inputs.darwin.packages.${system}.darwin-rebuild}/bin/darwin-rebuild build --flake . - echo "> darwin-rebuild build was successful ✅" - echo "> macOS config was successfully applied 🚀" - '') - - (pkgs.writeScriptBin "nswitch" '' - set -e - echo "> Running darwin-rebuild switch..." - ${inputs.darwin.packages.${system}.darwin-rebuild}/bin/darwin-rebuild switch --flake . - echo "> darwin-rebuild build was successful ✅" - echo "> macOS config was successfully applied 🚀" - '') - - (pkgs.writeScriptBin "switch-vm-synology" '' - set -e - echo "> Running nixos-rebuild switch ..." - ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --keep-going --flake .#vm-synology --target-host vm-synology --build-host vm-synology --fast --use-remote-sudo --use-substitutes - echo "> nixos-rebuild switch was successful ✅" - '') - - (pkgs.writeScriptBin "sync-agenix-key" '' - set -e - echo "> Copying agenix SSH key from 1password ..." - mkdir -p ~/.ssh - ${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/agenix/private key?ssh-format=openssh" > ~/.ssh/agenix - ${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/agenix/public key" > ~/.ssh/agenix.pub - echo "> agenix SSH key copied successfully 🔐" - '') -] diff --git a/nix/scripts/default.nix b/nix/scripts/default.nix deleted file mode 100644 index 90851df..0000000 --- a/nix/scripts/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - pkgs, - system, - inputs, -}: -let - common = import ./common.nix { inherit pkgs; }; - darwin = import ./darwin.nix { inherit pkgs system inputs; }; - linux = import ./linux.nix { inherit pkgs system inputs; }; -in -{ - common = common; - darwin = if pkgs.lib.hasSuffix "darwin" system then darwin else [ ]; - linux = if pkgs.lib.hasSuffix "linux" system then linux else [ ]; - - all = - common - ++ (if pkgs.lib.hasSuffix "darwin" system then darwin else [ ]) - ++ (if pkgs.lib.hasSuffix "linux" system then linux else [ ]); -} diff --git a/nix/scripts/linux.nix b/nix/scripts/linux.nix deleted file mode 100644 index b44c86f..0000000 --- a/nix/scripts/linux.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - pkgs, -}: -[ - (pkgs.writeScriptBin "nbuild" '' - set -e - echo "> Running nixos-rebuild build..." - sudo nixos-rebuild build --flake . - echo "> nixos-rebuild build was successful ✅" - '') - - (pkgs.writeScriptBin "nswitch" '' - set -e - echo "> Running nixos-rebuild switch..." - sudo nixos-rebuild switch --flake . - echo "> nixos-rebuild switch was successful ✅" - echo "> NixOS config was successfully applied 🚀" - '') -] -- cgit v1.2.3