blob: 3d49102c8eb3f5222afa947d94b2b5d5b519819e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
# default recipe to display help information
default:
@just --list
# update the flakes
[group('nix')]
update-deps:
nix flake update --commit-lock-file
# check the flake for errors
[group('nix')]
check:
nix flake check
# format the repository
[group('nix')]
fmt:
nix fmt
# build the nix-darwin system configuration without switching to it
[group('darwin')]
build:
@echo "building nix-darwin config..."
darwin-rebuild build --flake .
# switch the nix-darwin system configuration
[group('darwin')]
switch:
@echo "switching to new config..."
sudo darwin-rebuild switch --flake .
[group('linux')]
build-iso:
@echo "building an ISO for nixos..."
nix build .#nixosConfigurations.iso.config.system.build.isoImage
[group('linux')]
rbuild hostname:
@echo "building {{hostname}} nixos config..."
nixos-rebuild build --keep-going --flake ".#{{hostname}}" --target-host {{hostname}} --fast --use-remote-sudo --use-substitutes
[group('linux')]
rswitch hostname:
@echo "switching {{hostname}} to new config..."
nixos-rebuild switch --keep-going --flake ".#{{hostname}}" --target-host {{hostname}} --fast --use-remote-sudo --use-substitutes
# sync agenix key from 1password
[group('secrets')]
sync-agenix-key:
@echo "copying agenix SSH key from 1password..."
mkdir -p ~/.ssh
op --account my.1password.com read "op://Private/agenix/private key?ssh-format=openssh" > ~/.ssh/agenix
op --account my.1password.com read "op://Private/agenix/public key" > ~/.ssh/agenix.pub
# generate a new OIDC secret
[group('secrets')]
oidc-secret:
@echo "generate a new OIDC secret..."
nix run nixpkgs#authelia -- crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
|
