imterah/kittehcluster
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

chore: Finish up install scripts.

Browse source
This commit is contained in:
greysoh 2024-07-19 13:57:30 -04:00
parent 3c291b8a95
commit 72b9dd88e5
Signed by: imterah
GPG key ID: 8FA7DD57BA6CEA37
8 changed files with 72 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

14
nixinfra/commons.nix
View file

@ -1,6 +1,6 @@
let let
pkgs = import <nixpkgs> {}; pkgs = import <nixpkgs> {};
secret_data = builtins.readFile ./secrets.nix; update_script = builtins.readFile ./update.sh;
in { in {
imports = [ imports = [
./secrets.nix ./secrets.nix
@ -29,14 +29,10 @@ in {
chmod -R 644 /etc/rancher 2> /dev/null > /dev/null chmod -R 644 /etc/rancher 2> /dev/null > /dev/null
chmod -R 644 /var/lib/rancher 2> /dev/null > /dev/null chmod -R 644 /var/lib/rancher 2> /dev/null > /dev/null
if [ ! -d "/etc/nixos/git" ]; then # Because I'm lazy (and this works), we use this method to write the file
echo "Waiting for true internet bringup..." rm -rf /home/clusteradm/update
sleep 10 ln -s ${pkgs.writeShellScript "update" update_script} /home/clusteradm/update
echo "Downloading configuration files..."
${pkgs.git}/bin/git clone https://git.hofers.cloud/greysoh/kittehcluster /etc/nixos/
cp -r ${pkgs.writeText "secrets.nix" secret_data} /etc/nixos/nixinfra/secrets.nix
fi
echo "Done." echo "Done."
''; '';
}; };

28
nixinfra/install-script.sh
View file

@ -45,7 +45,29 @@ if [ ! -f "/mnt/etc/nixos/install-script.sh" ]; then
fi fi
sudo mv /tmp/hardware-configuration.nix /mnt/etc/nixos/nixinfra/ sudo mv /tmp/hardware-configuration.nix /mnt/etc/nixos/nixinfra/
sudo nixos-install -I /mnt/etc/nixos/nixinfra/$NIX_INSTALL_PATH sudo mv $SECRETS_PATH /mnt/etc/nixos/nixinfra/secrets.nix
sudo umount /mnt/boot sudo bash -c "NIXOS_CONFIG=/mnt/etc/nixos/nixinfra/$NIX_INSTALL_PATH nixos-install"
sudo umount /mnt RET=$?
if [ $RET -ne 0 ]; then
echo "Failed to install! Attempting to spawn bash for debugging..."
echo "NOTE: You will not see a bash prompt (for some reason)"
bash
echo "Bash exited."
else
echo "Successfully installed! Finishing install..."
mkdir /mnt/home/clusteradm/.bin
echo "NIX_INSTALL_PATH=/etc/nixos/nixinfra/$NIX_INSTALL_PATH" > /mnt/home/clusteradm/.bin/.env
echo 'export PATH="$PATH:/home/clusteradm/.bin"' >> /mnt/home/clusteradm/.bashrc
echo 'export PATH="$PATH:/home/clusteradm/.bin"' >> /mnt/home/clusteradm/.zshrc
sleep 60
echo "Rebooting"
sudo reboot
exit
fi
echo "Unmounting filesystems..."
sudo umount -f /mnt/boot
sudo umount -f /mnt
echo "Done."

24
nixinfra/install.sh
View file

@ -1,4 +1,10 @@
#!/usr/bin/env bash #!/usr/bin/env bash
SSH_SERVER="$1"
ssh-to-srv() {
ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" nixos@$SSH_SERVER $@
}
if [ "$GIT_REPO" == "" ]; then if [ "$GIT_REPO" == "" ]; then
export GIT_REPO="https://git.hofers.cloud/greysoh/kittehcluster" export GIT_REPO="https://git.hofers.cloud/greysoh/kittehcluster"
fi fi
@ -10,6 +16,20 @@ if [ "$NIX_INSTALL_PATH" == "" ]; then
exit 1 exit 1
fi fi
if [ ! -f "secrets.nix" ]; then
echo "ERROR: secrets.nix doesn't exit! Copy that file, and setup your secrets, please."
exit 1
fi
echo "Initializing..." echo "Initializing..."
FILE_ENCODED="$(cat install-script.sh | base64)"
ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" nixos@$1 bash -c "'echo -n $FILE_ENCODED | base64 -d > /tmp/install.sh; GIT_REPO=$GIT_REPO NIX_INSTALL_PATH=$NIX_INSTALL_PATH bash /tmp/install.sh'" # Ugh, gotta reimplement ssh-copy-id real quick...
# TODO: see if there's a way to specify custom arguments to ssh-copy-id's SSH process
for i in ~/.ssh/id_*.pub; do
echo "Copying public key '$i'..."
ssh-to-srv bash -c "'mkdir -p ~/.ssh; touch ~/.ssh/authorized_keys; echo -n $(cat $i | base64) | base64 -d > ~/.ssh/authorized_keys'"
done
ssh-to-srv bash -c "'echo -n $(cat secrets.nix | base64) | base64 -d > /tmp/secrets.nix'"
ssh-to-srv bash -c "'echo -n $(cat install-script.sh | base64) | base64 -d > /tmp/install.sh'"
ssh-to-srv bash -c "'GIT_REPO=$GIT_REPO NIX_INSTALL_PATH=$NIX_INSTALL_PATH SECRETS_PATH=/tmp/secrets.nix bash /tmp/install.sh'"

1
nixinfra/kitteh-node-1/agent.nix
View file

@ -6,4 +6,5 @@ in {
]; ];
networking.hostName = "kitteh-node-1-k3s-agent"; networking.hostName = "kitteh-node-1-k3s-agent";
environment.variables.NIX_BUILD_ID = "kitteh-node-1/agent";
} }

1
nixinfra/kitteh-node-1/server.nix
View file

@ -9,6 +9,7 @@ in {
]; ];
networking.hostName = "kitteh-node-1-k3s-server"; networking.hostName = "kitteh-node-1-k3s-server";
environment.variables.NIX_BUILD_ID = "kitteh-node-1/server";
services.k3s = { services.k3s = {
enable = true; enable = true;

1
nixinfra/kitteh-node-2/agent.nix
View file

@ -6,4 +6,5 @@ in {
]; ];
networking.hostName = "kitteh-node-2-k3s-agent"; networking.hostName = "kitteh-node-2-k3s-agent";
environment.variables.NIX_BUILD_ID = "kitteh-node-2/agent";
} }

1
nixinfra/kitteh-node-2/server.nix
View file

@ -6,4 +6,5 @@ in {
]; ];
networking.hostName = "kitteh-node-2-k3s-server"; networking.hostName = "kitteh-node-2-k3s-server";
environment.variables.NIX_BUILD_ID = "kitteh-node-2/server";
} }

16
nixinfra/update.sh Normal file
View file

@ -0,0 +1,16 @@
#!/usr/bin/env bash
if [[ "$NIX_BUILD_ID" == "" ]]; then
echo "ERROR: You have held a (potentially) broken install!"
echo "NIX_BUILD_ID is not set (should be set by default!)"
echo "Please set NIX_BUILD_ID manually. i.e:"
echo "NIX_BUILD_ID=kitteh-node-1/agent updater"
exit 1
fi
if [[ "$UID" != "0" ]]; then
sudo $0 $@
exit $?
fi
export NIX_PATH="$(printf $NIX_PATH | sed --expression="s#/etc/nixos/configuration.nix#/etc/nixos/nixinfra/$NIX_BUILD_ID.nix#g")"
nixos-rebuild switch --upgrade