diff options
Diffstat (limited to '')
-rw-r--r-- | src/utils/push.rs | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/src/utils/push.rs b/src/utils/push.rs new file mode 100644 index 0000000..54ae013 --- /dev/null +++ b/src/utils/push.rs @@ -0,0 +1,108 @@ +use super::data; + +use std::process::Stdio; +use tokio::process::Command; + +pub async fn push_profile( + profile: &data::Profile, + profile_name: &str, + node: &data::Node, + node_name: &str, + supports_flakes: bool, + check_sigs: bool, + repo: &str, + merged_settings: &data::GenericSettings, + deploy_data: &super::DeployData<'_>, +) -> Result<(), Box<dyn std::error::Error>> { + info!( + "Pushing profile `{}` for node `{}`", + profile_name, node_name + ); + + debug!( + "Building profile `{} for node `{}`", + profile_name, node_name + ); + + if supports_flakes { + Command::new("nix") + .arg("build") + .arg("--no-link") + .arg(format!( + "{}#deploy.nodes.{}.profiles.{}.path", + repo, node_name, profile_name + )) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } else { + Command::new("nix-build") + .arg(&repo) + .arg("-A") + .arg(format!( + "deploy.nodes.{}.profiles.{}.path", + node_name, profile_name + )) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } + + if let Ok(local_key) = std::env::var("LOCAL_KEY") { + info!( + "Signing key present! Signing profile `{}` for node `{}`", + profile_name, node_name + ); + + Command::new("nix") + .arg("sign-paths") + .arg("-r") + .arg("-k") + .arg(local_key) + .arg(&profile.profile_settings.path) + .arg(&deploy_data.current_exe) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + } + + debug!("Copying profile `{} for node `{}`", profile_name, node_name); + + let mut copy_command_ = Command::new("nix"); + let mut copy_command = copy_command_.arg("copy"); + + if let Some(true) = merged_settings.fast_connection { + copy_command = copy_command.arg("--substitute-on-destination"); + } + + if !check_sigs { + copy_command = copy_command.arg("--no-check-sigs"); + } + + let ssh_opts_str = merged_settings + .ssh_opts + // This should provide some extra safety, but it also breaks for some reason, oh well + // .iter() + // .map(|x| format!("'{}'", x)) + // .collect::<Vec<String>>() + .join(" "); + + copy_command + .arg("--to") + .arg(format!( + "ssh://{}@{}", + deploy_data.ssh_user, node.node_settings.hostname + )) + .arg(&profile.profile_settings.path) + .arg(&deploy_data.current_exe) + .env("NIX_SSHOPTS", ssh_opts_str) + .stdout(Stdio::null()) + .stderr(Stdio::null()) + .spawn()? + .await?; + + Ok(()) +} |