blob: ed3da6f4a6bc2fff459c83e6a682f16214d30c86 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
#!/bin/sh
set -eu
usage() {
cat <<-'EOF'
Usage:
reconfigure [-n] [-U] [SHA]
reconfigure -h
EOF
}
help() {
cat <<-'EOF'
Options:
-n build the system, but don't switch to it (dry-run)
-U pull the latest channels before reconfiguring
-h, --help show this message
SHA the repository SHA to checkout (default: main)
Run a "guix system reconfigure" as root via "sudo -i". If a -U
flag is given, perform a "guix pull" (in root profile) prior to
the reconfigure. The user must be able to become the "deployer"
user, either via "sudo reconfigure" or by being member of the
"become-deployer" group.
Examples:
Reconfigure the system:
$ reconfigure
Build the system on a custom SHA, but don't switch to it:
$ reconfigure -n 916dafc092f797349a54515756f2c8e477326511
Update and upgrade:
$ reconfigure -U
EOF
}
for flag in "$@"; do
case "$flag" in
--)
break
;;
--help)
usage
help
exit
;;
*)
;;
esac
done
UPDATE=false
DRY_RUN=false
while getopts 'nUh' flag; do
case "$flag" in
n)
DRY_RUN=true
;;
U)
UPDATE=true
;;
h)
usage
help
exit
;;
*)
usage >&2
exit 2
;;
esac
done
shift $((OPTIND - 1))
# shellcheck source=/dev/null
. /etc/conf.env
SHA="${1:-main}"
REPO="/srv/git/$REPO_NAME"
NOW="$(date '+%Y-%m-%dT%H:%M:%S%:z')"
NOW_DIR=/opt/deploy/"$NOW"
NPROC=$(($(nproc) * 2 + 1))
if [ "$(id -un)" != 'root' ]; then
printf 'This script must be run as root.\n\n' >&2
usage >&2
exit 2
fi
set +eu
# shellcheck source=/dev/null
. /etc/rc
set -eu
if [ "$UPDATE" = true ] && [ "$DRY_RUN" = false ]; then
sudo -i guix pull -v3
fi
set -x
sudo -u deployer git clone --depth=1 "file://$REPO" "$NOW_DIR"
sudo -u deployer rm -f /opt/deploy/current
sudo -u deployer ln -rs "$NOW_DIR" /opt/deploy/current
cd /opt/deploy/current
sudo -u deployer git fetch --depth=1 "file://$REPO" "$SHA"
sudo -u deployer --preserve-env=GIT_CONFIG_GLOBAL git checkout "$SHA"
guix system describe
if [ "$DRY_RUN" = true ]; then
sudo -i guix system -c$NPROC -v3 build "$PWD"/src/infrastructure/guix/system.scm
else
# COMMENT: pre-receive is always running the previous version!
# The same is true for the reconfigure script itself.
sudo cp description "$REPO"/description
sudo cp src/infrastructure/ci/git-pre-receive.sh "$REPO"/hooks/pre-receive
sudo cp src/infrastructure/guix/channels.scm /etc/guix/
sudo cp src/infrastructure/guix/system.scm /etc/guix/
sudo -i guix system -c$NPROC -v3 reconfigure /etc/guix/system.scm
sudo -u deployer rsync \
--chmod=D775,F664 \
--chown=deployer:deployer \
-a \
--exclude='dev/ci/*' \
/run/current-system/profile/share/doc/"$NAME"/ "$HTML_OUTDIR"
deploy
fi
|
