use stdenv on nixos-deploy derivation

2025-07-13 18:44:55 -03:00 · 2025-07-13 18:44:55 -03:00 · 79a2576dfd
commit 79a2576dfd
parent 8a1af741dd
1 changed files with 120 additions and 97 deletions
--- a/packages/nixos-deploy.nix
+++ b/packages/nixos-deploy.nix
@ -1,24 +1,36 @@
-{
-  lib,
-  writeShellScript,
-  nixos-rebuild,
-  openssh,
-  coreutils,
-  gnugrep,
-  gawk,
+{ lib
+, stdenv
+, nixos-rebuild
+, openssh
+, coreutils
+, gnugrep
+, gawk
 }:

-writeShellScript "nixos-deploy" ''
-  set -euo pipefail
+stdenv.mkDerivation rec {
+  pname = "nixos-deploy";
+  version = "1.0";

-  LOCAL_BUILD=false
-  ACTION="switch"
-  FLAKE_URI=""
-  TARGET_HOST=""
-  SSH_USER=""
-  SSH_HOST=""
+  src = lib.fakeSha256; # will be ignored since we're using `installPhase`

-  show_usage() {
+  dontUnpack = true;
+
+  buildInputs = [ ];
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cat > $out/bin/nixos-deploy << 'EOF'
+#!/usr/bin/env bash
+set -euo pipefail
+
+LOCAL_BUILD=false
+ACTION="switch"
+FLAKE_URI=""
+TARGET_HOST=""
+SSH_USER=""
+SSH_HOST=""
+
+show_usage() {
    echo -e "Usage: nixos-deploy [--local-build] [--boot] <flake-uri> [user@]host"
    echo ""
    echo -e "Arguments:"
@ -35,9 +47,9 @@ writeShellScript "nixos-deploy" ''
    echo "  nixos-deploy --boot .#hostname 192.168.1.10"
    echo "  nixos-deploy .#hostname 192.168.1.10  # uses current user"
    exit 1
-  }
+}

-  while [[ $# -gt 0 ]]; do
+while [[ $# -gt 0 ]]; do
    case $1 in
        --local-build)
            LOCAL_BUILD=true
@ -66,46 +78,57 @@ writeShellScript "nixos-deploy" ''
            shift
            ;;
    esac
-  done
+done

-  if [[ -z "$FLAKE_URI" ]]; then
+if [[ -z "$FLAKE_URI" ]]; then
    echo -e "flake-uri is required"
    show_usage
-  fi
+fi

-  if [[ -z "$TARGET_HOST" ]]; then
+if [[ -z "$TARGET_HOST" ]]; then
    echo -e "target host is required"
    show_usage
-  fi
+fi

-  if [[ "$TARGET_HOST" == *"@"* ]]; then
-      SSH_USER="''${TARGET_HOST%@*}"
-      SSH_HOST="''${TARGET_HOST#*@}"
-  else
-      SSH_USER="$(${coreutils}/bin/whoami)"
+if [[ "$TARGET_HOST" == *"@"* ]]; then
+    SSH_USER="${TARGET_HOST%@*}"
+    SSH_HOST="${TARGET_HOST#*@}"
+else
+    SSH_USER="$("${coreutils}/bin/whoami")"
    SSH_HOST="$TARGET_HOST"
-  fi
+fi

-  echo "Deploying $FLAKE_URI to $SSH_HOST as user $SSH_USER (action: $ACTION)"
+echo "Deploying $FLAKE_URI to $SSH_HOST as user $SSH_USER (action: $ACTION)"

-  if [[ "$LOCAL_BUILD" != "true" ]]; then
-      GC_ROOT_PATH="/tmp/nixos-deploy-$SSH_HOST-$"
-  fi
+if [[ "$LOCAL_BUILD" != "true" ]]; then
+    GC_ROOT_PATH="/tmp/nixos-deploy-$SSH_HOST-$$"
+fi

-  REBUILD_CMD="${nixos-rebuild}/bin/nixos-rebuild $ACTION --flake $FLAKE_URI --target-host $TARGET_HOST"
+REBUILD_CMD="${nixos-rebuild}/bin/nixos-rebuild $ACTION --flake $FLAKE_URI --target-host $TARGET_HOST"

-  if [[ "$LOCAL_BUILD" == "true" ]]; then
+if [[ "$LOCAL_BUILD" == "true" ]]; then
    echo -e "Building locally and deploying to remote host"
-  else
+else
    REBUILD_CMD="$REBUILD_CMD --build-host $SSH_HOST"
    echo -e "Building on remote host"
-  fi
+fi

-  if [[ "$SSH_USER" != "root" ]]; then
+if [[ "$SSH_USER" != "root" ]]; then
    REBUILD_CMD="$REBUILD_CMD --use-remote-sudo"
    echo -e "Using remote sudo for non-root user"
-  fi
+fi
+
+echo -e "Running: $REBUILD_CMD"
+exec $REBUILD_CMD
+EOF
+    chmod +x $out/bin/nixos-deploy
+  '';
+
+  meta = with lib; {
+    description = "Tool to deploy a NixOS flake to a remote host using nixos-rebuild";
+    license = licenses.mit;
+    maintainers = with maintainers; [ ];
+    platforms = platforms.unix;
+  };
+}

-  echo -e "Running: $REBUILD_CMD"
-  exec $REBUILD_CMD
-''