nixos-anywhere-install.nu

nixos-anywhere-install.nu · 1.6 KiB · Nu Raw

1	def nixos-anywhere-install [
2	ip: string,
3	hostname: string,
4	--rsa,
5	--nix-args: list<string> = []
6	] {
7	if ((which ssh-keygen \| length) == 0) {
8	error make { msg: "ssh-keygen not found in PATH" }
9	}
10
11	if ((which nix \| length) == 0) {
12	error make { msg: "nix not found in PATH" }
13	}
14
15	let temp = (mktemp -d \| str trim)
16	let persist_dir = ($temp \| path join "persist")
17	let etc_dir = ($persist_dir \| path join "etc")
18	let key_dir = ($etc_dir \| path join "ssh")
19
20	let target = $"root@($ip)"
21	let flake = $".#($hostname)"
22	let comment = $"root@($hostname)"
23
24	let ed25519_key = ($temp \| path join "ssh_host_ed25519_key")
25	let rsa_key = ($temp \| path join "ssh_host_rsa_key")
26
27	mkdir $key_dir
28
29	chmod 755 $persist_dir
30	chmod 755 $etc_dir
31	chmod 755 $key_dir
32
33	^ssh-keygen -q -t ed25519 -N "" -f $ed25519_key -C $comment
34
35	cp $ed25519_key ($key_dir \| path join "ssh_host_ed25519_key")
36	cp $"($ed25519_key).pub" ($key_dir \| path join "ssh_host_ed25519_key.pub")
37
38	chmod 600 ($key_dir \| path join "ssh_host_ed25519_key")
39	chmod 644 ($key_dir \| path join "ssh_host_ed25519_key.pub")
40
41	if $rsa {
42	^ssh-keygen -q -t rsa -b 4096 -N "" -f $rsa_key -C $comment
43
44	cp $rsa_key ($key_dir \| path join "ssh_host_rsa_key")
45	cp $"($rsa_key).pub" ($key_dir \| path join "ssh_host_rsa_key.pub")
46
47	chmod 600 ($key_dir \| path join "ssh_host_rsa_key")
48	chmod 644 ($key_dir \| path join "ssh_host_rsa_key.pub")
49	}
50
51	let nix_cmd = [
52	run
53	...$nix_args
54	github:nix-community/nixos-anywhere
55	--
56	--flake $flake
57	--extra-files $temp
58	$target
59	]
60
61	^nix ...$nix_cmd
62	}
63