2020-08-20 17:08:02 +00:00
#! @runtimeShell@
2020-04-24 23:36:52 +00:00
2020-08-20 17:08:02 +00:00
if [ -x "@runtimeShell@" ] ; then export SHELL = "@runtimeShell@" ; fi ;
2020-04-24 23:36:52 +00:00
set -e
set -o pipefail
export PATH = @path@:$PATH
showSyntax( ) {
exec man nixos-rebuild
exit 1
}
# Parse the command line.
origArgs = ( " $@ " )
extraBuildFlags = ( )
lockFlags = ( )
action =
buildNix = 1
fast =
rollback =
upgrade =
repair =
profile = /nix/var/nix/profiles/system
buildHost =
targetHost =
maybeSudo = ( )
while [ " $# " -gt 0 ] ; do
i = " $1 " ; shift 1
case " $i " in
--help)
showSyntax
; ;
switch| boot| test| build| edit| dry-build| dry-run| dry-activate| build-vm| build-vm-with-bootloader)
if [ " $i " = dry-run ] ; then i = dry-build; fi
action = " $i "
; ;
--install-grub)
echo " $0 : --install-grub deprecated, use --install-bootloader instead " >& 2
export NIXOS_INSTALL_BOOTLOADER = 1
; ;
--install-bootloader)
export NIXOS_INSTALL_BOOTLOADER = 1
; ;
--no-build-nix)
buildNix =
; ;
--rollback)
rollback = 1
; ;
--upgrade)
upgrade = 1
; ;
--repair)
repair = 1
extraBuildFlags += ( " $i " )
; ;
--max-jobs| -j| --cores| -I| --builders)
j = " $1 " ; shift 1
extraBuildFlags += ( " $i " " $j " )
; ;
--show-trace| --keep-failed| -K| --keep-going| -k| --verbose| -v| -vv| -vvv| -vvvv| -vvvvv| --fallback| --repair| --no-build-output| -Q| -j*| -L| --refresh| --no-net)
extraBuildFlags += ( " $i " )
; ;
--option)
j = " $1 " ; shift 1
k = " $1 " ; shift 1
extraBuildFlags += ( " $i " " $j " " $k " )
; ;
--fast)
buildNix =
fast = 1
extraBuildFlags += ( --show-trace)
; ;
--profile-name| -p)
if [ -z " $1 " ] ; then
echo " $0 : ‘ --profile-name’ requires an argument "
exit 1
fi
if [ " $1 " != system ] ; then
profile = " /nix/var/nix/profiles/system-profiles/ $1 "
mkdir -p -m 0755 " $( dirname " $profile " ) "
fi
shift 1
; ;
--build-host| h)
buildHost = " $1 "
shift 1
; ;
--target-host| t)
targetHost = " $1 "
shift 1
; ;
--use-remote-sudo)
maybeSudo = ( sudo --)
; ;
--flake)
flake = " $1 "
shift 1
; ;
--recreate-lock-file| --no-update-lock-file| --no-write-lock-file| --no-registries| --commit-lock-file)
lockFlags += ( " $i " )
; ;
--update-input)
j = " $1 " ; shift 1
lockFlags += ( " $i " " $j " )
; ;
--override-input)
j = " $1 " ; shift 1
k = " $1 " ; shift 1
lockFlags += ( " $i " " $j " " $k " )
; ;
*)
echo " $0 : unknown option \` $i ' "
exit 1
; ;
esac
done
if [ -n " $SUDO_USER " ] ; then
maybeSudo = ( sudo --)
fi
if [ -z " $buildHost " -a -n " $targetHost " ] ; then
buildHost = " $targetHost "
fi
if [ " $targetHost " = localhost ] ; then
targetHost =
fi
if [ " $buildHost " = localhost ] ; then
buildHost =
fi
buildHostCmd( ) {
if [ -z " $buildHost " ] ; then
" $@ "
elif [ -n " $remoteNix " ] ; then
ssh $SSHOPTS " $buildHost " env PATH = " $remoteNix : $PATH " " ${ maybeSudo [@] } " " $@ "
else
ssh $SSHOPTS " $buildHost " " ${ maybeSudo [@] } " " $@ "
fi
}
targetHostCmd( ) {
if [ -z " $targetHost " ] ; then
" ${ maybeSudo [@] } " " $@ "
else
ssh $SSHOPTS " $targetHost " " ${ maybeSudo [@] } " " $@ "
fi
}
copyToTarget( ) {
if ! [ " $targetHost " = " $buildHost " ] ; then
if [ -z " $targetHost " ] ; then
NIX_SSHOPTS = $SSHOPTS nix-copy-closure --from " $buildHost " " $1 "
elif [ -z " $buildHost " ] ; then
NIX_SSHOPTS = $SSHOPTS nix-copy-closure --to " $targetHost " " $1 "
else
buildHostCmd nix-copy-closure --to " $targetHost " " $1 "
fi
fi
}
nixBuild( ) {
if [ -z " $buildHost " ] ; then
nix-build " $@ "
else
local instArgs = ( )
local buildArgs = ( )
while [ " $# " -gt 0 ] ; do
local i = " $1 " ; shift 1
case " $i " in
-o)
local out = " $1 " ; shift 1
buildArgs += ( "--add-root" " $out " "--indirect" )
; ;
-A)
local j = " $1 " ; shift 1
instArgs += ( " $i " " $j " )
; ;
-I) # We don't want this in buildArgs
shift 1
; ;
--no-out-link) # We don't want this in buildArgs
; ;
"<" *) # nix paths
instArgs += ( " $i " )
; ;
*)
buildArgs += ( " $i " )
; ;
esac
done
local drv = " $( nix-instantiate " ${ instArgs [@] } " " ${ extraBuildFlags [@] } " ) "
if [ -a " $drv " ] ; then
NIX_SSHOPTS = $SSHOPTS nix-copy-closure --to " $buildHost " " $drv "
buildHostCmd nix-store -r " $drv " " ${ buildArgs [@] } "
else
echo "nix-instantiate failed"
exit 1
fi
fi
}
if [ -z " $action " ] ; then showSyntax; fi
# Only run shell scripts from the Nixpkgs tree if the action is
# "switch", "boot", or "test". With other actions (such as "build"),
# the user may reasonably expect that no code from the Nixpkgs tree is
# executed, so it's safe to run nixos-rebuild against a potentially
# untrusted tree.
canRun =
if [ " $action " = switch -o " $action " = boot -o " $action " = test ] ; then
canRun = 1
fi
# If ‘ --upgrade’ is given, run ‘ nix-channel --update nixos’ .
if [ [ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ] ] ; then
nix-channel --update nixos
# If there are other channels that contain a file called
# ".update-on-nixos-rebuild", update them as well.
for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do
if [ -e " $channelpath /.update-on-nixos-rebuild " ] ; then
nix-channel --update " $( basename " $channelpath " ) "
fi
done
fi
# Make sure that we use the Nix package we depend on, not something
# else from the PATH for nix-{env,instantiate,build}. This is
# important, because NixOS defaults the architecture of the rebuilt
# system to the architecture of the nix-* binaries used. So if on an
# amd64 system the user has an i686 Nix package in her PATH, then we
# would silently downgrade the whole system to be i686 NixOS on the
# next reboot.
if [ -z " $_NIXOS_REBUILD_REEXEC " ] ; then
export PATH = @nix@/bin:$PATH
fi
# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the
# actual flake.
if [ [ -z $flake && -e /etc/nixos/flake.nix ] ] ; then
flake = " $( dirname " $( readlink -f /etc/nixos/flake.nix) " ) "
fi
# Re-execute nixos-rebuild from the Nixpkgs tree.
# FIXME: get nixos-rebuild from $flake.
if [ [ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ] ] ; then
if p = $( nix-build --no-out-link --expr 'with import <nixpkgs/nixos> {}; config.system.build.nixos-rebuild' " ${ extraBuildFlags [@] } " ) ; then
export _NIXOS_REBUILD_REEXEC = 1
exec $p /bin/nixos-rebuild " ${ origArgs [@] } "
exit 1
fi
fi
# For convenience, use the hostname as the default configuration to
# build from the flake.
if [ [ -n $flake ] ] ; then
if [ [ $flake = ~ ^( .*) \# ( [ ^\# \" ] *) $ ] ] ; then
flake = " ${ BASH_REMATCH [1] } "
flakeAttr = " ${ BASH_REMATCH [2] } "
fi
if [ [ -z $flakeAttr ] ] ; then
read -r hostname < /proc/sys/kernel/hostname
if [ [ -z $hostname ] ] ; then
hostname = default
fi
flakeAttr = " nixosConfigurations.\" $hostname \" "
else
flakeAttr = " nixosConfigurations.\" $flakeAttr \" "
fi
fi
# Resolve the flake.
if [ [ -n $flake ] ] ; then
flake = $( nix flake info --json " ${ extraBuildFlags [@] } " " ${ lockFlags [@] } " -- " $flake " | jq -r .url)
fi
# Find configuration.nix and open editor instead of building.
if [ " $action " = edit ] ; then
if [ [ -z $flake ] ] ; then
NIXOS_CONFIG = ${ NIXOS_CONFIG :- $( nix-instantiate --find-file nixos-config) }
exec " ${ EDITOR :- nano } " " $NIXOS_CONFIG "
else
exec nix edit " ${ lockFlags [@] } " -- " $flake # $flakeAttr "
fi
exit 1
fi
tmpDir = $( mktemp -t -d nixos-rebuild.XXXXXX)
SSHOPTS = " $NIX_SSHOPTS -o ControlMaster=auto -o ControlPath= $tmpDir /ssh-%n -o ControlPersist=60 "
cleanup( ) {
for ctrl in " $tmpDir " /ssh-*; do
ssh -o ControlPath = " $ctrl " -O exit dummyhost 2>/dev/null || true
done
rm -rf " $tmpDir "
}
trap cleanup EXIT
# If the Nix daemon is running, then use it. This allows us to use
# the latest Nix from Nixpkgs (below) for expression evaluation, while
# still using the old Nix (via the daemon) for actual store access.
# This matters if the new Nix in Nixpkgs has a schema change. It
# would upgrade the schema, which should only happen once we actually
# switch to the new configuration.
# If --repair is given, don't try to use the Nix daemon, because the
# flag can only be used directly.
if [ -z " $repair " ] && systemctl show nix-daemon.socket nix-daemon.service | grep -q ActiveState = active; then
export NIX_REMOTE = ${ NIX_REMOTE -daemon }
fi
# First build Nix, since NixOS may require a newer version than the
# current one.
if [ -n " $rollback " -o " $action " = dry-build ] ; then
buildNix =
fi
nixSystem( ) {
machine = " $( uname -m) "
if [ [ " $machine " = ~ i.86 ] ] ; then
machine = i686
fi
echo $machine -linux
}
prebuiltNix( ) {
machine = " $1 "
if [ " $machine " = x86_64 ] ; then
echo @nix_x86_64_linux@
elif [ [ " $machine " = ~ i.86 ] ] ; then
echo @nix_i686_linux@
else
echo " $0 : unsupported platform "
exit 1
fi
}
remotePATH =
if [ [ -n $buildNix && -z $flake ] ] ; then
echo "building Nix..." >& 2
nixDrv =
if ! nixDrv = " $( nix-instantiate '<nixpkgs/nixos>' --add-root $tmpDir /nix.drv --indirect -A config.nix.package.out " ${ extraBuildFlags [@] } " ) " ; then
if ! nixDrv = " $( nix-instantiate '<nixpkgs>' --add-root $tmpDir /nix.drv --indirect -A nix " ${ extraBuildFlags [@] } " ) " ; then
if ! nixStorePath = " $( nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A $( nixSystem) | sed -e 's/^"//' -e 's/"$//' ) " ; then
nixStorePath = " $( prebuiltNix " $( uname -m) " ) "
fi
if ! nix-store -r $nixStorePath --add-root $tmpDir /nix --indirect \
--option extra-binary-caches https://cache.nixos.org/; then
echo "warning: don't know how to get latest Nix" >& 2
fi
# Older version of nix-store -r don't support --add-root.
[ -e $tmpDir /nix ] || ln -sf $nixStorePath $tmpDir /nix
if [ -n " $buildHost " ] ; then
remoteNixStorePath = " $( prebuiltNix " $( buildHostCmd uname -m) " ) "
remoteNix = " $remoteNixStorePath /bin "
if ! buildHostCmd nix-store -r $remoteNixStorePath \
--option extra-binary-caches https://cache.nixos.org/ >/dev/null; then
remoteNix =
echo "warning: don't know how to get latest Nix" >& 2
fi
fi
fi
fi
if [ -a " $nixDrv " ] ; then
nix-store -r " $nixDrv " '!' "out" --add-root $tmpDir /nix --indirect >/dev/null
if [ -n " $buildHost " ] ; then
nix-copy-closure --to " $buildHost " " $nixDrv "
# The nix build produces multiple outputs, we add them all to the remote path
for p in $( buildHostCmd nix-store -r " $( readlink " $nixDrv " ) " " ${ buildArgs [@] } " ) ; do
remoteNix = " $remoteNix ${ remoteNix : + : } $p /bin "
done
fi
fi
PATH = " $tmpDir /nix/bin: $PATH "
fi
# Update the version suffix if we're building from Git (so that
# nixos-version shows something useful).
if [ [ -n $canRun && -z $flake ] ] ; then
if nixpkgs = $( nix-instantiate --find-file nixpkgs " ${ extraBuildFlags [@] } " ) ; then
suffix = $( $SHELL $nixpkgs /nixos/modules/installer/tools/get-version-suffix " ${ extraBuildFlags [@] } " || true )
if [ -n " $suffix " ] ; then
echo -n " $suffix " > " $nixpkgs /.version-suffix " || true
fi
fi
fi
if [ " $action " = dry-build ] ; then
extraBuildFlags += ( --dry-run)
fi
# Either upgrade the configuration in the system profile (for "switch"
# or "boot"), or just build it and create a symlink "result" in the
# current directory (for "build" and "test").
if [ -z " $rollback " ] ; then
echo "building the system configuration..." >& 2
if [ " $action " = switch -o " $action " = boot ] ; then
if [ [ -z $flake ] ] ; then
pathToConfig = " $( nixBuild '<nixpkgs/nixos>' --no-out-link -A system " ${ extraBuildFlags [@] } " ) "
else
outLink = $tmpDir /result
nix build " $flake # $flakeAttr .config.system.build.toplevel " \
" ${ extraBuildFlags [@] } " " ${ lockFlags [@] } " --out-link $outLink
pathToConfig = " $( readlink -f $outLink ) "
fi
copyToTarget " $pathToConfig "
targetHostCmd nix-env -p " $profile " --set " $pathToConfig "
elif [ " $action " = test -o " $action " = build -o " $action " = dry-build -o " $action " = dry-activate ] ; then
if [ [ -z $flake ] ] ; then
pathToConfig = " $( nixBuild '<nixpkgs/nixos>' -A system -k " ${ extraBuildFlags [@] } " ) "
else
nix build " $flake # $flakeAttr .config.system.build.toplevel " " ${ extraBuildFlags [@] } " " ${ lockFlags [@] } "
pathToConfig = " $( readlink -f ./result) "
fi
elif [ " $action " = build-vm ] ; then
if [ [ -z $flake ] ] ; then
pathToConfig = " $( nixBuild '<nixpkgs/nixos>' -A vm -k " ${ extraBuildFlags [@] } " ) "
else
echo " $0 : 'build-vm' is not supported with '--flake' " >& 2
exit 1
fi
elif [ " $action " = build-vm-with-bootloader ] ; then
if [ [ -z $flake ] ] ; then
pathToConfig = " $( nixBuild '<nixpkgs/nixos>' -A vmWithBootLoader -k " ${ extraBuildFlags [@] } " ) "
else
echo " $0 : 'build-vm-with-bootloader' is not supported with '--flake' " >& 2
exit 1
fi
else
showSyntax
fi
# Copy build to target host if we haven't already done it
if ! [ " $action " = switch -o " $action " = boot ] ; then
copyToTarget " $pathToConfig "
fi
else # [ -n "$rollback" ]
if [ " $action " = switch -o " $action " = boot ] ; then
targetHostCmd nix-env --rollback -p " $profile "
pathToConfig = " $profile "
elif [ " $action " = test -o " $action " = build ] ; then
systemNumber = $(
targetHostCmd nix-env -p " $profile " --list-generations |
sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h'
)
pathToConfig = " $profile " -${ systemNumber } -link
if [ -z " $targetHost " ] ; then
ln -sT " $pathToConfig " ./result
fi
else
showSyntax
fi
fi
# If we're not just building, then make the new configuration the boot
# default and/or activate it now.
if [ " $action " = switch -o " $action " = boot -o " $action " = test -o " $action " = dry-activate ] ; then
if ! targetHostCmd $pathToConfig /bin/switch-to-configuration " $action " ; then
echo "warning: error(s) occurred while switching to the new configuration" >& 2
exit 1
fi
fi
if [ " $action " = build-vm ] ; then
cat >& 2 <<EOF
Done. The virtual machine can be started by running $( echo $pathToConfig /bin/run-*-vm)
EOF
fi