diff --git a/README.md b/README.md index ac7c31f..4f7e189 100644 --- a/README.md +++ b/README.md @@ -1,81 +1,46 @@ # nix -NixOS dotfiles and configuration. +NixOS dotfiles and configuration for various hosts and users. -## Installation +## Structure -The below installation example is for a fresh `eirene-vm` virtual machine. +- [`flake.lock`](./flake.lock) and [`flake.nix`](./flake.nix): Core Nix flake files defining the repository's dependencies and entry points. -1. Mount NixOS Configuration +- [`hosts/`](./hosts): All host-specific configurations. + - [`common/`](./hosts/common): Shared configuration definitions. + - [`system/`](./hosts/common/system): System-level configurations and scripts. + - [`configs/`](./hosts/common/system/configs): System configurations applicable to all hosts. + - [`scripts/`](./hosts/common/system/scripts): Utility scripts, such as `nix-cleanup`. + - [`user/`](./hosts/common/user): Per-user options. + - [`configs/`](./hosts/common/user/configs): User configurations, split into: + - [`console/`](./hosts/common/user/configs/console): Console-related settings. + - [`gui/`](./hosts/common/user/configs/gui): GUI-related settings. + - [`scripts/`](./hosts/common/user/scripts): User-specific scripts and utilities. + - `/`: Individual host configurations. + - `scripts/`: Host-specific scripts. + - `secrets/`: Host-specific secrets, such as `machineId`. + - `users/`: User-specific settings for the host. + - `format.nix`: Disk layout definition using [`disko`](https://github.com/nix-community/disko). - ```sh - sudo -i - mkdir /host - mount -t virtiofs host /host - ``` +- `users//`: Global configurations for individual users that apply across all hosts. This includes secrets (like GPG keys and third-party service passwords), wallpapers, and more. -2. Format Disks +- [`scripts/`](./scripts): Utility scripts for managing the repository. + - [`add-host.sh`](./scripts/add-host.sh): Instantiate the keys for a new host configuration. + - [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host. + - [`add-user.sh`](./scripts/add-user.sh): Instantiate the keys for a new user configuration. + - [`remove-user.sh`](./scripts/remove-user.sh): Remove references to a user. + - [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations. + - [`update.sh`](./scripts/update.sh): Update flake and all git submodules. + - [`install.sh`](./scripts/install.sh): Install or repair a selected NixOS host. - ```sh - nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko /host/hosts/eirene/format.nix --arg device '"/dev/vda"' - ``` +- [`submodules/`](./submodules): Flake forks used in the repository, such as [`nixpkgs`](https://github.com/NixOS/nixpkgs) and [`home-manager`](https://github.com/nix-community/home-manager). -3. Generate Host SSH Key +Any `options.nix` files create custom option definitions when present. - ```sh - mkdir -p /mnt/persist/etc/ssh - ssh-keygen -t ed25519 -f /mnt/persist/etc/ssh/ssh_host_ed25519_key - cp /mnt/persist/etc/ssh/ssh_host_ed25519_key /host/hosts/eirene/secrets/ssh_host_ed25519_key +## Hosts - # Optional - Copy user keys - mkdir -p /mnt/persist/home/nick/.local/share/sops-nix - cp /host/users/nick/secrets/key.txt /mnt/persist/home/nick/.local/share/sops-nix/key.txt - ``` +Below is a table of all hosts, with links to their respective README files, which may provide further details and/or post-installation checklists. -4. Update `sops` Configuration - - ```sh - nix-shell -p ssh-to-age --run 'cat /mnt/persist/etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age' - - find . -type f -name 'sops.yaml' -exec nano {} \; - - export SOPS_AGE_KEY_FILE=/host/users/nick/secrets/key.txt - - find . -type f -name 'sops.yaml' | while read -r sops_file; do - dir=$(dirname "$sops_file") - find "$dir" -maxdepth 1 -type f -regextype posix-extended -regex '.+\.(yaml|yml|json|env|ini|bin)' | while read -r file; do - nix-shell -p sops --run 'sops --config $sops_file updatekeys $file' - done - done - ``` - -5. Update Nix Configuration Keys - - - Known Hosts - - ```sh - # Add to hosts/common/default.nix.programs.ssh.knownHosts - cp /mnt/persist/etc/ssh/ssh_host_ed25519_key.pub /host/hosts/eirene/secrets/ssh_host_ed25519_key.pub - ``` - - - SSH Keys - - ```sh - # Generate a new SSH key pair for every user that will connect to the newly added user@host combinations - # Add to hosts/eirene/default.nix.users.users.nick.openssh.authorizedKeys.keyFiles - ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_eirene_nick - ``` - -6. Install NixOS - - ```sh - mkdir -p /mnt/persist/etc/nixos - cp -r /host/* /mnt/persist/etc/nixos - nixos-install --root /mnt --flake /mnt/persist/etc/nixos#eirene-vm - ``` - -7. Reboot - - ```sh - reboot - ``` +| Host | README | +|----------|----------------------------------------------------| +| `eirene` | [hosts/eirene/README.md](./hosts/eirene/README.md) | diff --git a/flake.nix b/flake.nix index e3ec9e2..fbc60df 100644 --- a/flake.nix +++ b/flake.nix @@ -60,20 +60,12 @@ { self, nixpkgs, ... }@inputs: { nixosConfigurations = { - eirene-vm = nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs; - }; - system = "x86_64-linux"; - modules = [ ./hosts/eirene/vm ]; - }; - eirene = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs; }; system = "x86_64-linux"; - modules = [ ./hosts/eirene/base ]; + modules = [ ./hosts/eirene ]; }; }; diff --git a/hosts/common/system/configs/impermanence/scripts/start.sh b/hosts/common/system/configs/impermanence/scripts/start.sh index 6bb69b9..b268704 100644 --- a/hosts/common/system/configs/impermanence/scripts/start.sh +++ b/hosts/common/system/configs/impermanence/scripts/start.sh @@ -1,19 +1,19 @@ -echo "Starting impermanence mount with source: $source, target: $target, path: $path." +echo "Starting impermanence mount with source: ${source}, target: ${target}, path: ${path}." -source_current="$source" -target_current="$target" +source_current="${source}" +target_current="${target}" -IFS='/' read -ra path_parts <<< "$path" +IFS='/' read -ra path_parts <<< "${path}" unset "path_parts[-1]" for part in "${path_parts[@]}"; do - source_current="$source_current/$part" - target_current="$target_current/$part" + source_current="${source_current}/${part}" + target_current="${target_current}/${part}" - if [ ! -d "$source_current" ]; then + if [[ ! -d "${source_current}" ]]; then break fi - read -r mode owner group <<< "$(stat -c '%a %u %g' "$source_current")" - install -d -m "$mode" -o "$owner" -g "$group" "$target_current" + read -r mode owner group <<< "$(stat -c '%a %u %g' "${source_current}")" + install -d -m "${mode}" -o "${owner}" -g "${group}" "${target_current}" done diff --git a/hosts/common/system/configs/impermanence/scripts/stop.sh b/hosts/common/system/configs/impermanence/scripts/stop.sh index 8c01d13..1847a29 100644 --- a/hosts/common/system/configs/impermanence/scripts/stop.sh +++ b/hosts/common/system/configs/impermanence/scripts/stop.sh @@ -1,38 +1,38 @@ -echo "Stopping impermanence mount with source: $source, target: $target, path: $path." +echo "Stopping impermanence mount with source: ${source}, target: ${target}, path: ${path}." -source_current="$source" -target_current="$target" +source_current="${source}" +target_current="${target}" -IFS='/' read -ra path_parts <<< "$path" +IFS='/' read -ra path_parts <<< "${path}" unset "path_parts[-1]" for part in "${path_parts[@]}"; do - source_current="$source_current/$part" - target_current="$target_current/$part" + source_current="${source_current}/${part}" + target_current="${target_current}/${part}" - if [ ! -d "$target_current" ]; then + if [[ ! -d "${target_current}" ]]; then break fi - if [ -d "$source_current" ]; then + if [[ -d "${source_current}" ]]; then continue fi - read -r mode owner group <<< "$(stat -c '%a %u %g' "$target_current")" - install -d -m "$mode" -o "$owner" -g "$group" "$source_current" + read -r mode owner group <<< "$(stat -c '%a %u %g' "${target_current}")" + install -d -m "${mode}" -o "${owner}" -g "${group}" "${source_current}" done -source=$(realpath -m "$source/$path") -target=$(realpath -m "$target/$path") +source=$(realpath -m "${source}/${path}") +target=$(realpath -m "${target}/${path}") -if [ ! -e "$target" ] || { [ -d "$target" ] && [ -z "$(ls -A "$target")" ]; } || { [ -f "$target" ] && [ ! -s "$target" ]; }; then +if [[ ! -e "${target}" ]] || { [[ -d "${target}" ]] && [[ -z "$(ls -A "${target}")" ]]; } || { [[ -f "${target}" ]] && [[ ! -s "${target}" ]]; }; then exit 0 fi -if [ -e "$source" ]; then - >&2 echo "Error: Source $source already exists. Cannot move $target to $source." +if [[ -e "${source}" ]]; then + >&2 echo "Error: Source ${source} already exists. Cannot move ${target} to ${source}." exit 1 fi -echo "Moving target $target to source $source." -mv "$target" "$source" +echo "Moving target ${target} to source ${source}." +mv "${target}" "${source}" diff --git a/hosts/common/system/configs/impermanence/scripts/wipe.sh b/hosts/common/system/configs/impermanence/scripts/wipe.sh index a8733e7..e975786 100644 --- a/hosts/common/system/configs/impermanence/scripts/wipe.sh +++ b/hosts/common/system/configs/impermanence/scripts/wipe.sh @@ -1,7 +1,7 @@ delete_subvolume_recursively() { IFS=$'\n' for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do - delete_subvolume_recursively "/mnt/btrfs/$i" + delete_subvolume_recursively "/mnt/btrfs/${i}" done btrfs subvolume delete "$1" } @@ -12,11 +12,11 @@ mount /dev/mapper/luks /mnt/btrfs if [[ -e /mnt/btrfs/@ ]]; then mkdir -p /mnt/btrfs/@.bak timestamp=$(date --date="@$(stat -c %Y /mnt/btrfs/@)" "+%Y-%m-%d_%H:%M:%S") - mv /mnt/btrfs/@ "/mnt/btrfs/@.bak/$timestamp" + mv /mnt/btrfs/@ "/mnt/btrfs/@.bak/${timestamp}" fi find /mnt/btrfs/@.bak/ -maxdepth 1 -mtime +14 | while IFS= read -r i; do - delete_subvolume_recursively "$i" + delete_subvolume_recursively "${i}" done btrfs subvolume create /mnt/btrfs/@ diff --git a/hosts/common/system/configs/timezone/timezone.sh b/hosts/common/system/configs/timezone/timezone.sh index 4854001..a3393d8 100644 --- a/hosts/common/system/configs/timezone/timezone.sh +++ b/hosts/common/system/configs/timezone/timezone.sh @@ -1,7 +1,7 @@ case "$2" in connectivity-change) if timezone=$(curl --fail https://ipapi.co/timezone); then - timedatectl set-timezone "$timezone" + timedatectl set-timezone "${timezone}" fi ;; esac diff --git a/hosts/common/system/scripts/cleanup/cleanup.sh b/hosts/common/system/scripts/cleanup/cleanup.sh index 0856f3b..f94f85b 100644 --- a/hosts/common/system/scripts/cleanup/cleanup.sh +++ b/hosts/common/system/scripts/cleanup/cleanup.sh @@ -1,4 +1,4 @@ -if [ "$(id -u)" -ne 0 ]; then +if [[ "$(id -u)" -ne 0 ]]; then echo "This script must be run as root or with sudo privileges." exit 1 fi @@ -6,12 +6,12 @@ fi delete_subvolume_recursively() { IFS=$'\n' for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do - delete_subvolume_recursively "/mnt/btrfs/$i" + delete_subvolume_recursively "/mnt/btrfs/${i}" done btrfs subvolume delete "$1" } -if [[ -e /mnt/btrfs && $(mountpoint -q /mnt/btrfs) ]]; then +if [[ -e /mnt/btrfs && -n $(mountpoint -q /mnt/btrfs) ]]; then echo "/mnt/btrfs is already mounted. Exiting." exit 1 fi @@ -20,9 +20,9 @@ mkdir -p /mnt/btrfs mount /dev/mapper/luks /mnt/btrfs if [[ -e /mnt/btrfs/@.bak ]]; then - if [ "$(ls -A /mnt/btrfs/@.bak)" ]; then + if [[ -n "$(ls -A /mnt/btrfs/@.bak)" ]]; then for i in /mnt/btrfs/@.bak/*; do - delete_subvolume_recursively "$i" + delete_subvolume_recursively "${i}" done else echo "/mnt/btrfs/@.bak is empty. Nothing to delete." diff --git a/hosts/common/user/configs/console/gpg-agent/import-gpg-keys.sh b/hosts/common/user/configs/console/gpg-agent/import-gpg-keys.sh index d31ffc3..cd7e2b7 100644 --- a/hosts/common/user/configs/console/gpg-agent/import-gpg-keys.sh +++ b/hosts/common/user/configs/console/gpg-agent/import-gpg-keys.sh @@ -1,21 +1,21 @@ -for dir in "$HOME"/.config/sops-nix/secrets/gpg-agent/*; do - keyfile="$dir/key" - passfile="$dir/pass" +for dir in "${HOME}"/.config/sops-nix/secrets/gpg-agent/*; do + keyfile="${dir}/key" + passfile="${dir}/pass" - if [ ! -f "$keyfile" ]; then + if [[ ! -f "${keyfile}" ]]; then continue fi - if [ -f "$passfile" ]; then - gpg2 --batch --yes --pinentry-mode loopback --passphrase-file "$passfile" --import "$keyfile" + if [[ -f "${passfile}" ]]; then + gpg2 --batch --yes --pinentry-mode loopback --passphrase-file "${passfile}" --import "${keyfile}" else - gpg2 --batch --yes --import "$keyfile" + gpg2 --batch --yes --import "${keyfile}" fi - gpg2 --with-colons --import-options show-only --import "$keyfile" | grep '^fpr' | cut -d: -f10 | while read -r KEY_ID; do - echo "$KEY_ID:6:" >> "$GNUPGHOME"/otrust.txt + gpg2 --with-colons --import-options show-only --import "${keyfile}" | grep '^fpr' | cut -d: -f10 | while read -r KEY_ID; do + echo "${KEY_ID}:6:" >> "${GNUPGHOME}"/otrust.txt done done -gpg2 --import-ownertrust "$GNUPGHOME"/otrust.txt -rm "$GNUPGHOME"/otrust.txt +gpg2 --import-ownertrust "${GNUPGHOME}"/otrust.txt +rm "${GNUPGHOME}"/otrust.txt diff --git a/hosts/common/user/configs/gui/cliphist/scripts/copy.sh b/hosts/common/user/configs/gui/cliphist/scripts/copy.sh index cf69ec0..b7a2167 100755 --- a/hosts/common/user/configs/gui/cliphist/scripts/copy.sh +++ b/hosts/common/user/configs/gui/cliphist/scripts/copy.sh @@ -7,7 +7,7 @@ handle() { cliphist decode <<< "$1" | wl-copy } -case $ROFI_RETV in +case ${ROFI_RETV} in 0) list ;; 1) handle "$@" ;; esac diff --git a/hosts/common/user/configs/gui/cliphist/scripts/delete.sh b/hosts/common/user/configs/gui/cliphist/scripts/delete.sh index 915b694..f3e347f 100755 --- a/hosts/common/user/configs/gui/cliphist/scripts/delete.sh +++ b/hosts/common/user/configs/gui/cliphist/scripts/delete.sh @@ -7,7 +7,7 @@ handle() { cliphist delete <<< "$1" } -case $ROFI_RETV in +case ${ROFI_RETV} in 0) list ;; 1) handle "$@" && list ;; esac diff --git a/hosts/common/user/configs/gui/spicetify/config/merge.sh b/hosts/common/user/configs/gui/spicetify/config/merge.sh index 39eadb1..68ba02a 100644 --- a/hosts/common/user/configs/gui/spicetify/config/merge.sh +++ b/hosts/common/user/configs/gui/spicetify/config/merge.sh @@ -1,19 +1,19 @@ SOURCE_FILE=$(realpath -m "$1") TARGET_FILE=$(realpath -m "$2") -mkdir -p "$(dirname "$TARGET_FILE")" +mkdir -p "$(dirname "${TARGET_FILE}")" TEMP_FILE=$(mktemp) -cat "$SOURCE_FILE" > "$TEMP_FILE" +cat "${SOURCE_FILE}" > "${TEMP_FILE}" -if [ -f "$TARGET_FILE" ]; then +if [[ -f "${TARGET_FILE}" ]]; then while IFS='=' read -r key value; do - if ! grep -q "^${key}=" "$TEMP_FILE"; then - echo "${key}=${value}" >> "$TEMP_FILE" + if ! grep -q "^${key}=" "${TEMP_FILE}"; then + echo "${key}=${value}" >> "${TEMP_FILE}" fi - done < "$TARGET_FILE" + done < "${TARGET_FILE}" fi -mv "$TEMP_FILE" "$TARGET_FILE" +mv "${TEMP_FILE}" "${TARGET_FILE}" -echo "Configuration file $TARGET_FILE has been updated." +echo "Configuration file ${TARGET_FILE} has been updated." diff --git a/hosts/common/user/configs/gui/theme/theme.sh b/hosts/common/user/configs/gui/theme/theme.sh index cc67dd4..adf8cea 100644 --- a/hosts/common/user/configs/gui/theme/theme.sh +++ b/hosts/common/user/configs/gui/theme/theme.sh @@ -1,11 +1,11 @@ -[ ! -L "$CONFIG"/wallpaper ] && ln -sf "$DEFAULT_WALLPAPER" "$CONFIG"/wallpaper -[ ! -f "$CONFIG"/mode ] && echo "$DEFAULT_MODE" > "$CONFIG"/mode +[[ ! -L "${CONFIG}"/wallpaper ]] && ln -sf "${DEFAULT_WALLPAPER}" "${CONFIG}"/wallpaper +[[ ! -f "${CONFIG}"/mode ]] && echo "${DEFAULT_MODE}" > "${CONFIG}"/mode WALLPAPER="" MODE="" set_wallpaper() { - if [ -f "$1" ]; then + if [[ -f "$1" ]]; then WALLPAPER="$1" else echo "Invalid wallpaper path: $1" @@ -14,7 +14,7 @@ set_wallpaper() { } set_mode() { - if [ "$1" = "light" ] || [ "$1" = "dark" ]; then + if [[ "$1" = "light" ]] || [[ "$1" = "dark" ]]; then MODE="$1" else echo "Invalid mode: $1. Use 'light' or 'dark'." @@ -23,7 +23,7 @@ set_mode() { } toggle_mode() { - if [ "$(cat "$CONFIG"/mode)" = "light" ]; then + if [[ "$(cat "${CONFIG}"/mode)" = "light" ]]; then MODE="dark" else MODE="light" @@ -35,18 +35,18 @@ show_usage() { } finish() { - [ -n "$WALLPAPER" ] && ln -sf "$WALLPAPER" "$CONFIG"/wallpaper - [ -n "$MODE" ] && echo "$MODE" > "$CONFIG"/mode + [[ -n "${WALLPAPER}" ]] && ln -sf "${WALLPAPER}" "${CONFIG}"/wallpaper + [[ -n "${MODE}" ]] && echo "${MODE}" > "${CONFIG}"/mode - "$ACTIVATION" > /dev/null + "${ACTIVATION}" > /dev/null } -if [ $# -eq 0 ]; then +if [[ $# -eq 0 ]]; then finish else case "$1" in toggle) - if [ $# -eq 1 ]; then + if [[ $# -eq 1 ]]; then toggle_mode else show_usage @@ -54,7 +54,7 @@ else fi ;; light) - if [ $# -eq 1 ]; then + if [[ $# -eq 1 ]]; then set_mode "light" else show_usage @@ -62,7 +62,7 @@ else fi ;; dark) - if [ $# -eq 1 ]; then + if [[ $# -eq 1 ]]; then set_mode "dark" else show_usage @@ -70,7 +70,7 @@ else fi ;; mode) - if [ $# -eq 2 ]; then + if [[ $# -eq 2 ]]; then set_mode "$2" else show_usage @@ -78,9 +78,9 @@ else fi ;; wallpaper) - if [ $# -ge 2 ] && [ $# -le 3 ]; then + if [[ $# -ge 2 ]] && [[ $# -le 3 ]]; then set_wallpaper "$2" - [ $# -eq 3 ] && set_mode "$3" + [[ $# -eq 3 ]] && set_mode "$3" else show_usage exit 1 diff --git a/hosts/eirene/README.md b/hosts/eirene/README.md new file mode 100644 index 0000000..42f7fe7 --- /dev/null +++ b/hosts/eirene/README.md @@ -0,0 +1,14 @@ +# eirene + +## Post-Install Checklist + +### Networking + +- [ ] Add NetworkManager connections +- [ ] Connect Bluetooth devices +- [ ] Add printers + +### Third-party Services + +- [ ] Firefox +- [ ] Spotify diff --git a/hosts/eirene/base/card.sh b/hosts/eirene/base/card.sh deleted file mode 100644 index c10367c..0000000 --- a/hosts/eirene/base/card.sh +++ /dev/null @@ -1,10 +0,0 @@ -AMD=/dev/dri/by-path/pci-0000:06:00.0-card -NVIDIA=/dev/dri/by-path/pci-0000:01:00.0-card - -if [ -e $AMD ]; then - CARD=$AMD -else - CARD=$NVIDIA -fi - -ln -sf $CARD $HOME/.config/hypr/card diff --git a/hosts/eirene/base/default.nix b/hosts/eirene/base/default.nix deleted file mode 100644 index e088f80..0000000 --- a/hosts/eirene/base/default.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: -{ - imports = [ - inputs.disko.nixosModules.disko - (import ../format.nix { - device = "/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00BL2_S64RNE0R602762"; - }) - ./hardware-configuration.nix - ../../common/system/configs/tlp - ../. - ]; - - networking.hostName = "eirene"; - - # https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion/16achg6 - hardware = { - enableAllFirmware = true; - - cpu = { - cores = 8; - threads = 16; - amd.updateMicrocode = true; - }; - - nvidia = { - modesetting.enable = true; - powerManagement.enable = true; - open = false; - - prime = { - offload = { - enable = true; - enableOffloadCmd = true; - }; - nvidiaBusId = "PCI:1:0:0"; - amdgpuBusId = "PCI:6:0:0"; - }; - }; - - graphics = { - enable32Bit = true; - extraPackages = with pkgs; [ - amdvlk - driversi686Linux.amdvlk - rocmPackages.clr - rocmPackages.clr.icd - ]; - }; - }; - - services = { - xserver.videoDrivers = [ "nvidia" ]; - fstrim.enable = true; - tlp.settings.DISK_DEVICES = "nvme0n1 nvme1n1"; - }; - - boot = { - kernelParams = [ - "amd_pstate=active" - "video=eDP-1:2560x1600@165" - ]; - initrd.kernelModules = [ "amdgpu" ]; - }; - - home-manager.sharedModules = lib.mkIf config.programs.hyprland.enable [ - { - wayland.windowManager.hyprland.settings = { - monitor = "eDP-1, 2560x1600@165, 0x0, 1.25"; - env = [ "WLR_DRM_DEVICES,$HOME/.config/hypr/card" ]; - device = [ - { - name = "syna2ba6:00-06cb:ce44-touchpad"; - sensitivity = 0.5; - } - ]; - gestures.workspace_swipe_distance = 600; - }; - - programs = { - zsh.loginExtra = lib.mkBefore (builtins.readFile ./card.sh); - # VSCode does not play well with fractional scaling - vscode.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2; - }; - - theme = { - cursor.size = 24; - }; - } - ]; - - nixpkgs.config = { - cudaSupport = true; - rocmSupport = true; - }; -} diff --git a/hosts/eirene/default.nix b/hosts/eirene/default.nix index 6d1f99e..c01b46e 100644 --- a/hosts/eirene/default.nix +++ b/hosts/eirene/default.nix @@ -1,5 +1,14 @@ +{ + inputs, + lib, + pkgs, + ... +}: { imports = [ + inputs.disko.nixosModules.disko + (import ./format.nix { device = "/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00BL2_S64RNE0R602762"; }) + ./hardware-configuration.nix ../common/system/configs/bluetooth ../common/system/configs/boot ../common/system/configs/brightnessctl @@ -27,15 +36,98 @@ ../common/system/configs/ssh ../common/system/configs/system ../common/system/configs/timezone + ../common/system/configs/tlp ../common/system/configs/tmux ../common/system/configs/tree ../common/system/configs/users ../common/system/configs/wget ../common/system/configs/zsh ../common/system/scripts/cleanup - ./nick.nix + ./users/nick.nix ]; + # https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion/16achg6 + hardware = { + enableAllFirmware = true; + + cpu = { + cores = 8; + threads = 16; + amd.updateMicrocode = true; + }; + + nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + open = false; + + prime = { + offload = { + enable = true; + enableOffloadCmd = true; + }; + nvidiaBusId = "PCI:1:0:0"; + amdgpuBusId = "PCI:6:0:0"; + }; + }; + + graphics = { + enable32Bit = true; + extraPackages = with pkgs; [ + amdvlk + driversi686Linux.amdvlk + rocmPackages.clr + rocmPackages.clr.icd + ]; + }; + }; + + networking.hostName = "eirene"; i18n.defaultLocale = "en_US.UTF-8"; sops.defaultSopsFile = ./secrets/secrets.yaml; + + services = { + xserver.videoDrivers = [ "nvidia" ]; + fstrim.enable = true; + tlp.settings.DISK_DEVICES = "nvme0n1 nvme1n1"; + }; + + boot = { + kernelParams = [ + "amd_pstate=active" + "video=eDP-1:2560x1600@165" + ]; + initrd.kernelModules = [ "amdgpu" ]; + }; + + nixpkgs.config = { + cudaSupport = true; + rocmSupport = true; + }; + + home-manager.sharedModules = [ + { + wayland.windowManager.hyprland.settings = { + monitor = "eDP-1, 2560x1600@165, 0x0, 1.25"; + env = [ "WLR_DRM_DEVICES,$HOME/.config/hypr/card" ]; + device = [ + { + name = "syna2ba6:00-06cb:ce44-touchpad"; + sensitivity = 0.5; + } + ]; + gestures.workspace_swipe_distance = 600; + }; + + programs = { + zsh.loginExtra = lib.mkBefore (builtins.readFile ./scripts/card.sh); + # VSCode does not play well with fractional scaling + vscode.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2; + }; + + theme = { + cursor.size = 24; + }; + } + ]; } diff --git a/hosts/eirene/base/hardware-configuration.nix b/hosts/eirene/hardware-configuration.nix similarity index 100% rename from hosts/eirene/base/hardware-configuration.nix rename to hosts/eirene/hardware-configuration.nix diff --git a/hosts/eirene/nick.nix b/hosts/eirene/nick.nix deleted file mode 100644 index 98258d6..0000000 --- a/hosts/eirene/nick.nix +++ /dev/null @@ -1,115 +0,0 @@ -{ config, ... }: -let - # https://github.com/NixOS/nixpkgs/issues/24570 - # https://github.com/NixOS/nixpkgs/issues/305643 - user = "nick"; - home = "/home/nick"; -in -{ - imports = [ - ../common/user/configs/options.nix - (import ../common/user/configs/console/android { inherit user home; }) - (import ../common/user/configs/console/bluetooth { inherit user home; }) - (import ../common/user/configs/console/brightnessctl { inherit user home; }) - (import ../common/user/configs/console/btop { inherit user home; }) - (import ../common/user/configs/console/docker { inherit user home; }) - (import ../common/user/configs/console/fastfetch { inherit user home; }) - (import ../common/user/configs/console/ffmpeg { inherit user home; }) - (import ../common/user/configs/console/git { inherit user home; }) - (import ../common/user/configs/console/gpg-agent { inherit user home; }) - (import ../common/user/configs/console/home-manager { inherit user home; }) - (import ../common/user/configs/console/imagemagick { inherit user home; }) - (import ../common/user/configs/console/ncdu { inherit user home; }) - (import ../common/user/configs/console/neovim { inherit user home; }) - (import ../common/user/configs/console/nixpkgs { inherit user home; }) - (import ../common/user/configs/console/pipewire { inherit user home; }) - (import ../common/user/configs/console/ranger { inherit user home; }) - (import ../common/user/configs/console/sops { inherit user home; }) - (import ../common/user/configs/console/syncthing { inherit user home; }) - (import ../common/user/configs/console/tmux { inherit user home; }) - (import ../common/user/configs/console/tree { inherit user home; }) - (import ../common/user/configs/console/wget { inherit user home; }) - (import ../common/user/configs/console/xdg { inherit user home; }) - (import ../common/user/configs/console/yt-dlp { inherit user home; }) - (import ../common/user/configs/console/zsh { inherit user home; }) - (import ../common/user/configs/gui/ags { inherit user home; }) - (import ../common/user/configs/gui/bluetooth { inherit user home; }) - (import ../common/user/configs/gui/brightnessctl { inherit user home; }) - (import ../common/user/configs/gui/btop { inherit user home; }) - (import ../common/user/configs/gui/chromium { inherit user home; }) - (import ../common/user/configs/gui/cliphist { inherit user home; }) - (import ../common/user/configs/gui/emoji { inherit user home; }) - (import ../common/user/configs/gui/firefox { inherit user home; }) - (import ../common/user/configs/gui/gtk { inherit user home; }) - (import ../common/user/configs/gui/hyprland { inherit user home; }) - (import ../common/user/configs/gui/hyprshot { inherit user home; }) - (import ../common/user/configs/gui/kitty { inherit user home; }) - (import ../common/user/configs/gui/libreoffice { inherit user home; }) - (import ../common/user/configs/gui/networking { inherit user home; }) - (import ../common/user/configs/gui/obsidian { inherit user home; }) - (import ../common/user/configs/gui/pipewire { inherit user home; }) - (import ../common/user/configs/gui/qalculate { inherit user home; }) - (import ../common/user/configs/gui/qt { inherit user home; }) - (import ../common/user/configs/gui/rofi { inherit user home; }) - (import ../common/user/configs/gui/spicetify { inherit user home; }) - (import ../common/user/configs/gui/swww { inherit user home; }) - (import ../common/user/configs/gui/theme { inherit user home; }) - (import ../common/user/configs/gui/transmission { inherit user home; }) - (import ../common/user/configs/gui/vscode { inherit user home; }) - (import ../common/user/configs/gui/wev { inherit user home; }) - (import ../common/user/configs/gui/x11 { inherit user home; }) - ]; - - sops.secrets."${user}-password" = { - sopsFile = ../../users/${user}/secrets/secrets.yaml; - key = "password"; - neededForUsers = true; - }; - - users.users.${user} = { - inherit home; - isNormalUser = true; - email = "nick@karaolidis.com"; - fullName = "Nikolaos Karaolidis"; - description = "Nikolaos Karaolidis"; - hashedPasswordFile = config.sops.secrets."${user}-password".path; - extraGroups = [ "wheel" ]; - linger = true; - uid = 1000; - }; - - services.getty.autologinUser = user; - - home-manager.users.${user} = { - home = { - username = user; - homeDirectory = home; - }; - - sops.defaultSopsFile = ../../users/${user}/secrets/secrets.yaml; - theme.wallpaper = ../../users/${user}/secrets/wallpapers/clouds.png; - - programs.obsidian.vaults."Documents/Obsidian/master".enable = true; - - services.syncthing.settings.folders = { - obsidian = { - label = "Obsidian"; - path = "Documents/Obsidian"; - devices = [ - "amalthea" - "ganymede" - ]; - }; - official = { - label = "Official"; - path = "Documents/Official"; - devices = [ - "amalthea" - "ganymede" - ]; - }; - }; - - home.file."Documents/Obsidian/.stignore".source = ../common/user/configs/gui/obsidian/config/.stignore; - }; -} diff --git a/hosts/eirene/scripts/card.sh b/hosts/eirene/scripts/card.sh new file mode 100644 index 0000000..e053556 --- /dev/null +++ b/hosts/eirene/scripts/card.sh @@ -0,0 +1,10 @@ +AMD=/dev/dri/by-path/pci-0000:06:00.0-card +NVIDIA=/dev/dri/by-path/pci-0000:01:00.0-card + +if [[ -e "${AMD}" ]]; then + CARD=${AMD} +else + CARD=${NVIDIA} +fi + +ln -sf "${CARD}" "${HOME}"/.config/hypr/card diff --git a/hosts/eirene/users/nick.nix b/hosts/eirene/users/nick.nix new file mode 100644 index 0000000..18f5d13 --- /dev/null +++ b/hosts/eirene/users/nick.nix @@ -0,0 +1,115 @@ +{ config, ... }: +let + # https://github.com/NixOS/nixpkgs/issues/24570 + # https://github.com/NixOS/nixpkgs/issues/305643 + user = "nick"; + home = "/home/nick"; +in +{ + imports = [ + ../../common/user/configs/options.nix + (import ../../common/user/configs/console/android { inherit user home; }) + (import ../../common/user/configs/console/bluetooth { inherit user home; }) + (import ../../common/user/configs/console/brightnessctl { inherit user home; }) + (import ../../common/user/configs/console/btop { inherit user home; }) + (import ../../common/user/configs/console/docker { inherit user home; }) + (import ../../common/user/configs/console/fastfetch { inherit user home; }) + (import ../../common/user/configs/console/ffmpeg { inherit user home; }) + (import ../../common/user/configs/console/git { inherit user home; }) + (import ../../common/user/configs/console/gpg-agent { inherit user home; }) + (import ../../common/user/configs/console/home-manager { inherit user home; }) + (import ../../common/user/configs/console/imagemagick { inherit user home; }) + (import ../../common/user/configs/console/ncdu { inherit user home; }) + (import ../../common/user/configs/console/neovim { inherit user home; }) + (import ../../common/user/configs/console/nixpkgs { inherit user home; }) + (import ../../common/user/configs/console/pipewire { inherit user home; }) + (import ../../common/user/configs/console/ranger { inherit user home; }) + (import ../../common/user/configs/console/sops { inherit user home; }) + (import ../../common/user/configs/console/syncthing { inherit user home; }) + (import ../../common/user/configs/console/tmux { inherit user home; }) + (import ../../common/user/configs/console/tree { inherit user home; }) + (import ../../common/user/configs/console/wget { inherit user home; }) + (import ../../common/user/configs/console/xdg { inherit user home; }) + (import ../../common/user/configs/console/yt-dlp { inherit user home; }) + (import ../../common/user/configs/console/zsh { inherit user home; }) + (import ../../common/user/configs/gui/ags { inherit user home; }) + (import ../../common/user/configs/gui/bluetooth { inherit user home; }) + (import ../../common/user/configs/gui/brightnessctl { inherit user home; }) + (import ../../common/user/configs/gui/btop { inherit user home; }) + (import ../../common/user/configs/gui/chromium { inherit user home; }) + (import ../../common/user/configs/gui/cliphist { inherit user home; }) + (import ../../common/user/configs/gui/emoji { inherit user home; }) + (import ../../common/user/configs/gui/firefox { inherit user home; }) + (import ../../common/user/configs/gui/gtk { inherit user home; }) + (import ../../common/user/configs/gui/hyprland { inherit user home; }) + (import ../../common/user/configs/gui/hyprshot { inherit user home; }) + (import ../../common/user/configs/gui/kitty { inherit user home; }) + (import ../../common/user/configs/gui/libreoffice { inherit user home; }) + (import ../../common/user/configs/gui/networking { inherit user home; }) + (import ../../common/user/configs/gui/obsidian { inherit user home; }) + (import ../../common/user/configs/gui/pipewire { inherit user home; }) + (import ../../common/user/configs/gui/qalculate { inherit user home; }) + (import ../../common/user/configs/gui/qt { inherit user home; }) + (import ../../common/user/configs/gui/rofi { inherit user home; }) + (import ../../common/user/configs/gui/spicetify { inherit user home; }) + (import ../../common/user/configs/gui/swww { inherit user home; }) + (import ../../common/user/configs/gui/theme { inherit user home; }) + (import ../../common/user/configs/gui/transmission { inherit user home; }) + (import ../../common/user/configs/gui/vscode { inherit user home; }) + (import ../../common/user/configs/gui/wev { inherit user home; }) + (import ../../common/user/configs/gui/x11 { inherit user home; }) + ]; + + sops.secrets."${user}-password" = { + sopsFile = ../../../users/${user}/secrets/secrets.yaml; + key = "password"; + neededForUsers = true; + }; + + users.users.${user} = { + inherit home; + isNormalUser = true; + email = "nick@karaolidis.com"; + fullName = "Nikolaos Karaolidis"; + description = "Nikolaos Karaolidis"; + hashedPasswordFile = config.sops.secrets."${user}-password".path; + extraGroups = [ "wheel" ]; + linger = true; + uid = 1000; + }; + + services.getty.autologinUser = user; + + home-manager.users.${user} = { + home = { + username = user; + homeDirectory = home; + }; + + sops.defaultSopsFile = ../../../users/${user}/secrets/secrets.yaml; + theme.wallpaper = ../../../users/${user}/secrets/wallpapers/clouds.png; + + programs.obsidian.vaults."Documents/Obsidian/master".enable = true; + + services.syncthing.settings.folders = { + obsidian = { + label = "Obsidian"; + path = "Documents/Obsidian"; + devices = [ + "amalthea" + "ganymede" + ]; + }; + official = { + label = "Official"; + path = "Documents/Official"; + devices = [ + "amalthea" + "ganymede" + ]; + }; + }; + + home.file."Documents/Obsidian/.stignore".source = ../../common/user/configs/gui/obsidian/config/.stignore; + }; +} diff --git a/hosts/eirene/vm/default.nix b/hosts/eirene/vm/default.nix deleted file mode 100644 index cc6e8ce..0000000 --- a/hosts/eirene/vm/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - config, - inputs, - lib, - ... -}: -{ - imports = [ - inputs.disko.nixosModules.disko - (import ../format.nix { device = "/dev/vda"; }) - ./hardware-configuration.nix - ../. - ]; - - networking.hostName = "eirene-vm"; - - boot.kernelParams = [ "video=Virtual-1:2560x1600@60" ]; - - fileSystems."/host" = { - device = "host"; - fsType = "virtiofs"; - }; - - home-manager.sharedModules = lib.mkIf config.programs.hyprland.enable [ - { wayland.windowManager.hyprland.settings.monitor = "Virtual-1, 2560x1600@60, 0x0, 1"; } - ]; -} diff --git a/hosts/eirene/vm/hardware-configuration.nix b/hosts/eirene/vm/hardware-configuration.nix deleted file mode 100644 index 30408b7..0000000 --- a/hosts/eirene/vm/hardware-configuration.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, modulesPath, ... }: -{ - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - - boot = { - initrd.availableKernelModules = [ - "ahci" - "xhci_pci" - "virtio_pci" - "virtio_scsi" - "sr_mod" - "virtio_blk" - ]; - kernelModules = [ "kvm-amd" ]; - }; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/scripts/add-host.sh b/scripts/add-host.sh new file mode 100755 index 0000000..0fb5fbc --- /dev/null +++ b/scripts/add-host.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +if [[ "$#" -ne 2 ]]; then + echo "Usage: $0 " + exit 1 +fi + +HOST="$1" + +mkdir -p "./hosts/${HOST}/secrets" + +ssh-keygen -t ed25519 -f "./hosts/${HOST}/secrets/ssh_host_ed25519_key" -N "" + +AGE_KEY=$(nix shell nixpkgs#ssh-to-age --command bash -c "cat './hosts/${HOST}/secrets/ssh_host_ed25519_key.pub' | ssh-to-age") + +for SOPS_FILE in $(find . -type f -name "sops.yaml"); do + sed -i "/- hosts:/a\ - &${HOST} ${AGE_KEY}" "${SOPS_FILE}" + sed -i "/- age:/a\ - *${HOST}" "${SOPS_FILE}" +done + +sed -i "/knownHosts = {/a\ ${HOST}.publicKeyFile = ../../../../${HOST}/secrets/ssh_host_ed25519_key.pub;" ./hosts/common/system/configs/ssh/default.nix + +"$(dirname "$0")/update-keys.sh" "$2" + +echo "Host ${HOST} has been successfully added." +echo "Please generate SSH key pairs for any users that need to connect to user@host." +echo "Use the following command:" +echo "ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_${HOST}_" diff --git a/scripts/add-user.sh b/scripts/add-user.sh new file mode 100755 index 0000000..dfd2abb --- /dev/null +++ b/scripts/add-user.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +if [[ "$#" -ne 2 ]]; then + echo "Usage: $0 " + exit 1 +fi + +USER="$1" + +mkdir -p "./users/${USER}/secrets" + +nix shell nixpkgs#age --command age-keygen -o "./users/${USER}/secrets/key.txt" + +AGE_KEY=$(grep "^# public key: " "./users/${USER}/secrets/key.txt" | sed "s/# public key: //") + +for SOPS_FILE in $(find . -type f -name "sops.yaml"); do + sed -i "/- users:/a\ - &${USER} ${AGE_KEY}" "${SOPS_FILE}" + sed -i "/- age:/a\ - *${USER}" "${SOPS_FILE}" +done + +"$(dirname "$0")/update-keys.sh" "$2" + +echo "User ${USER} has been successfully added." diff --git a/scripts/install.sh b/scripts/install.sh new file mode 100755 index 0000000..d4a81ef --- /dev/null +++ b/scripts/install.sh @@ -0,0 +1,122 @@ +#!/usr/bin/env bash + +check_root() { + if [[ "${EUID}" -ne 0 ]]; then + echo "Please run the script as root." + exit 1 + fi +} + +check_network() { + if ping -c 1 google.com &>/dev/null; then + echo "Network connection detected, skipping Wi-Fi setup." + return + fi + + echo "No network connection detected." + echo "Would you like to connect to a Wi-Fi network? [y/N]" + + read -r connect_wifi + + if ! [[ "${connect_wifi}" =~ ^([yY][eE][sS]|[yY])$ ]]; then + echo "Please connect to a network before proceeding." + exit 1 + fi + + setup_wifi +} + +setup_wifi() { + echo "Available network interfaces:" + ip link show | grep -E '^[0-9]+:' | awk '{print $2}' | tr -d ':' + + echo "Enter the network interface you want to use:" + read -r interface + + echo "Do you want to connect to an open network? [y/N]" + read -r open_network + + if [[ "${open_network}" =~ ^([yY][eE][sS]|[yY])$ ]]; then + echo "Enter the SSID of the open network:" + read -r ssid + wpa_supplicant -i "${interface}" -c <(wpa_passphrase "${ssid}") -B + else + echo "Enter the SSID:" + read -r ssid + echo "Enter the passphrase:" + read -rs passphrase + + wpa_passphrase "${ssid}" "${passphrase}" > wifi.conf + wpa_supplicant -i "${interface}" -c wifi.conf -B + rm wifi.conf + fi + + dhcpcd +} + +select_host() { + echo "Available hosts:" + echo $(nix flake show --json | nix shell nixpkgs#jq --command jq -r '.nixosConfigurations | keys[]') + + echo "Enter host:" + read -r host +} + +select_users() { + echo "Available users:" + ls users/ + + echo "Enter the users to copy keys for (space-separated):" + read -r -a users +} + +prepare_disk() { + local mode="$1" + device=$(grep -oP '(?<=device = ")[^"]+' "./hosts/${host}/default.nix") + nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode "${mode}" "./hosts/${host}/format.nix" --arg device "\"${device}\"" +} + +copy_keys() { + mkdir -p /mnt/persist/etc/ssh + cp "./hosts/${host}/secrets/ssh_host_ed25519_key" /mnt/persist/etc/ssh/ssh_host_ed25519_key + + for user in "${users[@]}"; do + mkdir -p "/mnt/persist/home/${user}/.local/share/sops-nix" + cp "./users/${user}/secrets/key.txt" "/mnt/persist/home/${user}/.local/share/sops-nix/key.txt" + done +} + +install() { + nixos-install --root /mnt --flake ".#${host}" +} + +main() { + check_root + check_network + select_host + + echo "What would you like to do with ${host}?" + echo "1) Install" + echo "2) Repair" + read -r choice + + case ${choice} in + 1) + select_users + prepare_disk "disko" + copy_keys + install + echo "Installation complete. Please reboot your system." + ;; + 2) + prepare_disk "mount" + install + echo "Repair complete. Please reboot your system." + ;; + *) + echo "Invalid choice." + ;; + esac +} + +main diff --git a/scripts/remove-host.sh b/scripts/remove-host.sh new file mode 100755 index 0000000..c9ac255 --- /dev/null +++ b/scripts/remove-host.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +if [[ "$#" -ne 2 ]]; then + echo "Usage: $0 " + exit 1 +fi + +HOST="$1" + +AGE_KEY=$(nix shell nixpkgs#ssh-to-age --command bash -c "cat './hosts/${HOST}/secrets/ssh_host_ed25519_key.pub' | ssh-to-age") + +for SOPS_FILE in $(find . -type f -name "sops.yaml"); do + sed -i "/ - &${HOST} ${AGE_KEY}/d" "${SOPS_FILE}" + sed -i "/ - \*${HOST}/d" "${SOPS_FILE}" +done + +sed -i "/${HOST}.publicKeyFile/d" ./hosts/common/system/configs/ssh/default.nix + +"$(dirname "$0")/update-keys.sh" "$2" + +rm -rf "./hosts/${HOST}" + +echo "Host ${HOST} has been successfully removed." +echo "Please remove SSH key pairs for any users that used to connect to this host." diff --git a/scripts/remove-user.sh b/scripts/remove-user.sh new file mode 100755 index 0000000..fc077f0 --- /dev/null +++ b/scripts/remove-user.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +if [[ "$#" -ne 2 ]]; then + echo "Usage: $0 " + exit 1 +fi + +USER="$1" + +AGE_KEY=$(grep "^# public key: " "./users/${USER}/secrets/key.txt" | sed "s/# public key: //") + +for SOPS_FILE in $(find . -type f -name "sops.yaml"); do + sed -i "/ - &${USER} ${AGE_KEY}/d" "${SOPS_FILE}" + sed -i "/ - \*${USER}/d" "${SOPS_FILE}" +done + +"$(dirname "$0")/update-keys.sh" "$2" + +rm -rf ./users/"${USER}" + +echo "User ${USER} has been successfully removed." diff --git a/scripts/update-keys.sh b/scripts/update-keys.sh new file mode 100755 index 0000000..96d1365 --- /dev/null +++ b/scripts/update-keys.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +if [[ "$#" -ne 1 ]]; then + echo "Usage: $0 " + exit 1 +fi + +export SOPS_AGE_KEY_FILE="$1" + +for SOPS_FILE in $(find . -type f -name 'sops.yaml'); do + dir=$(dirname "${SOPS_FILE}") + echo "${dir}" + find "${dir}" -maxdepth 1 -type f -regextype posix-extended -regex '.+\.(yaml|yml|json|env|ini|bin)' | while read -r file; do + echo "${file}" + nix shell nixpkgs#sops --command sops --config "${SOPS_FILE}" updatekeys "${file}" -y + done +done diff --git a/update-submodules.sh b/scripts/update.sh similarity index 64% rename from update-submodules.sh rename to scripts/update.sh index 8846208..7481a66 100755 --- a/update-submodules.sh +++ b/scripts/update.sh @@ -1,28 +1,24 @@ #!/usr/bin/env bash -set -o errexit -set -o nounset -set -o pipefail - paths=$(git config --file .gitmodules --name-only --get-regexp path | while read -r line; do - path=$(git config --file .gitmodules --get "$line") + path=$(git config --file .gitmodules --get "${line}") url=$(git config --file .gitmodules --get "${line%.*}.url") - if [[ $url == *"karaolidis"* ]]; then - echo "$path" + if [[ ${url} == *"karaolidis"* ]]; then + echo "${path}" fi done) -for path in $paths; do - echo "Processing submodule: $path" +for path in ${paths}; do + echo "Processing submodule: ${path}" - cd "$path" + cd "${path}" || exit git checkout master git fetch upstream git merge upstream/master branches=$(git for-each-ref --format='%(refname:short)' refs/heads/ | grep -v '^master$') - for branch in $branches; do - git checkout "$branch" + for branch in ${branches}; do + git checkout "${branch}" git rebase master done @@ -30,7 +26,7 @@ for path in $paths; do git push origin --all --force-with-lease git push origin --tags --force-with-lease - cd - > /dev/null + cd - > /dev/null || exit done echo "All submodules updated successfully."