about summary refs log tree commit diff
diff options
context:
space:
mode:
-rwxr-xr-xbin/__dispatch.sh3
l---------bin/rebuilder1
-rw-r--r--ops/nixos/README.md6
-rw-r--r--ops/nixos/default.nix28
4 files changed, 33 insertions, 5 deletions
diff --git a/bin/__dispatch.sh b/bin/__dispatch.sh
index d9c2e7ee35c3..af56750872b1 100755
--- a/bin/__dispatch.sh
+++ b/bin/__dispatch.sh
@@ -38,6 +38,9 @@ case "${TARGET_TOOL}" in
   age-keygen)
     attr="third_party.age"
     ;;
+  rebuilder)
+    attr="ops.nixos.rebuilder"
+    ;;
   *)
     echo "The tool '${TARGET_TOOL}' is currently not installed in this repository."
     exit 1
diff --git a/bin/rebuilder b/bin/rebuilder
new file mode 120000
index 000000000000..8390ec9c9652
--- /dev/null
+++ b/bin/rebuilder
@@ -0,0 +1 @@
+__dispatch.sh
\ No newline at end of file
diff --git a/ops/nixos/README.md b/ops/nixos/README.md
index 9950a113ef47..9e88193dad7e 100644
--- a/ops/nixos/README.md
+++ b/ops/nixos/README.md
@@ -9,9 +9,9 @@ System configuration lives in folders for each machine and a custom
 fixed point evaluation (similar to standard NixOS module
 configuration) is used to combine configuration together.
 
-Building `ops.nixos.depot-switcher` yields a script that will
-automatically build and activate the newest configuration based on the
-current hostname.
+Building `ops.nixos.rebuilder` yields a script that will automatically
+build and activate the newest configuration based on the current
+hostname.
 
 ## Configured hosts:
 
diff --git a/ops/nixos/default.nix b/ops/nixos/default.nix
index 02a42425fdc6..d4aa9705d6a7 100644
--- a/ops/nixos/default.nix
+++ b/ops/nixos/default.nix
@@ -1,3 +1,4 @@
+# TODO(tazjin): rename 'pkgs' -> 'depot'?
 { pkgs, ... }:
 
 let
@@ -9,7 +10,30 @@ let
       foldl' lib.recursiveUpdate {} (map (c: c config) configs)
     );
   }).system;
-in {
-  # TODO(tazjin): rename 'pkgs' -> 'depot'?
+
   nuggetSystem = systemFor [ pkgs.ops.nixos.nugget ];
+
+  rebuilder = pkgs.third_party.writeShellScriptBin "rebuilder" ''
+    set -ue
+    if [[ $EUID -ne 0 ]]; then
+      echo "Oh no! Only root is allowed to rebuild the system!" >&2
+      exit 1
+    fi
+
+    case $HOSTNAME in
+    nugget)
+      echo "Rebuilding NixOS for //ops/nixos/nugget"
+      system=$(nix-build -E '(import <depot> {}).ops.nixos.nuggetSystem' --no-out-link)
+      ;;
+    *)
+      echo "$HOSTNAME is not a known NixOS host!" >&2
+      exit 1
+      ;;
+    esac
+
+    nix-env -p /nix/var/nix/profiles/system --set $system
+    $system/bin/switch-to-configuration switch
+  '';
+in {
+  inherit nuggetSystem rebuilder;
 }