From 05a49f4e353242a37d0dc88c7ba878c689532112 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 19 May 2024 14:05:20 +0200
Subject: [PATCH] Improve createScript function

---
 README.md                       |  6 +++---
 flake-parts/deploy.nix          |  1 -
 flake-parts/scripts/default.nix | 17 +++++++++++++----
 3 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 6fb9cc6..95b11bc 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,9 @@ Nix definitions to configure our servers at home.
 - [agenix](https://github.com/ryantm/agenix): deployment of encrypted secrets to NixOS machines
 - [dns.nix](https://github.com/kirelagin/dns.nix): A Nix DSL for defining DNS zones
 - [flake-utils](https://github.com/numtide/flake-utils): Handy utilities to develop Nix flakes
-- [nixos-hardware](https://github.com/NixOS/nixos-hardware): Hardware-specific NixOS modules. Doing the heavy lifting for our Raspberry Pi.
+- [nixos-hardware](https://github.com/NixOS/nixos-hardware): Hardware-specific NixOS modules. Doing the heavy lifting for our Raspberry Pi
+- [kubenix](https://kubenix.org/): declare and deploy Kubernetes resources using Nix
+- [nixhelm](https://github.com/farcaller/nixhelm): Nix-digestible Helm charts
 
 ## Installation
 
@@ -43,8 +45,6 @@ This puts a private key, signed certificate and a kubeconfig in the kubeconfig d
 
 If the cluster has not been initialized yet, next run `nix run .#kubenix-bootstrap.x86_64-linux`.
 
-⚠️  Do not do this if the cluster has been initialized already, as it will prune any deployed resources! ⚠️
-
 Lastly, deploy everything to the cluster using `nix run .#kubenix.x86_64-linux`.
 
 ## Known bugs
diff --git a/flake-parts/deploy.nix b/flake-parts/deploy.nix
index f8f8fbe..9dee0bb 100644
--- a/flake-parts/deploy.nix
+++ b/flake-parts/deploy.nix
@@ -22,5 +22,4 @@ in
         };
       });
   };
-
 }
diff --git a/flake-parts/scripts/default.nix b/flake-parts/scripts/default.nix
index 49e1e5c..642e592 100644
--- a/flake-parts/scripts/default.nix
+++ b/flake-parts/scripts/default.nix
@@ -1,6 +1,6 @@
 { flake-utils, pkgs, ... }: flake-utils.lib.eachDefaultSystem (system:
 let
-  createScript = name: runtimeInputs: scriptPath:
+  createScript = { name, runtimeInputs, scriptPath, extraWrapperFlags ? "", ... }:
     let
       script = (pkgs.writeScriptBin name (builtins.readFile scriptPath)).overrideAttrs (old: {
         buildCommand = "${old.buildCommand}\n patchShebangs $out";
@@ -10,10 +10,19 @@ let
       inherit name;
       paths = [ script ] ++ runtimeInputs;
       buildInputs = [ pkgs.makeWrapper ];
-      postBuild = "wrapProgram $out/bin/${name} --set PATH $out/bin";
+      postBuild = "wrapProgram $out/bin/${name} --set PATH $out/bin ${extraWrapperFlags}";
     };
 in
 {
-  packages.bootstrap = createScript "bootstrap" (with pkgs; [ libsecret coreutils nixos-anywhere ]) ./bootstrap.sh;
-  packages.gen-k3s-cert = createScript "create-k3s-cert" (with pkgs; [ openssl coreutils openssh yq ]) ./gen-k3s-cert.sh;
+  packages.bootstrap = createScript {
+    name = "bootstrap";
+    runtimeInputs = with pkgs; [ libsecret coreutils nixos-anywhere ];
+    scriptPath = ./bootstrap.sh;
+  };
+
+  packages.gen-k3s-cert = createScript {
+    name = "create-k3s-cert";
+    runtimeInputs = with pkgs; [ openssl coreutils openssh yq ];
+    scriptPath = ./gen-k3s-cert.sh;
+  };
 })