package boostrap program

remove devShell

.envrc

@@ -1 +0,0 @@
-use_flake

README.md

@@ -17,8 +17,6 @@ Currently, our three main machines and all virtual machines run NixOS!
 
 1. Install the Nix package manager or NixOS ([link](https://nixos.org/download))
 2. Enable flake and nix commands ([link](https://nixos.wiki/wiki/Flakes#Enable_flakes_permanently_in_NixOS))
-3. Install Direnv ([link](https://direnv.net/))
-4. Allow direnv for this repository: `direnv allow`
 
 ### Bootstrapping
 
@@ -30,12 +28,12 @@ Additionally, it deploys an age identity, which is later used for decrypting sec
 
 1. Make sure your have a [Secret service](https://www.gnu.org/software/emacs/manual/html_node/auth/Secret-Service-API.html) running (such as Keepassxc) that provides the age identity.
 2. Ensure you have root SSH access to the server.
-3. Run nixos-anywhere: `./bootstrap.sh <servername> <hostname>`
+3. Run nixos-anywhere: `nix run .#bootstrap <servername> <hostname>`
 
 ### Deployment
 
-To deploy all servers at once: `deploy -k`
-To deploy only one server: `deploy -k --targets .#<host>`
+To deploy all servers at once: `nix run .#deploy -- -k`
+To deploy only one server: `nix run.#deploy -- -k --targets .#<host>`
 
 ## Known bugs
 
@@ -43,5 +41,5 @@ When deploying a new virtiofs share, the error `Failed to connect to '<name>.soc
 This seems to be a bug in `microvm.nix` and I opened a bug report [here](https://github.com/astro/microvm.nix/issues/200).
 A workaround is to deploy the share without `deploy-rs`'s rollback feature enabled:
 ```
-deploy -k --targets .#lewis --auto-rollback false --magic-rollback false
+nix run .#deploy -- -k --targets .#<host> --auto-rollback false --magic-rollback false
 ```

bootstrap.sh

@@ -1,4 +1,5 @@
 #!/usr/bin/env bash
+
 set -euo pipefail
 IFS=$'\n\t'
 
@@ -42,4 +43,4 @@ secret-tool lookup age-identity "$servername" > "$temp/etc/age_ed25519"
 chmod 600 "$temp/etc/age_ed25519"
 
 # Install NixOS to the host system with our age identity
-nix run github:numtide/nixos-anywhere -- --extra-files "$temp" --flake ".#${servername}" "root@${hostname}"
+nixos-anywhere --extra-files "$temp" --flake ".#${servername}" "root@${hostname}"

flake.nix

@@ -1,3 +1,5 @@
+# TODO: good way to improve flake design: https://gist.github.com/lucperkins/437600b6aaaf0e1e8f91fb22fe421234
+# Good tutorial for multiple architectures
 {
   description = "NixOS definitions for our physical servers";
 
@@ -105,5 +107,25 @@
           })
         )
         deploy-rs.lib;
+
+      packages.${controllerArch}.bootstrap =
+        let
+          name = "bootstrap";
+          buildInputs = with pkgs; [ libsecret coreutils pkgs-unstable.nixos-anywhere ];
+          script = (pkgs.writeScriptBin name (builtins.readFile ./bootstrap.sh)).overrideAttrs (old: {
+            buildCommand = "${old.buildCommand}\n patchShebangs $out";
+          });
+        in
+        pkgs.symlinkJoin {
+          inherit name;
+          paths = [ script ] ++ buildInputs;
+          buildInputs = [ pkgs.makeWrapper ];
+          postBuild = "wrapProgram $out/bin/${name} --set PATH $out/bin";
+        };
+
+      apps.${controllerArch}.deploy = {
+        type = "app";
+        program = "${pkgs-unstable.deploy-rs}/bin/deploy";
+      };
     };
 }