Prepare v0.1.0

2025-04-09 16:08:16 +02:00 · 2025-04-09 16:08:16 +02:00 · 851f1b1344
commit 851f1b1344
parent 171e9dd89e
6 changed files with 451 additions and 18 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +0,0 @@
-config.json
--- a/flake.lock
+++ b/flake.lock
@ -75,6 +75,9 @@
    "root": {
      "inputs": {
        "base-config": "base-config",
+        "deploy-rs": [
+          "nixpkgs"
+        ],
        "disko": "disko",
        "nixpkgs": [
          "base-config",
--- a/flake.nix
+++ b/flake.nix
@ -14,20 +14,27 @@
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+    deploy-rs = {
+      url = "github:serokell/deploy-rs";
+      follows = "nixpkgs";
+    };
  };

  outputs = {
    self,
    base-config,
+    deploy-rs,
    nixpkgs,
    ...
-  } @ inputs: {
+  } @ inputs: let
+    jsonConfig = builtins.fromJSON (builtins.readFile ./config.json);
+  in {
    nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      modules = [
        (base-config.nixosModules.default {
          tier = "starter";
-          jsonConfig = builtins.fromJSON (builtins.readFile ./config.json);
+          inherit jsonConfig;
        }) # Pass tier here
        inputs.disko.nixosModules.disko
        ./configuration.nix
@ -36,5 +43,16 @@
        inherit self;
      };
    };
+    deploy.nodes.nixos = {
+      hostname = "self-host-playbook";
+      profiles.system = {
+        sshUser = jsonConfig.username;
+        user = "root";
+        interactiveSudo = true;
+        path =
+          deploy-rs.lib.x86_64-linux.activate.nixos
+          self.nixosConfigurations.nixos;
+      };
+    };
  };
 }
--- a/install.sh
+++ b/install.sh
@ -13,14 +13,23 @@ fi
 if [ -z "${INSIDE_NIX_SHELL+x}" ]; then
    export NIX_CONFIG="experimental-features = nix-command flakes"
    export INSIDE_NIX_SHELL=1
-    exec nix shell nixpkgs#git nixpkgs#mkpasswd --command bash "$0"
+    exec nix shell nixpkgs#git nixpkgs#mkpasswd nixpkgs#jq --command bash "$0"
 fi

-# Function to setup from template
-setup_from_template() {
-    local TEMPLATE=starter
-    local DIR_NAME="self-host-playbook"
+# Check directory situation and handle navigation
+DIR_NAME="self-host-playbook"
+CURRENT_DIR=$(basename "$(pwd)")

+if [ "$CURRENT_DIR" = "$DIR_NAME" ]; then
+    echo "📂 Already in $DIR_NAME directory"
+    echo "⚠️  Warning: Proceeding will overwrite the current version!"
+    read -p "Do you want to continue? (y/N) " -n 1 -r
+    echo
+    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+        echo "❌ Operation cancelled"
+        exit 1
+    fi
+else
    if [ -d "$DIR_NAME" ]; then
        echo "📂 Directory '$DIR_NAME' already exists"
        read -p "Do you want to proceed in the existing directory? (y/N) " -n 1 -r
@ -32,17 +41,78 @@ setup_from_template() {
            exit 1
        fi
    else
-        echo "🔄 Creating new self-host-playbook configuration from template..."
-        nix flake new --template "git+https://code.m3tam3re.com/m3tam3re/self-host-playbook#${TEMPLATE}" "$DIR_NAME"
+        echo "🔄 Creating new self-host-playbook configuration..."
+        mkdir -p "$DIR_NAME"
        cd "$DIR_NAME"
    fi
+fi
+
+get_latest_version() {
+    local LATEST_VERSION
+
+    latest_version=$(curl -s "https://code.m3tam3re.com/api/v1/repos/m3tam3re/self-host-playbook/tags" | jq -r '.[] | select(.name | startswith("v")) | .name' | sort -V | tail -n1)
+
+    if [ -z "$latest_version" ]; then
+        echo "❌ Error: Could not fetch latest version from repository"
+        exit 1
+    fi
+
+    # Remove 'v' prefix if present and return
+    echo "${latest_version#v}"
+}
+
+setup_latest_version() {
+    local target_version=$1
+    local dir_name=$2
+
+    echo "⬇️ Downloading version $target_version..."
+
+    TEMP_DIR=$(mktemp -d)
+    trap 'rm -rf "$TEMP_DIR"' EXIT
+
+    # Create a subdirectory for the clone
+    CLONE_DIR="${TEMP_DIR}/clone"
+    mkdir -p "$CLONE_DIR"
+
+    # Clone to temporary directory with --quiet flag
+    if ! nix flake clone --quiet "git+https://code.m3tam3re.com/m3tam3re/self-host-playbook?ref=v${target_version}" --dest "$CLONE_DIR" 2>/dev/null; then
+        echo "❌ Failed to clone repository"
+        return 1
+    fi
+
+    # Copy files from clone to target directory
+    cp -r "$CLONE_DIR"/* "$dir_name/"
+
+    return 0
+}
+
+# Function to setup from template
+setup_from_template() {
+    # Create backup if directory is not empty
+    if [ -n "$(ls -A)" ]; then
+        local CURRENT_VERSION=$(date +%Y%m%d_%H%M%S)
+        local backup_dir="backup_${CURRENT_VERSION}_$(date +%Y%m%d_%H%M%S)"
+        echo "📑 Creating backup in $backup_dir..."
+        mkdir -p "$backup_dir"
+        find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec cp -r {} "$backup_dir/" \;
+        echo "✅ Backup created successfully"
+
+        # Clean current directory except backup
+        echo "🗑️ Cleaning current directory..."
+        find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec rm -rf {} \;
+    fi
+
+    # Get and setup latest version
+    local LATEST_VERSION=$(get_latest_version)
+    echo "⬇️ Setting up version $LATEST_VERSION..."
+    setup_latest_version "$LATEST_VERSION" "."
 }

 # Function to generate SSH key
 generate_ssh_key() {
    local KEY_NAME="self-host-playbook"
    local KEY_PATH="$HOME/.ssh/${KEY_NAME}"
-
+W
    if [ ! -f "$KEY_PATH" ]; then
        mkdir -p "$HOME/.ssh"
        echo "🔑 Generating new SSH key pair..." >&2
@ -122,6 +192,58 @@ get_device_name() {
    esac
 }

+setup_ssh_config() {
+    local username=$1
+    local ip_address=$2
+    local ssh_config_dir="$HOME/.ssh"
+    local ssh_config_file="$ssh_config_dir/config"
+    local ssh_key_file="$ssh_config_dir/self-host-playbook"
+
+    # Create .ssh directory if it doesn't exist
+    mkdir -p "$ssh_config_dir"
+    chmod 700 "$ssh_config_dir"
+
+    # Create or append to SSH config
+    local config_entry="Host self-host-playbook
+    HostName $ip_address
+    User $username
+    IdentityFile $ssh_key_file"
+
+    # Check if entry already exists
+    if ! grep -q "Host self-host-playbook" "$ssh_config_file" 2>/dev/null; then
+        echo -e "\n$config_entry" >> "$ssh_config_file"
+        echo "✅ Added SSH config entry"
+    else
+        # Update existing entry
+        sed -i.bak "/Host self-host-playbook/,/IdentityFile.*/{
+            s/HostName.*/HostName $ip_address/
+            s/User.*/User $username/
+        }" "$ssh_config_file"
+        echo "✅ Updated existing SSH config entry"
+    fi
+
+    # Set appropriate permissions
+    chmod 600 "$ssh_config_file"
+}
+
+install_deploy_rs() {
+    echo "🔧 Installing deploy-rs to user environment..."
+
+    # Check if deploy is already installed
+    if command -v deploy >/dev/null 2>&1; then
+        echo "ℹ️ deploy-rs is already installed"
+        return 0
+    fi
+
+    # Install deploy-rs using nix profile
+    if nix profile install 'github:serokell/deploy-rs'; then
+        echo "✅ deploy-rs installed successfully"
+    else
+        echo "❌ Failed to install deploy-rs"
+        return 1
+    fi
+}
+
 echo "🚀 Welcome to the Self-Host Playbook!"
 echo "================================================"
 echo "This script will help you manage your NixOS server with:"
@ -155,11 +277,11 @@ read -p "Press ENTER to continue or CTRL + C to abort..."
 echo ""
 echo "📝 Please provide the following information:"
 echo "-------------------------------------------"
-read -p "1. Enter target server IP address: " SERVER_IP
+read -p "1. Enter target server IP address: " IP_ADDRESS
 read -p "2. Enter desired username for server access: " USERNAME
 read -s -p "3. Enter desired password: " PASSWORD
 echo
-echo "4. Enter domain names for services (must point to $SERVER_IP):"
+echo "4. Enter domain names for services (must point to $IP_ADDRESS):"
 read -p "   - Domain for Portainer: " PORTAINER_DOMAIN
 read -p "   - Domain for n8n: " N8N_DOMAIN
 read -p "   - Domain for Baserow: " BASEROW_DOMAIN
@ -173,10 +295,10 @@ read -p "Enter your choice (1-2): " KEY_CHOICE

 case $KEY_CHOICE in
    1)
-        INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server root@$SERVER_IP"
+        INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server root@$IP_ADDRESS"
        ;;
    2)
-        INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server -i $SSH_KEY_PATH root@$SERVER_IP"
+        INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server -i $SSH_KEY_PATH root@$IP_ADDRESS"
        ;;
    *)
        echo "❌ Invalid choice"
@ -264,7 +386,8 @@ cat > config.json << EOF
    "n8n": "$N8N_DOMAIN",
    "baserow": "$BASEROW_DOMAIN"
  },
-  "rootDevice": "$DEVICE_NAME"
+  "rootDevice": "$DEVICE_NAME",
+  "ipAddress": "$IP_ADDRESS"
 }
 EOF

@ -292,6 +415,8 @@ echo "This process might take several minutes..."

 # Run nixos-anywhere installation
 $INSTALL_COMMAND && {
+    echo "🔧 Setting up SSH configuration..."
+    setup_ssh_config "$USERNAME" "$IP_ADDRESS"
    echo
    echo "🎉 Installation completed successfully!"
    echo "=====================================>"
@ -301,7 +426,9 @@ $INSTALL_COMMAND && {
    echo "- Baserow: https://$BASEROW_DOMAIN"
    echo
    echo "To connect to your server, use:"
-    echo "ssh -i $SSH_KEY_PATH -p 2222 $USERNAME@$SERVER_IP"
+    echo "ssh self-host-playbook"
+    echo
+    install_deploy_rs
    echo
    echo "⚠️  Important: Please save your SSH key path: $SSH_KEY_PATH"
    echo "=====================================>"
--- a/update.sh
+++ b/update.sh
@ -0,0 +1,280 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+# Ensure we're in a flakes-enabled environment with required tools
+if ! command -v nix &> /dev/null; then
+    echo "❌ Nix is not installed. Please install Nix first:"
+    echo "curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install"
+    exit 1
+fi
+
+# Check if we need to enter a new shell
+if [ -z "${INSIDE_NIX_SHELL+x}" ]; then
+    export NIX_CONFIG="experimental-features = nix-command flakes"
+    export INSIDE_NIX_SHELL=1
+    exec nix shell nixpkgs#git nixpkgs#jq --command bash "$0"
+fi
+
+get_current_version() {
+    local version_file=$1
+    if [ -f "$version_file" ]; then
+        jq -r '.version' "$version_file"
+    else
+        echo "0.0.0"
+    fi
+}
+
+get_latest_version() {
+    local LATEST_VERSION
+
+    latest_version=$(curl -s "https://code.m3tam3re.com/api/v1/repos/m3tam3re/self-host-playbook/tags" | jq -r '.[] | select(.name | startswith("v")) | .name' | sort -V | tail -n1)
+
+    if [ -z "$latest_version" ]; then
+        echo "❌ Error: Could not fetch latest version from repository"
+        exit 1
+    fi
+
+    # Remove 'v' prefix if present and return
+    echo "${latest_version#v}"
+}
+
+check_compatibility() {
+    local current_version=$1
+    local target_version=$2
+    local version_file=$3
+
+    # Special case for initial install
+    if [ "$current_version" = "0.0.0" ]; then
+        echo "ℹ️ First time upgrade detected - proceeding with upgrade"
+        return 0
+    fi
+
+    local min_compatible_version
+    min_compatible_version=$(curl -s "https://code.m3tam3re.com/m3tam3re/self-host-playbook/raw/branch/develop/v${target_version}/$version_file" | jq -r '.minCompatibleVersion')
+
+    if version_lt "$current_version" "$min_compatible_version"; then
+        echo "❌ Your current version ($current_version) is too old for direct upgrade."
+        echo "Please upgrade to version $min_compatible_version first."
+        return 1
+    fi
+    return 0
+}
+
+# Show changelog - modified to use version file parameter
+show_changelog() {
+    local current_version=$1
+    local target_version=$2
+    local version_file=$3
+
+    echo "📋 Changelog from $current_version to $target_version:"
+    echo "------------------------------------------------"
+
+    local changelog
+    changelog=$(curl -s "https://code.m3tam3re.com/m3tam3re/self-host-playbook/raw/branch/develop/v${target_version}/$version_file" | jq -r '.changelog')
+
+    # Process each version once, then all its changes
+    echo "$changelog" | jq -r --arg cv "$current_version" --arg tv "$target_version" '
+        to_entries[]
+        | select(.key > $cv and .key <= $tv)
+        | "\(.key):\n" + (.value | map("  - " + .) | join("\n"))
+    ' 2>/dev/null
+
+    echo "------------------------------------------------"
+}
+
+perform_update() {
+    local target_version=$1
+    local backup_dir=$2
+    echo "⬇️ Downloading version $target_version..."
+
+    TEMP_DIR=$(mktemp -d)
+    trap 'rm -rf "$TEMP_DIR"' EXIT
+
+    # Create a subdirectory for the clone
+    CLONE_DIR="${TEMP_DIR}/clone"
+    mkdir -p "$CLONE_DIR"
+
+    # Clone to temporary directory with --quiet flag
+    if ! nix flake clone --quiet "git+https://code.m3tam3re.com/m3tam3re/self-host-playbook?ref=v${target_version}" --dest "$CLONE_DIR" 2>/dev/null; then
+        echo "❌ Failed to clone repository"
+        return 1
+    fi
+
+    # Remove current directory contents except backup
+    echo "🗑️ Cleaning current directory..."
+    find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec rm -rf {} +
+
+    # Copy new version from clone
+    echo "📋 Installing new version..."
+    cp -r "$CLONE_DIR"/* .
+
+    # Restore configuration files from backup
+    echo "🔄 Restoring configuration files..."
+    cp -r "${backup_dir}/config.json" \
+          "${backup_dir}/env" . 2>/dev/null || true
+
+
+    return 0
+}
+
+setup_ssh_config() {
+    local username=$1
+    local ip_address=$2
+    local ssh_config_dir="$HOME/.ssh"
+    local ssh_config_file="$ssh_config_dir/config"
+    local ssh_key_file="$ssh_config_dir/self-host-playbook"
+
+    # Create .ssh directory if it doesn't exist
+    mkdir -p "$ssh_config_dir"
+    chmod 700 "$ssh_config_dir"
+
+    # Create or append to SSH config
+    local config_entry="Host self-host-playbook
+    HostName $ip_address
+    User $username
+    IdentityFile $ssh_key_file"
+
+    # Check if entry already exists
+    if ! grep -q "Host self-host-playbook" "$ssh_config_file" 2>/dev/null; then
+        echo -e "\n$config_entry" >> "$ssh_config_file"
+        echo "✅ Added SSH config entry"
+    else
+        # Update existing entry
+        sed -i.bak "/Host self-host-playbook/,/IdentityFile.*/{
+            s/HostName.*/HostName $ip_address/
+            s/User.*/User $username/
+        }" "$ssh_config_file"
+        echo "✅ Updated existing SSH config entry"
+    fi
+
+    # Set appropriate permissions
+    chmod 600 "$ssh_config_file"
+}
+
+update_config_json() {
+    local ip_address=$1
+    local config_file="config.json"
+
+    # Read existing config
+    local config
+    config=$(cat "$config_file")
+
+    # Update or add ipAddress field
+    if jq -e '.ipAddress' "$config_file" >/dev/null 2>&1; then
+        config=$(echo "$config" | jq --arg ip "$ip_address" '.ipAddress = $ip')
+    else
+        config=$(echo "$config" | jq --arg ip "$ip_address" '. + {ipAddress: $ip}')
+    fi
+
+    # Write back to file
+    echo "$config" | jq '.' > "$config_file"
+    echo "✅ Updated IP address in config.json"
+}
+
+install_deploy_rs() {
+    echo "🔧 Installing deploy-rs to user environment..."
+
+    # Check if deploy is already installed
+    if command -v deploy >/dev/null 2>&1; then
+        echo "ℹ️ deploy-rs is already installed"
+        return 0
+    fi
+
+    # Install deploy-rs using nix profile
+    if nix profile install 'github:serokell/deploy-rs'; then
+        echo "✅ deploy-rs installed successfully"
+    else
+        echo "❌ Failed to install deploy-rs"
+        return 1
+    fi
+}
+
+
+# Main script
+echo "🔄 Self-Host Playbook Update Assistant"
+echo "======================================"
+
+# Check if we're in the right directory
+if [ ! -f "config.json" ]; then
+    echo "❌ Error: config.json not found. Please run this script in your self-host-playbook directory."
+    exit 1
+fi
+
+USERNAME=$(jq -r '.username' config.json)
+IP_ADDRESS=$(jq -r '.ipAddress // empty' config.json)
+
+if [ -z "$USERNAME" ]; then
+    echo "❌ Error: Could not read username from config.json"
+    exit 1
+fi
+
+# If IP address is not in config.json, prompt for it
+if [ -z "$IP_ADDRESS" ]; then
+    echo "ℹ️ No IP address found in config.json"
+    read -p "Enter the IP address of your server: " IP_ADDRESS
+
+    # Validate IP address format
+    if ! [[ $IP_ADDRESS =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+        echo "❌ Error: Invalid IP address format"
+        exit 1
+    fi
+
+    # Update config.json with the new IP address
+    update_config_json "$IP_ADDRESS"
+fi
+
+VERSION_FILE="version.json"
+CURRENT_VERSION=$(get_current_version "$VERSION_FILE")
+LATEST_VERSION=$(get_latest_version)
+
+echo "Current version: $CURRENT_VERSION"
+echo "Latest version:  $LATEST_VERSION"
+echo
+
+if [ "$CURRENT_VERSION" = "$LATEST_VERSION" ]; then
+    echo "✅ You are already on the latest version!"
+    exit 0
+fi
+
+if ! check_compatibility "$CURRENT_VERSION" "$LATEST_VERSION" "$VERSION_FILE"; then
+    exit 1
+fi
+
+show_changelog "$CURRENT_VERSION" "$LATEST_VERSION" "$VERSION_FILE"
+
+echo
+read -p "Do you want to update to version $LATEST_VERSION? (y/N) " -n 1 -r
+echo
+
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    # Create backup
+    backup_dir="backup_${CURRENT_VERSION}_$(date +%Y%m%d_%H%M%S)"
+    echo "📑 Creating backup in $backup_dir..."
+    mkdir -p "$backup_dir"
+    find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec cp -r {} "$backup_dir/" \;
+
+
+    # Perform update
+    if perform_update "$LATEST_VERSION" "$backup_dir"; then
+        echo
+        echo "✅ Update completed successfully!"
+        # Setup SSH configuration
+        echo
+        echo "🔧 Setting up SSH configuration..."
+        setup_ssh_config "$USERNAME" "$IP_ADDRESS"
+        echo
+        install_deploy_rs
+        echo
+        echo "To apply the changes, run:"
+        echo "sudo nixos-rebuild switch"
+        echo
+        echo "If you encounter any issues, your backup is available in $backup_dir"
+    else
+        echo "❌ Update failed. Your backup is available in $backup_dir"
+        exit 1
+    fi
+else
+    echo "Update cancelled."
+    exit 1
+fi
--- a/version.json
+++ b/version.json
@ -3,6 +3,12 @@
  "minCompatibleVersion": "0.0.0",
  "updateUrl": "https://code.m3tam3re.com/m3tam3re/self-host-playbook",
  "changelog": {
-    "0.1.0": ["Management CLI", "Flake rework"]
+    "0.1.0": [
+      "Added a management CLI for easily adding custom services.",
+      "Automated server updates / security patches daily.",
+      "Structural rework for easier upgrades.",
+      "Install Script Optimizations",
+      "Update Script"
+    ]
  }
 }