-
-
Notifications
You must be signed in to change notification settings - Fork 169
/
Copy pathnix-provision.sh
63 lines (49 loc) · 2.21 KB
/
nix-provision.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/usr/bin/env bash
# shellcheck shell=bash
set -o errexit
set -o pipefail
set -o xtrace
function install_packages {
# Setup Ansible on host VM
sudo apt-get update && sudo apt-get install -y software-properties-common
# Manually add GPG key with explicit keyserver
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
# Add repository and install
sudo add-apt-repository --yes ppa:ansible/ansible
sudo apt-get update
sudo apt-get install -y ansible
ansible-galaxy collection install community.general
}
function install_nix() {
sudo su -c "curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --no-confirm \
--extra-conf \"substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com\" \
--extra-conf \"trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=\" " -s /bin/bash root
. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
}
function execute_stage2_playbook {
echo "POSTGRES_MAJOR_VERSION: ${POSTGRES_MAJOR_VERSION}"
echo "GIT_SHA: ${GIT_SHA}"
sudo tee /etc/ansible/ansible.cfg <<EOF
[defaults]
callbacks_enabled = timer, profile_tasks, profile_roles
EOF
sed -i 's/- hosts: all/- hosts: localhost/' /tmp/ansible-playbook/ansible/playbook.yml
# Run Ansible playbook
export ANSIBLE_LOG_PATH=/tmp/ansible.log && export ANSIBLE_REMOTE_TEMP=/tmp
ansible-playbook /tmp/ansible-playbook/ansible/playbook.yml \
--extra-vars '{"nixpkg_mode": false, "stage2_nix": true, "debpkg_mode": false}' \
--extra-vars "git_commit_sha=${GIT_SHA}" \
--extra-vars "psql_version=psql_${POSTGRES_MAJOR_VERSION}" \
--extra-vars "postgresql_version=postgresql_${POSTGRES_MAJOR_VERSION}" \
--extra-vars "nix_secret_key=${NIX_SECRET_KEY}" \
--extra-vars "postgresql_major_version=${POSTGRES_MAJOR_VERSION}" \
$ARGS
}
function cleanup_packages {
sudo apt-get -y remove --purge ansible
sudo add-apt-repository --yes --remove ppa:ansible/ansible
}
install_packages
install_nix
execute_stage2_playbook
cleanup_packages