mynix
/
nixos-infect
mirror of https://github.com/elitak/nixos-infect.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14 from zimbatm/shellcheck 

Shellcheck
This commit is contained in:
Eric Litak 2017-04-15 12:32:07 -07:00 committed by GitHub
parent 673c70f45c 89c2c6b7f4
commit a025094b20
1 changed files with 24 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
nixos-infect
View File

@ -21,7 +21,7 @@ makeConf() {
networking.hostName = "$(hostname)"; networking.hostName = "$(hostname)";
networking.firewall.allowPing = true; networking.firewall.allowPing = true;
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [$(for key in ${keys[@]}; do echo -n " users.users.root.openssh.authorizedKeys.keys = [$(for key in "${keys[@]}"; do echo -n "
\"$key\""; done) \"$key\""; done)
]; ];
} }
@ -39,23 +39,23 @@ EOF
# XXX It'd be better if we used procfs for all this... # XXX It'd be better if we used procfs for all this...
local IFS=$'\n' local IFS=$'\n'
eth0_name=$(ip address show | grep '^2:' | awk -F': ' '{print $2}') eth0_name=$(ip address show | grep '^2:' | awk -F': ' '{print $2}')
eth0_ip4s=($(ip address show dev $eth0_name | grep 'inet ' | sed -r 's|.*inet ([0-9.]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|')) eth0_ip4s=$(ip address show dev "$eth0_name" | grep 'inet ' | sed -r 's|.*inet ([0-9.]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|')
eth0_ip6s=($(ip address show dev $eth0_name | grep 'inet6 ' | sed -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|' || '')) eth0_ip6s=$(ip address show dev "$eth0_name" | grep 'inet6 ' | sed -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|' || '')
gateway=($(ip route show dev $eth0_name | grep default | sed -r 's|default via ([0-9.]+).*|\1|')) gateway=$(ip route show dev "$eth0_name" | grep default | sed -r 's|default via ([0-9.]+).*|\1|')
ether0=($(ip address show dev $eth0_name | grep link/ether | sed -r 's|.*link/ether ([0-9a-f:]+) .*|\1|')) ether0=$(ip address show dev "$eth0_name" | grep link/ether | sed -r 's|.*link/ether ([0-9a-f:]+) .*|\1|')
eth1_name=$(ip address show | grep '^3:' | awk -F': ' '{print $2}')||true eth1_name=$(ip address show | grep '^3:' | awk -F': ' '{print $2}')||true
if [ -n "$eth1_name" ];then if [ -n "$eth1_name" ];then
eth1_ip4s=($(ip address show dev $eth1_name | grep 'inet ' | sed -r 's|.*inet ([0-9.]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|')) eth1_ip4s=$(ip address show dev "$eth1_name" | grep 'inet ' | sed -r 's|.*inet ([0-9.]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|')
eth1_ip6s=($(ip address show dev $eth1_name | grep 'inet6 ' | sed -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|' || '')) eth1_ip6s=$(ip address show dev "$eth1_name" | grep 'inet6 ' | sed -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|{ address="\1"; prefixLength=\2; }|' || '')
ether1=($(ip address show dev $eth1_name | grep link/ether | sed -r 's|.*link/ether ([0-9a-f:]+) .*|\1|')) ether1=$(ip address show dev "$eth1_name" | grep link/ether | sed -r 's|.*link/ether ([0-9a-f:]+) .*|\1|')
gateway6=($(ip -6 route show dev $eth1_name | grep default | sed -r 's|default via ([0-9a-f:]+).*|\1|' || true)) gateway6=$(ip -6 route show dev "$eth1_name" | grep default | sed -r 's|default via ([0-9a-f:]+).*|\1|' || true)
interfaces1=<< EOF interfaces1=<< EOF
$eth1_name = { $eth1_name = {
ip4 = [$(for a in ${eth1_ip4s[@]}; do echo -n " ip4 = [$(for a in "${eth1_ip4s[@]}"; do echo -n "
$a"; done) $a"; done)
]; ];
ip6 = [$(for a in ${eth1_ip6s[@]}; do echo -n " ip6 = [$(for a in "${eth1_ip6s[@]}"; do echo -n "
$a"; done) $a"; done)
]; ];
EOF EOF
@ -72,17 +72,17 @@ EOF
# This file was populated at runtime with the networking # This file was populated at runtime with the networking
# details gathered from the active system. # details gathered from the active system.
networking = { networking = {
nameservers = [$(for a in ${nameservers[@]}; do echo -n " nameservers = [$(for a in "${nameservers[@]}"; do echo -n "
\"$a\""; done) \"$a\""; done)
]; ];
defaultGateway = "${gateway}"; defaultGateway = "${gateway}";
defaultGateway6 = "${gateway6}"; defaultGateway6 = "${gateway6}";
interfaces = { interfaces = {
$eth0_name = { $eth0_name = {
ip4 = [$(for a in ${eth0_ip4s[@]}; do echo -n " ip4 = [$(for a in "${eth0_ip4s[@]}"; do echo -n "
$a"; done) $a"; done)
]; ];
ip6 = [$(for a in ${eth0_ip6s[@]}; do echo -n " ip6 = [$(for a in "${eth0_ip6s[@]}"; do echo -n "
$a"; done) $a"; done)
]; ];
}; };
@ -112,18 +112,18 @@ EOF
makeSwap() { makeSwap() {
# TODO check currently available swapspace first # TODO check currently available swapspace first
swapFile=`mktemp /tmp/nixos-infect.XXXXX.swp` swapFile=$(mktemp /tmp/nixos-infect.XXXXX.swp)
dd if=/dev/zero of=$swapFile bs=1M count=$((1*1024)) dd if=/dev/zero "of=$swapFile" bs=1M count=$((1*1024))
chmod 0600 $swapFile chmod 0600 "$swapFile"
mkswap $swapFile mkswap "$swapFile"
swapon -v $swapFile swapon -v "$swapFile"
} }
removeSwap() { removeSwap() {
for swapFile in /tmp/nixos-infect.*.swp for swapFile in /tmp/nixos-infect.*.swp
do do
swapoff -v $swapFile swapoff -v "$swapFile"
rm -vf $swapFile rm -vf "$swapFile"
done done
} }
@ -163,6 +163,7 @@ prepareEnv() {
# Nix installer tries to use sudo regardless of whether we're already uid 0 # Nix installer tries to use sudo regardless of whether we're already uid 0
#which sudo || { sudo() { eval "$@"; }; export -f sudo; } #which sudo || { sudo() { eval "$@"; }; export -f sudo; }
# shellcheck disable=SC2174
mkdir -p -m 0755 /nix mkdir -p -m 0755 /nix
} }
@ -192,13 +193,14 @@ infect() {
# Add nix build users # Add nix build users
# FIXME run only if necessary, rather than defaulting true # FIXME run only if necessary, rather than defaulting true
groupadd nixbld -g 30000 || true groupadd nixbld -g 30000 || true
for i in {1..10}; do useradd -c "Nix build user $i" -d /var/empty -g nixbld -G nixbld -M -N -r -s $(which nologin) nixbld$i || true; done for i in {1..10}; do useradd -c "Nix build user $i" -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" nixbld$i || true; done
# TODO use addgroup and adduser as fallbacks # TODO use addgroup and adduser as fallbacks
#addgroup nixbld -g 30000 || true #addgroup nixbld -g 30000 || true
#for i in {1..10}; do adduser -DH -G nixbld nixbld$i || true; done #for i in {1..10}; do adduser -DH -G nixbld nixbld$i || true; done
curl https://nixos.org/nix/install | $SHELL curl https://nixos.org/nix/install | $SHELL
# shellcheck disable=SC1090
source ~/.nix-profile/etc/profile.d/nix.sh source ~/.nix-profile/etc/profile.d/nix.sh
[[ -z "$NIX_CHANNEL" ]] && NIX_CHANNEL="nixos-17.03" [[ -z "$NIX_CHANNEL" ]] && NIX_CHANNEL="nixos-17.03"