From be193a20572a72a15ffb569aba8eb56fe881c842 Mon Sep 17 00:00:00 2001 From: V Date: Sat, 29 Aug 2020 09:54:02 +0200 Subject: nixos-rebuild: make 'edit' work with directories $NIXOS_CONFIG can be set to a directory, in which case the file used is $NIXOS_CONFIG/default.nix. This updates 'nixos-rebuild edit' to handle that case correctly. --- nixos/modules/installer/tools/nixos-rebuild.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index 437199bae1d..e79cc5e24fb 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -288,6 +288,9 @@ fi if [ "$action" = edit ]; then if [[ -z $flake ]]; then NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} + if [[ -d $NIXOS_CONFIG ]]; then + NIXOS_CONFIG=$NIXOS_CONFIG/default.nix + fi exec "${EDITOR:-nano}" "$NIXOS_CONFIG" else exec nix edit "${lockFlags[@]}" -- "$flake#$flakeAttr" -- cgit 1.4.1 From e08bcdbec3265f701c175ae5ac9d813e10cad292 Mon Sep 17 00:00:00 2001 From: V Date: Sat, 29 Aug 2020 09:54:14 +0200 Subject: nixos-rebuild: don't quote $EDITOR $EDITOR is allowed to contain flags, so it is important to allow the shell to split this normally. For example, Sublime Text needs to be passed --wait, since otherwise it will daemonise. --- nixos/modules/installer/tools/nixos-rebuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index e79cc5e24fb..ed9c2509b6b 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -291,7 +291,7 @@ if [ "$action" = edit ]; then if [[ -d $NIXOS_CONFIG ]]; then NIXOS_CONFIG=$NIXOS_CONFIG/default.nix fi - exec "${EDITOR:-nano}" "$NIXOS_CONFIG" + exec ${EDITOR:-nano} "$NIXOS_CONFIG" else exec nix edit "${lockFlags[@]}" -- "$flake#$flakeAttr" fi -- cgit 1.4.1 From c6a3a0f4f59bc6b2cc24aa1f4d6572906c95e9b9 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 4 Sep 2020 06:53:00 +0200 Subject: nixos-rebuild: do not depend on nix.conf to activate flakes --- nixos/doc/manual/man-nixos-rebuild.xml | 2 +- nixos/modules/installer/tools/nixos-rebuild.sh | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index f70f08a0f8a..7dab5c69dfb 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -521,7 +521,7 @@ - flake-uri[name] + flake-uri#name diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index 354274478a3..a139387479b 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -17,6 +17,7 @@ showSyntax() { origArgs=("$@") extraBuildFlags=() lockFlags=() +flakeFlags=() action= buildNix=1 fast= @@ -99,6 +100,7 @@ while [ "$#" -gt 0 ]; do ;; --flake) flake="$1" + flakeFlags=(--experimental-features 'nix-command flakes') shift 1 ;; --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) @@ -281,7 +283,7 @@ fi # Resolve the flake. if [[ -n $flake ]]; then - flake=$(nix flake info --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) + flake=$(nix "${flakeFlags[@]}" flake info --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) fi # Find configuration.nix and open editor instead of building. @@ -290,7 +292,7 @@ if [ "$action" = edit ]; then NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} exec "${EDITOR:-nano}" "$NIXOS_CONFIG" else - exec nix edit "${lockFlags[@]}" -- "$flake#$flakeAttr" + exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" fi exit 1 fi @@ -416,7 +418,7 @@ if [ -z "$rollback" ]; then pathToConfig="$(nixBuild '' --no-out-link -A system "${extraBuildFlags[@]}")" else outLink=$tmpDir/result - nix build "$flake#$flakeAttr.config.system.build.toplevel" \ + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" \ "${extraBuildFlags[@]}" "${lockFlags[@]}" --out-link $outLink pathToConfig="$(readlink -f $outLink)" fi @@ -426,7 +428,7 @@ if [ -z "$rollback" ]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '' -A system -k "${extraBuildFlags[@]}")" else - nix build "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}" + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}" pathToConfig="$(readlink -f ./result)" fi elif [ "$action" = build-vm ]; then -- cgit 1.4.1 From e26b348689f64832dee634dea20f4bbf76340aed Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Thu, 10 Sep 2020 23:12:58 -0700 Subject: nixos-rebuild: add flake support for build-vm This relies on users using `nixpkgs.lib.nixosSystem` to define their system; otherwise, the `vm` and `vmWithBootLoader` attributes will not exist. --- flake.nix | 26 +++++++++++++++++++++++--- nixos/modules/installer/tools/nixos-rebuild.sh | 10 ++++++---- 2 files changed, 29 insertions(+), 7 deletions(-) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/flake.nix b/flake.nix index e7c04417ac8..8440c460b16 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,6 @@ outputs = { self }: let - jobs = import ./pkgs/top-level/release.nix { nixpkgs = self; }; @@ -28,10 +27,31 @@ lib = lib.extend (final: prev: { nixosSystem = { modules, ... } @ args: import ./nixos/lib/eval-config.nix (args // { - modules = modules ++ - [ { system.nixos.versionSuffix = + modules = + let + vmConfig = (import ./nixos/lib/eval-config.nix + (args // { + modules = modules ++ [ ./nixos/modules/virtualisation/qemu-vm.nix ]; + })).config; + + vmWithBootLoaderConfig = (import ./nixos/lib/eval-config.nix + (args // { + modules = modules ++ [ + ./nixos/modules/virtualisation/qemu-vm.nix + { virtualisation.useBootLoader = true; } + ]; + })).config; + in + modules ++ [ + { + system.nixos.versionSuffix = ".${final.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}"; system.nixos.revision = final.mkIf (self ? rev) self.rev; + + system.build = { + vm = vmConfig.system.build.vm; + vmWithBootLoader = vmWithBootLoaderConfig.system.build.vm; + }; } ]; }); diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index ad40fd2811d..909e8b229c8 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -438,15 +438,17 @@ if [ -z "$rollback" ]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '' -A vm -k "${extraBuildFlags[@]}")" else - echo "$0: 'build-vm' is not supported with '--flake'" >&2 - exit 1 + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vm" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" + pathToConfig="$(readlink -f ./result)" fi elif [ "$action" = build-vm-with-bootloader ]; then if [[ -z $flake ]]; then pathToConfig="$(nixBuild '' -A vmWithBootLoader -k "${extraBuildFlags[@]}")" else - echo "$0: 'build-vm-with-bootloader' is not supported with '--flake'" >&2 - exit 1 + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vmWithBootLoader" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" + pathToConfig="$(readlink -f ./result)" fi else showSyntax -- cgit 1.4.1 From d9a93852d4edbf875e71598416cd3e04654faba0 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 25 Sep 2020 11:22:11 -0400 Subject: nixos-rebuild: support --upgrade-all and document --upgrade (#83327) --- nixos/doc/manual/man-nixos-rebuild.xml | 34 +++++++++++++++++++++----- nixos/modules/installer/tools/nixos-rebuild.sh | 24 +++++++++++++----- 2 files changed, 46 insertions(+), 12 deletions(-) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index 7dab5c69dfb..1fd3a1c5664 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -52,10 +52,18 @@ - - - - + + + + + + + + + + + + @@ -334,9 +342,23 @@ + + + - - Fetch the latest version of NixOS from the NixOS channel. + + Update the root user's channel named nixos + before rebuilding the system. + + + In addition to the nixos channel, the root + user's channels which have a file named + .update-on-nixos-rebuild in their base + directory will also be updated. + + + Passing updates all of the root + user's channels. diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index 909e8b229c8..08813d17ff9 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -23,6 +23,7 @@ buildNix=1 fast= rollback= upgrade= +upgrade_all= repair= profile=/nix/var/nix/profiles/system buildHost= @@ -55,6 +56,10 @@ while [ "$#" -gt 0 ]; do --upgrade) upgrade=1 ;; + --upgrade-all) + upgrade=1 + upgrade_all=1 + ;; --repair) repair=1 extraBuildFlags+=("$i") @@ -223,15 +228,22 @@ if [ "$action" = switch -o "$action" = boot -o "$action" = test ]; then fi -# If ‘--upgrade’ is given, run ‘nix-channel --update nixos’. +# If ‘--upgrade’ or `--upgrade-all` is given, +# run ‘nix-channel --update nixos’. if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then - nix-channel --update nixos + # If --upgrade-all is passed, or there are other channels that + # contain a file called ".update-on-nixos-rebuild", update them as + # well. Also upgrade the nixos channel. - # If there are other channels that contain a file called - # ".update-on-nixos-rebuild", update them as well. for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do - if [ -e "$channelpath/.update-on-nixos-rebuild" ]; then - nix-channel --update "$(basename "$channelpath")" + channel_name=$(basename "$channelpath") + + if [[ "$channel_name" == "nixos" ]]; then + nix-channel --update "$channel_name" + elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then + nix-channel --update "$channel_name" + elif [[ -n $upgrade_all ]] ; then + nix-channel --update "$channel_name" fi done fi -- cgit 1.4.1 From 1343164249a4caaf6f7c982f6e768539b33ddb0c Mon Sep 17 00:00:00 2001 From: WORLDofPEACE Date: Mon, 28 Sep 2020 06:15:45 -0400 Subject: nixos-rebuild: add impure --- nixos/modules/installer/tools/nixos-rebuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh index 08813d17ff9..e452e24d263 100644 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ b/nixos/modules/installer/tools/nixos-rebuild.sh @@ -68,7 +68,7 @@ while [ "$#" -gt 0 ]; do j="$1"; shift 1 extraBuildFlags+=("$i" "$j") ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net) + --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net|--impure) extraBuildFlags+=("$i") ;; --option) -- cgit 1.4.1 From c32f5b22f1c680a65f3ae63cf14dfed6b967e675 Mon Sep 17 00:00:00 2001 From: Domen Kožar Date: Fri, 15 Jan 2021 20:03:07 +0100 Subject: move nixos-rebuild into pkgs --- nixos/modules/installer/tools/nixos-rebuild.sh | 506 --------------------- nixos/modules/installer/tools/tools.nix | 12 +- pkgs/os-specific/linux/nixos-rebuild/default.nix | 14 + .../linux/nixos-rebuild/nixos-rebuild.sh | 506 +++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 5 files changed, 523 insertions(+), 517 deletions(-) delete mode 100644 nixos/modules/installer/tools/nixos-rebuild.sh create mode 100644 pkgs/os-specific/linux/nixos-rebuild/default.nix create mode 100644 pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh (limited to 'nixos/modules/installer/tools/nixos-rebuild.sh') diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh deleted file mode 100644 index e452e24d263..00000000000 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ /dev/null @@ -1,506 +0,0 @@ -#! @runtimeShell@ - -if [ -x "@runtimeShell@" ]; then export SHELL="@runtimeShell@"; fi; - -set -e -set -o pipefail - -export PATH=@path@:$PATH - -showSyntax() { - exec man nixos-rebuild - exit 1 -} - - -# Parse the command line. -origArgs=("$@") -extraBuildFlags=() -lockFlags=() -flakeFlags=() -action= -buildNix=1 -fast= -rollback= -upgrade= -upgrade_all= -repair= -profile=/nix/var/nix/profiles/system -buildHost= -targetHost= -maybeSudo=() - -while [ "$#" -gt 0 ]; do - i="$1"; shift 1 - case "$i" in - --help) - showSyntax - ;; - switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader) - if [ "$i" = dry-run ]; then i=dry-build; fi - action="$i" - ;; - --install-grub) - echo "$0: --install-grub deprecated, use --install-bootloader instead" >&2 - export NIXOS_INSTALL_BOOTLOADER=1 - ;; - --install-bootloader) - export NIXOS_INSTALL_BOOTLOADER=1 - ;; - --no-build-nix) - buildNix= - ;; - --rollback) - rollback=1 - ;; - --upgrade) - upgrade=1 - ;; - --upgrade-all) - upgrade=1 - upgrade_all=1 - ;; - --repair) - repair=1 - extraBuildFlags+=("$i") - ;; - --max-jobs|-j|--cores|-I|--builders) - j="$1"; shift 1 - extraBuildFlags+=("$i" "$j") - ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net|--impure) - extraBuildFlags+=("$i") - ;; - --option) - j="$1"; shift 1 - k="$1"; shift 1 - extraBuildFlags+=("$i" "$j" "$k") - ;; - --fast) - buildNix= - fast=1 - extraBuildFlags+=(--show-trace) - ;; - --profile-name|-p) - if [ -z "$1" ]; then - echo "$0: ‘--profile-name’ requires an argument" - exit 1 - fi - if [ "$1" != system ]; then - profile="/nix/var/nix/profiles/system-profiles/$1" - mkdir -p -m 0755 "$(dirname "$profile")" - fi - shift 1 - ;; - --build-host|h) - buildHost="$1" - shift 1 - ;; - --target-host|t) - targetHost="$1" - shift 1 - ;; - --use-remote-sudo) - maybeSudo=(sudo --) - ;; - --flake) - flake="$1" - flakeFlags=(--experimental-features 'nix-command flakes') - shift 1 - ;; - --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) - lockFlags+=("$i") - ;; - --update-input) - j="$1"; shift 1 - lockFlags+=("$i" "$j") - ;; - --override-input) - j="$1"; shift 1 - k="$1"; shift 1 - lockFlags+=("$i" "$j" "$k") - ;; - *) - echo "$0: unknown option \`$i'" - exit 1 - ;; - esac -done - -if [ -n "$SUDO_USER" ]; then - maybeSudo=(sudo --) -fi - -if [ -z "$buildHost" -a -n "$targetHost" ]; then - buildHost="$targetHost" -fi -if [ "$targetHost" = localhost ]; then - targetHost= -fi -if [ "$buildHost" = localhost ]; then - buildHost= -fi - -buildHostCmd() { - if [ -z "$buildHost" ]; then - "$@" - elif [ -n "$remoteNix" ]; then - ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "${maybeSudo[@]}" "$@" - else - ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" - fi -} - -targetHostCmd() { - if [ -z "$targetHost" ]; then - "${maybeSudo[@]}" "$@" - else - ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@" - fi -} - -copyToTarget() { - if ! [ "$targetHost" = "$buildHost" ]; then - if [ -z "$targetHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --from "$buildHost" "$1" - elif [ -z "$buildHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$targetHost" "$1" - else - buildHostCmd nix-copy-closure --to "$targetHost" "$1" - fi - fi -} - -nixBuild() { - if [ -z "$buildHost" ]; then - nix-build "$@" - else - local instArgs=() - local buildArgs=() - - while [ "$#" -gt 0 ]; do - local i="$1"; shift 1 - case "$i" in - -o) - local out="$1"; shift 1 - buildArgs+=("--add-root" "$out" "--indirect") - ;; - -A) - local j="$1"; shift 1 - instArgs+=("$i" "$j") - ;; - -I) # We don't want this in buildArgs - shift 1 - ;; - --no-out-link) # We don't want this in buildArgs - ;; - "<"*) # nix paths - instArgs+=("$i") - ;; - *) - buildArgs+=("$i") - ;; - esac - done - - local drv="$(nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" - if [ -a "$drv" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$buildHost" "$drv" - buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" - else - echo "nix-instantiate failed" - exit 1 - fi - fi -} - - -if [ -z "$action" ]; then showSyntax; fi - -# Only run shell scripts from the Nixpkgs tree if the action is -# "switch", "boot", or "test". With other actions (such as "build"), -# the user may reasonably expect that no code from the Nixpkgs tree is -# executed, so it's safe to run nixos-rebuild against a potentially -# untrusted tree. -canRun= -if [ "$action" = switch -o "$action" = boot -o "$action" = test ]; then - canRun=1 -fi - - -# If ‘--upgrade’ or `--upgrade-all` is given, -# run ‘nix-channel --update nixos’. -if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then - # If --upgrade-all is passed, or there are other channels that - # contain a file called ".update-on-nixos-rebuild", update them as - # well. Also upgrade the nixos channel. - - for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do - channel_name=$(basename "$channelpath") - - if [[ "$channel_name" == "nixos" ]]; then - nix-channel --update "$channel_name" - elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then - nix-channel --update "$channel_name" - elif [[ -n $upgrade_all ]] ; then - nix-channel --update "$channel_name" - fi - done -fi - -# Make sure that we use the Nix package we depend on, not something -# else from the PATH for nix-{env,instantiate,build}. This is -# important, because NixOS defaults the architecture of the rebuilt -# system to the architecture of the nix-* binaries used. So if on an -# amd64 system the user has an i686 Nix package in her PATH, then we -# would silently downgrade the whole system to be i686 NixOS on the -# next reboot. -if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then - export PATH=@nix@/bin:$PATH -fi - -# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the -# actual flake. -if [[ -z $flake && -e /etc/nixos/flake.nix ]]; then - flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" -fi - -# Re-execute nixos-rebuild from the Nixpkgs tree. -# FIXME: get nixos-rebuild from $flake. -if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ]]; then - if p=$(nix-build --no-out-link --expr 'with import {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then - export _NIXOS_REBUILD_REEXEC=1 - exec $p/bin/nixos-rebuild "${origArgs[@]}" - exit 1 - fi -fi - -# For convenience, use the hostname as the default configuration to -# build from the flake. -if [[ -n $flake ]]; then - if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then - flake="${BASH_REMATCH[1]}" - flakeAttr="${BASH_REMATCH[2]}" - fi - if [[ -z $flakeAttr ]]; then - read -r hostname < /proc/sys/kernel/hostname - if [[ -z $hostname ]]; then - hostname=default - fi - flakeAttr="nixosConfigurations.\"$hostname\"" - else - flakeAttr="nixosConfigurations.\"$flakeAttr\"" - fi -fi - -# Resolve the flake. -if [[ -n $flake ]]; then - flake=$(nix "${flakeFlags[@]}" flake info --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) -fi - -# Find configuration.nix and open editor instead of building. -if [ "$action" = edit ]; then - if [[ -z $flake ]]; then - NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} - if [[ -d $NIXOS_CONFIG ]]; then - NIXOS_CONFIG=$NIXOS_CONFIG/default.nix - fi - exec ${EDITOR:-nano} "$NIXOS_CONFIG" - else - exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" - fi - exit 1 -fi - - -tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) -SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60" - -cleanup() { - for ctrl in "$tmpDir"/ssh-*; do - ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true - done - rm -rf "$tmpDir" -} -trap cleanup EXIT - - - -# If the Nix daemon is running, then use it. This allows us to use -# the latest Nix from Nixpkgs (below) for expression evaluation, while -# still using the old Nix (via the daemon) for actual store access. -# This matters if the new Nix in Nixpkgs has a schema change. It -# would upgrade the schema, which should only happen once we actually -# switch to the new configuration. -# If --repair is given, don't try to use the Nix daemon, because the -# flag can only be used directly. -if [ -z "$repair" ] && systemctl show nix-daemon.socket nix-daemon.service | grep -q ActiveState=active; then - export NIX_REMOTE=${NIX_REMOTE-daemon} -fi - - -# First build Nix, since NixOS may require a newer version than the -# current one. -if [ -n "$rollback" -o "$action" = dry-build ]; then - buildNix= -fi - -nixSystem() { - machine="$(uname -m)" - if [[ "$machine" =~ i.86 ]]; then - machine=i686 - fi - echo $machine-linux -} - -prebuiltNix() { - machine="$1" - if [ "$machine" = x86_64 ]; then - echo @nix_x86_64_linux@ - elif [[ "$machine" =~ i.86 ]]; then - echo @nix_i686_linux@ - else - echo "$0: unsupported platform" - exit 1 - fi -} - -remotePATH= - -if [[ -n $buildNix && -z $flake ]]; then - echo "building Nix..." >&2 - nixDrv= - if ! nixDrv="$(nix-instantiate '' --add-root $tmpDir/nix.drv --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then - if ! nixDrv="$(nix-instantiate '' --add-root $tmpDir/nix.drv --indirect -A nix "${extraBuildFlags[@]}")"; then - if ! nixStorePath="$(nix-instantiate --eval '' -A $(nixSystem) | sed -e 's/^"//' -e 's/"$//')"; then - nixStorePath="$(prebuiltNix "$(uname -m)")" - fi - if ! nix-store -r $nixStorePath --add-root $tmpDir/nix --indirect \ - --option extra-binary-caches https://cache.nixos.org/; then - echo "warning: don't know how to get latest Nix" >&2 - fi - # Older version of nix-store -r don't support --add-root. - [ -e $tmpDir/nix ] || ln -sf $nixStorePath $tmpDir/nix - if [ -n "$buildHost" ]; then - remoteNixStorePath="$(prebuiltNix "$(buildHostCmd uname -m)")" - remoteNix="$remoteNixStorePath/bin" - if ! buildHostCmd nix-store -r $remoteNixStorePath \ - --option extra-binary-caches https://cache.nixos.org/ >/dev/null; then - remoteNix= - echo "warning: don't know how to get latest Nix" >&2 - fi - fi - fi - fi - if [ -a "$nixDrv" ]; then - nix-store -r "$nixDrv"'!'"out" --add-root $tmpDir/nix --indirect >/dev/null - if [ -n "$buildHost" ]; then - nix-copy-closure --to "$buildHost" "$nixDrv" - # The nix build produces multiple outputs, we add them all to the remote path - for p in $(buildHostCmd nix-store -r "$(readlink "$nixDrv")" "${buildArgs[@]}"); do - remoteNix="$remoteNix${remoteNix:+:}$p/bin" - done - fi - fi - PATH="$tmpDir/nix/bin:$PATH" -fi - - -# Update the version suffix if we're building from Git (so that -# nixos-version shows something useful). -if [[ -n $canRun && -z $flake ]]; then - if nixpkgs=$(nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then - suffix=$($SHELL $nixpkgs/nixos/modules/installer/tools/get-version-suffix "${extraBuildFlags[@]}" || true) - if [ -n "$suffix" ]; then - echo -n "$suffix" > "$nixpkgs/.version-suffix" || true - fi - fi -fi - - -if [ "$action" = dry-build ]; then - extraBuildFlags+=(--dry-run) -fi - - -# Either upgrade the configuration in the system profile (for "switch" -# or "boot"), or just build it and create a symlink "result" in the -# current directory (for "build" and "test"). -if [ -z "$rollback" ]; then - echo "building the system configuration..." >&2 - if [ "$action" = switch -o "$action" = boot ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' --no-out-link -A system "${extraBuildFlags[@]}")" - else - outLink=$tmpDir/result - nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" \ - "${extraBuildFlags[@]}" "${lockFlags[@]}" --out-link $outLink - pathToConfig="$(readlink -f $outLink)" - fi - copyToTarget "$pathToConfig" - targetHostCmd nix-env -p "$profile" --set "$pathToConfig" - elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A system -k "${extraBuildFlags[@]}")" - else - nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}" - pathToConfig="$(readlink -f ./result)" - fi - elif [ "$action" = build-vm ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A vm -k "${extraBuildFlags[@]}")" - else - nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vm" \ - "${extraBuildFlags[@]}" "${lockFlags[@]}" - pathToConfig="$(readlink -f ./result)" - fi - elif [ "$action" = build-vm-with-bootloader ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '' -A vmWithBootLoader -k "${extraBuildFlags[@]}")" - else - nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vmWithBootLoader" \ - "${extraBuildFlags[@]}" "${lockFlags[@]}" - pathToConfig="$(readlink -f ./result)" - fi - else - showSyntax - fi - # Copy build to target host if we haven't already done it - if ! [ "$action" = switch -o "$action" = boot ]; then - copyToTarget "$pathToConfig" - fi -else # [ -n "$rollback" ] - if [ "$action" = switch -o "$action" = boot ]; then - targetHostCmd nix-env --rollback -p "$profile" - pathToConfig="$profile" - elif [ "$action" = test -o "$action" = build ]; then - systemNumber=$( - targetHostCmd nix-env -p "$profile" --list-generations | - sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h' - ) - pathToConfig="$profile"-${systemNumber}-link - if [ -z "$targetHost" ]; then - ln -sT "$pathToConfig" ./result - fi - else - showSyntax - fi -fi - - -# If we're not just building, then make the new configuration the boot -# default and/or activate it now. -if [ "$action" = switch -o "$action" = boot -o "$action" = test -o "$action" = dry-activate ]; then - if ! targetHostCmd $pathToConfig/bin/switch-to-configuration "$action"; then - echo "warning: error(s) occurred while switching to the new configuration" >&2 - exit 1 - fi -fi - - -if [ "$action" = build-vm ]; then - cat >&2 <&2 + export NIXOS_INSTALL_BOOTLOADER=1 + ;; + --install-bootloader) + export NIXOS_INSTALL_BOOTLOADER=1 + ;; + --no-build-nix) + buildNix= + ;; + --rollback) + rollback=1 + ;; + --upgrade) + upgrade=1 + ;; + --upgrade-all) + upgrade=1 + upgrade_all=1 + ;; + --repair) + repair=1 + extraBuildFlags+=("$i") + ;; + --max-jobs|-j|--cores|-I|--builders) + j="$1"; shift 1 + extraBuildFlags+=("$i" "$j") + ;; + --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net|--impure) + extraBuildFlags+=("$i") + ;; + --option) + j="$1"; shift 1 + k="$1"; shift 1 + extraBuildFlags+=("$i" "$j" "$k") + ;; + --fast) + buildNix= + fast=1 + extraBuildFlags+=(--show-trace) + ;; + --profile-name|-p) + if [ -z "$1" ]; then + echo "$0: ‘--profile-name’ requires an argument" + exit 1 + fi + if [ "$1" != system ]; then + profile="/nix/var/nix/profiles/system-profiles/$1" + mkdir -p -m 0755 "$(dirname "$profile")" + fi + shift 1 + ;; + --build-host|h) + buildHost="$1" + shift 1 + ;; + --target-host|t) + targetHost="$1" + shift 1 + ;; + --use-remote-sudo) + maybeSudo=(sudo --) + ;; + --flake) + flake="$1" + flakeFlags=(--experimental-features 'nix-command flakes') + shift 1 + ;; + --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) + lockFlags+=("$i") + ;; + --update-input) + j="$1"; shift 1 + lockFlags+=("$i" "$j") + ;; + --override-input) + j="$1"; shift 1 + k="$1"; shift 1 + lockFlags+=("$i" "$j" "$k") + ;; + *) + echo "$0: unknown option \`$i'" + exit 1 + ;; + esac +done + +if [ -n "$SUDO_USER" ]; then + maybeSudo=(sudo --) +fi + +if [ -z "$buildHost" -a -n "$targetHost" ]; then + buildHost="$targetHost" +fi +if [ "$targetHost" = localhost ]; then + targetHost= +fi +if [ "$buildHost" = localhost ]; then + buildHost= +fi + +buildHostCmd() { + if [ -z "$buildHost" ]; then + "$@" + elif [ -n "$remoteNix" ]; then + ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "${maybeSudo[@]}" "$@" + else + ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" + fi +} + +targetHostCmd() { + if [ -z "$targetHost" ]; then + "${maybeSudo[@]}" "$@" + else + ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@" + fi +} + +copyToTarget() { + if ! [ "$targetHost" = "$buildHost" ]; then + if [ -z "$targetHost" ]; then + NIX_SSHOPTS=$SSHOPTS nix-copy-closure --from "$buildHost" "$1" + elif [ -z "$buildHost" ]; then + NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$targetHost" "$1" + else + buildHostCmd nix-copy-closure --to "$targetHost" "$1" + fi + fi +} + +nixBuild() { + if [ -z "$buildHost" ]; then + nix-build "$@" + else + local instArgs=() + local buildArgs=() + + while [ "$#" -gt 0 ]; do + local i="$1"; shift 1 + case "$i" in + -o) + local out="$1"; shift 1 + buildArgs+=("--add-root" "$out" "--indirect") + ;; + -A) + local j="$1"; shift 1 + instArgs+=("$i" "$j") + ;; + -I) # We don't want this in buildArgs + shift 1 + ;; + --no-out-link) # We don't want this in buildArgs + ;; + "<"*) # nix paths + instArgs+=("$i") + ;; + *) + buildArgs+=("$i") + ;; + esac + done + + local drv="$(nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" + if [ -a "$drv" ]; then + NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$buildHost" "$drv" + buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" + else + echo "nix-instantiate failed" + exit 1 + fi + fi +} + + +if [ -z "$action" ]; then showSyntax; fi + +# Only run shell scripts from the Nixpkgs tree if the action is +# "switch", "boot", or "test". With other actions (such as "build"), +# the user may reasonably expect that no code from the Nixpkgs tree is +# executed, so it's safe to run nixos-rebuild against a potentially +# untrusted tree. +canRun= +if [ "$action" = switch -o "$action" = boot -o "$action" = test ]; then + canRun=1 +fi + + +# If ‘--upgrade’ or `--upgrade-all` is given, +# run ‘nix-channel --update nixos’. +if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then + # If --upgrade-all is passed, or there are other channels that + # contain a file called ".update-on-nixos-rebuild", update them as + # well. Also upgrade the nixos channel. + + for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do + channel_name=$(basename "$channelpath") + + if [[ "$channel_name" == "nixos" ]]; then + nix-channel --update "$channel_name" + elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then + nix-channel --update "$channel_name" + elif [[ -n $upgrade_all ]] ; then + nix-channel --update "$channel_name" + fi + done +fi + +# Make sure that we use the Nix package we depend on, not something +# else from the PATH for nix-{env,instantiate,build}. This is +# important, because NixOS defaults the architecture of the rebuilt +# system to the architecture of the nix-* binaries used. So if on an +# amd64 system the user has an i686 Nix package in her PATH, then we +# would silently downgrade the whole system to be i686 NixOS on the +# next reboot. +if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then + export PATH=@nix@/bin:$PATH +fi + +# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the +# actual flake. +if [[ -z $flake && -e /etc/nixos/flake.nix ]]; then + flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" +fi + +# Re-execute nixos-rebuild from the Nixpkgs tree. +# FIXME: get nixos-rebuild from $flake. +if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ]]; then + if p=$(nix-build --no-out-link --expr 'with import {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then + export _NIXOS_REBUILD_REEXEC=1 + exec $p/bin/nixos-rebuild "${origArgs[@]}" + exit 1 + fi +fi + +# For convenience, use the hostname as the default configuration to +# build from the flake. +if [[ -n $flake ]]; then + if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then + flake="${BASH_REMATCH[1]}" + flakeAttr="${BASH_REMATCH[2]}" + fi + if [[ -z $flakeAttr ]]; then + read -r hostname < /proc/sys/kernel/hostname + if [[ -z $hostname ]]; then + hostname=default + fi + flakeAttr="nixosConfigurations.\"$hostname\"" + else + flakeAttr="nixosConfigurations.\"$flakeAttr\"" + fi +fi + +# Resolve the flake. +if [[ -n $flake ]]; then + flake=$(nix "${flakeFlags[@]}" flake info --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) +fi + +# Find configuration.nix and open editor instead of building. +if [ "$action" = edit ]; then + if [[ -z $flake ]]; then + NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} + if [[ -d $NIXOS_CONFIG ]]; then + NIXOS_CONFIG=$NIXOS_CONFIG/default.nix + fi + exec ${EDITOR:-nano} "$NIXOS_CONFIG" + else + exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr" + fi + exit 1 +fi + + +tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) +SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60" + +cleanup() { + for ctrl in "$tmpDir"/ssh-*; do + ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true + done + rm -rf "$tmpDir" +} +trap cleanup EXIT + + + +# If the Nix daemon is running, then use it. This allows us to use +# the latest Nix from Nixpkgs (below) for expression evaluation, while +# still using the old Nix (via the daemon) for actual store access. +# This matters if the new Nix in Nixpkgs has a schema change. It +# would upgrade the schema, which should only happen once we actually +# switch to the new configuration. +# If --repair is given, don't try to use the Nix daemon, because the +# flag can only be used directly. +if [ -z "$repair" ] && systemctl show nix-daemon.socket nix-daemon.service | grep -q ActiveState=active; then + export NIX_REMOTE=${NIX_REMOTE-daemon} +fi + + +# First build Nix, since NixOS may require a newer version than the +# current one. +if [ -n "$rollback" -o "$action" = dry-build ]; then + buildNix= +fi + +nixSystem() { + machine="$(uname -m)" + if [[ "$machine" =~ i.86 ]]; then + machine=i686 + fi + echo $machine-linux +} + +prebuiltNix() { + machine="$1" + if [ "$machine" = x86_64 ]; then + echo @nix_x86_64_linux@ + elif [[ "$machine" =~ i.86 ]]; then + echo @nix_i686_linux@ + else + echo "$0: unsupported platform" + exit 1 + fi +} + +remotePATH= + +if [[ -n $buildNix && -z $flake ]]; then + echo "building Nix..." >&2 + nixDrv= + if ! nixDrv="$(nix-instantiate '' --add-root $tmpDir/nix.drv --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then + if ! nixDrv="$(nix-instantiate '' --add-root $tmpDir/nix.drv --indirect -A nix "${extraBuildFlags[@]}")"; then + if ! nixStorePath="$(nix-instantiate --eval '' -A $(nixSystem) | sed -e 's/^"//' -e 's/"$//')"; then + nixStorePath="$(prebuiltNix "$(uname -m)")" + fi + if ! nix-store -r $nixStorePath --add-root $tmpDir/nix --indirect \ + --option extra-binary-caches https://cache.nixos.org/; then + echo "warning: don't know how to get latest Nix" >&2 + fi + # Older version of nix-store -r don't support --add-root. + [ -e $tmpDir/nix ] || ln -sf $nixStorePath $tmpDir/nix + if [ -n "$buildHost" ]; then + remoteNixStorePath="$(prebuiltNix "$(buildHostCmd uname -m)")" + remoteNix="$remoteNixStorePath/bin" + if ! buildHostCmd nix-store -r $remoteNixStorePath \ + --option extra-binary-caches https://cache.nixos.org/ >/dev/null; then + remoteNix= + echo "warning: don't know how to get latest Nix" >&2 + fi + fi + fi + fi + if [ -a "$nixDrv" ]; then + nix-store -r "$nixDrv"'!'"out" --add-root $tmpDir/nix --indirect >/dev/null + if [ -n "$buildHost" ]; then + nix-copy-closure --to "$buildHost" "$nixDrv" + # The nix build produces multiple outputs, we add them all to the remote path + for p in $(buildHostCmd nix-store -r "$(readlink "$nixDrv")" "${buildArgs[@]}"); do + remoteNix="$remoteNix${remoteNix:+:}$p/bin" + done + fi + fi + PATH="$tmpDir/nix/bin:$PATH" +fi + + +# Update the version suffix if we're building from Git (so that +# nixos-version shows something useful). +if [[ -n $canRun && -z $flake ]]; then + if nixpkgs=$(nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then + suffix=$($SHELL $nixpkgs/nixos/modules/installer/tools/get-version-suffix "${extraBuildFlags[@]}" || true) + if [ -n "$suffix" ]; then + echo -n "$suffix" > "$nixpkgs/.version-suffix" || true + fi + fi +fi + + +if [ "$action" = dry-build ]; then + extraBuildFlags+=(--dry-run) +fi + + +# Either upgrade the configuration in the system profile (for "switch" +# or "boot"), or just build it and create a symlink "result" in the +# current directory (for "build" and "test"). +if [ -z "$rollback" ]; then + echo "building the system configuration..." >&2 + if [ "$action" = switch -o "$action" = boot ]; then + if [[ -z $flake ]]; then + pathToConfig="$(nixBuild '' --no-out-link -A system "${extraBuildFlags[@]}")" + else + outLink=$tmpDir/result + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" --out-link $outLink + pathToConfig="$(readlink -f $outLink)" + fi + copyToTarget "$pathToConfig" + targetHostCmd nix-env -p "$profile" --set "$pathToConfig" + elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then + if [[ -z $flake ]]; then + pathToConfig="$(nixBuild '' -A system -k "${extraBuildFlags[@]}")" + else + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}" + pathToConfig="$(readlink -f ./result)" + fi + elif [ "$action" = build-vm ]; then + if [[ -z $flake ]]; then + pathToConfig="$(nixBuild '' -A vm -k "${extraBuildFlags[@]}")" + else + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vm" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" + pathToConfig="$(readlink -f ./result)" + fi + elif [ "$action" = build-vm-with-bootloader ]; then + if [[ -z $flake ]]; then + pathToConfig="$(nixBuild '' -A vmWithBootLoader -k "${extraBuildFlags[@]}")" + else + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.vmWithBootLoader" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" + pathToConfig="$(readlink -f ./result)" + fi + else + showSyntax + fi + # Copy build to target host if we haven't already done it + if ! [ "$action" = switch -o "$action" = boot ]; then + copyToTarget "$pathToConfig" + fi +else # [ -n "$rollback" ] + if [ "$action" = switch -o "$action" = boot ]; then + targetHostCmd nix-env --rollback -p "$profile" + pathToConfig="$profile" + elif [ "$action" = test -o "$action" = build ]; then + systemNumber=$( + targetHostCmd nix-env -p "$profile" --list-generations | + sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h' + ) + pathToConfig="$profile"-${systemNumber}-link + if [ -z "$targetHost" ]; then + ln -sT "$pathToConfig" ./result + fi + else + showSyntax + fi +fi + + +# If we're not just building, then make the new configuration the boot +# default and/or activate it now. +if [ "$action" = switch -o "$action" = boot -o "$action" = test -o "$action" = dry-activate ]; then + if ! targetHostCmd $pathToConfig/bin/switch-to-configuration "$action"; then + echo "warning: error(s) occurred while switching to the new configuration" >&2 + exit 1 + fi +fi + + +if [ "$action" = build-vm ]; then + cat >&2 <