clan-core/pkgs/clan-cli/clan_cli/flash.py

import argparse
import importlib
import json
import logging
import os
import shutil
import textwrap
from collections.abc import Sequence
from dataclasses import dataclass
from pathlib import Path
from tempfile import TemporaryDirectory
from typing import Any

from .cmd import Log, run
from .completions import add_dynamic_completer, complete_machines
from .errors import ClanError
from .facts.secret_modules import SecretStoreBase
from .machines.machines import Machine
from .nix import nix_shell

log = logging.getLogger(__name__)


def flash_machine(
    machine: Machine,
    *,
    mode: str,
    disks: dict[str, str],
    system_config: dict[str, Any],
    dry_run: bool,
    write_efi_boot_entries: bool,
    debug: bool,
    extra_args: list[str] = [],
) -> None:
    secret_facts_module = importlib.import_module(machine.secret_facts_module)
    secret_facts_store: SecretStoreBase = secret_facts_module.SecretStore(
        machine=machine
    )
    with TemporaryDirectory() as tmpdir_:
        tmpdir = Path(tmpdir_)
        upload_dir = machine.secrets_upload_directory

        if upload_dir.startswith("/"):
            local_dir = tmpdir / upload_dir[1:]
        else:
            local_dir = tmpdir / upload_dir

        local_dir.mkdir(parents=True)
        secret_facts_store.upload(local_dir)
        disko_install = []

        if os.geteuid() != 0:
            if shutil.which("sudo") is None:
                raise ClanError(
                    "sudo is required to run disko-install as a non-root user"
                )
            disko_install.append("sudo")

        disko_install.append("disko-install")
        if write_efi_boot_entries:
            disko_install.append("--write-efi-boot-entries")
        if dry_run:
            disko_install.append("--dry-run")
        if debug:
            disko_install.append("--debug")
        for name, device in disks.items():
            disko_install.extend(["--disk", name, device])

        disko_install.extend(["--extra-files", str(local_dir), upload_dir])
        disko_install.extend(["--flake", str(machine.flake) + "#" + machine.name])
        disko_install.extend(["--mode", str(mode)])
        disko_install.extend(
            [
                "--system-config",
                json.dumps(system_config),
            ]
        )
        disko_install.extend(["--option", "dry-run", "true"])
        disko_install.extend(extra_args)

        cmd = nix_shell(
            ["nixpkgs#disko"],
            disko_install,
        )
        run(cmd, log=Log.BOTH, error_msg=f"Failed to flash {machine}")


@dataclass
class FlashOptions:
    flake: Path
    machine: str
    disks: dict[str, str]
    ssh_keys_path: list[Path]
    dry_run: bool
    confirm: bool
    debug: bool
    mode: str
    language: str
    keymap: str
    write_efi_boot_entries: bool
    nix_options: list[str]


class AppendDiskAction(argparse.Action):
    def __init__(self, option_strings: str, dest: str, **kwargs: Any) -> None:
        super().__init__(option_strings, dest, **kwargs)

    def __call__(
        self,
        parser: argparse.ArgumentParser,
        namespace: argparse.Namespace,
        values: str | Sequence[str] | None,
        option_string: str | None = None,
    ) -> None:
        disks = getattr(namespace, self.dest)
        assert isinstance(values, list), "values must be a list"
        disks[values[0]] = values[1]


def flash_command(args: argparse.Namespace) -> None:
    opts = FlashOptions(
        flake=args.flake,
        machine=args.machine,
        disks=args.disk,
        ssh_keys_path=args.ssh_pubkey,
        dry_run=args.dry_run,
        confirm=not args.yes,
        debug=args.debug,
        mode=args.mode,
        language=args.language,
        keymap=args.keymap,
        write_efi_boot_entries=args.write_efi_boot_entries,
        nix_options=args.option,
    )

    machine = Machine(opts.machine, flake=opts.flake)
    if opts.confirm and not opts.dry_run:
        disk_str = ", ".join(f"{name}={device}" for name, device in opts.disks.items())
        msg = f"Install {machine.name}"
        if disk_str != "":
            msg += f" to {disk_str}"
        msg += "? [y/N] "
        ask = input(msg)
        if ask != "y":
            return

    extra_config: dict[str, Any] = {}
    if opts.ssh_keys_path:
        root_keys = []
        for key_path in opts.ssh_keys_path:
            try:
                root_keys.append(key_path.read_text())
            except OSError as e:
                raise ClanError(f"Cannot read SSH public key file: {key_path}: {e}")
        extra_config["users"] = {
            "users": {"root": {"openssh": {"authorizedKeys": {"keys": root_keys}}}}
        }
    if opts.keymap:
        extra_config["console"] = {"keyMap": opts.keymap}

    if opts.language:
        extra_config["i18n"] = {"defaultLocale": opts.language}

    flash_machine(
        machine,
        mode=opts.mode,
        disks=opts.disks,
        system_config=extra_config,
        dry_run=opts.dry_run,
        debug=opts.debug,
        write_efi_boot_entries=opts.write_efi_boot_entries,
        extra_args=opts.nix_options,
    )


def register_parser(parser: argparse.ArgumentParser) -> None:
    machines_parser = parser.add_argument(
        "machine",
        type=str,
        help="machine to install",
    )
    add_dynamic_completer(machines_parser, complete_machines)

    parser.add_argument(
        "--disk",
        type=str,
        nargs=2,
        metavar=("name", "value"),
        action=AppendDiskAction,
        help="device to flash to",
        default={},
    )
    mode_help = textwrap.dedent(
        """\
        Specify the mode of operation. Valid modes are: format, mount."
        Format will format the disk before installing.
        Mount will mount the disk before installing.
        Mount is useful for updating an existing system without losing data.
        """
    )
    parser.add_argument(
        "--mode",
        type=str,
        help=mode_help,
        choices=["format", "mount"],
        default="format",
    )
    parser.add_argument(
        "--ssh-pubkey",
        type=Path,
        action="append",
        default=[],
        help="ssh pubkey file to add to the root user. Can be used multiple times",
    )
    parser.add_argument(
        "--language",
        type=str,
        help="system language",
    )
    parser.add_argument(
        "--keymap",
        type=str,
        help="system keymap",
    )
    parser.add_argument(
        "--yes",
        action="store_true",
        help="do not ask for confirmation",
        default=False,
    )
    parser.add_argument(
        "--dry-run",
        help="Only build the system, don't flash it",
        default=False,
        action="store_true",
    )
    parser.add_argument(
        "--write-efi-boot-entries",
        help=textwrap.dedent(
            """
          Write EFI boot entries to the NVRAM of the system for the installed system.
          Specify this option if you plan to boot from this disk on the current machine,
          but not if you plan to move the disk to another machine.
        """
        ).strip(),
        default=False,
        action="store_true",
    )
    parser.set_defaults(func=flash_command)
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`import argparse`
			`import importlib`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`import json`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`import logging`
add flash command 2024-03-07 12:30:53 +00:00			`import os`
			`import shutil`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`import textwrap`
add flash command 2024-03-07 12:30:53 +00:00			`from collections.abc import Sequence`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`from dataclasses import dataclass`
			`from pathlib import Path`
			`from tempfile import TemporaryDirectory`
add flash command 2024-03-07 12:30:53 +00:00			`from typing import Any`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00
add flash command 2024-03-07 12:30:53 +00:00			`from .cmd import Log, run`
clan: add dynamic completions Add dynamic completion scaffolding to the clan `cli`. Also add a dynamic completion mechanism for machines for commands that have machines as their sole argument. More intricate dynamic completions will be implemented in follow up PR's. 2024-05-30 17:51:53 +00:00			`from .completions import add_dynamic_completer, complete_machines`
add flash command 2024-03-07 12:30:53 +00:00			`from .errors import ClanError`
refactor secrets & facts -> secret_facts & public_facts 2024-03-23 04:05:31 +00:00			`from .facts.secret_modules import SecretStoreBase`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`from .machines.machines import Machine`
add flash command 2024-03-07 12:30:53 +00:00			`from .nix import nix_shell`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00
			`log = logging.getLogger(__name__)`


add flash command 2024-03-07 12:30:53 +00:00			`def flash_machine(`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`machine: Machine,`
			`*,`
			`mode: str,`
			`disks: dict[str, str],`
			`system_config: dict[str, Any],`
			`dry_run: bool,`
flash: add write-efi-boot-entries flag 2024-05-29 07:18:05 +00:00			`write_efi_boot_entries: bool,`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`debug: bool,`
allow to override nix options in update/install/flash commands 2024-05-29 07:08:23 +00:00			`extra_args: list[str] = [],`
add flash command 2024-03-07 12:30:53 +00:00			`) -> None:`
refactor secrets & facts -> secret_facts & public_facts 2024-03-23 04:05:31 +00:00			`secret_facts_module = importlib.import_module(machine.secret_facts_module)`
			`secret_facts_store: SecretStoreBase = secret_facts_module.SecretStore(`
			`machine=machine`
			`)`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`with TemporaryDirectory() as tmpdir_:`
			`tmpdir = Path(tmpdir_)`
add flash command 2024-03-07 12:30:53 +00:00			`upload_dir = machine.secrets_upload_directory`

			`if upload_dir.startswith("/"):`
			`local_dir = tmpdir / upload_dir[1:]`
			`else:`
			`local_dir = tmpdir / upload_dir`

			`local_dir.mkdir(parents=True)`
refactor secrets & facts -> secret_facts & public_facts 2024-03-23 04:05:31 +00:00			`secret_facts_store.upload(local_dir)`
add flash command 2024-03-07 12:30:53 +00:00			`disko_install = []`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00
add flash command 2024-03-07 12:30:53 +00:00			`if os.geteuid() != 0:`
			`if shutil.which("sudo") is None:`
			`raise ClanError(`
			`"sudo is required to run disko-install as a non-root user"`
			`)`
			`disko_install.append("sudo")`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00
add flash command 2024-03-07 12:30:53 +00:00			`disko_install.append("disko-install")`
flash: add write-efi-boot-entries flag 2024-05-29 07:18:05 +00:00			`if write_efi_boot_entries:`
			`disko_install.append("--write-efi-boot-entries")`
add flash command 2024-03-07 12:30:53 +00:00			`if dry_run:`
			`disko_install.append("--dry-run")`
			`if debug:`
			`disko_install.append("--debug")`
			`for name, device in disks.items():`
			`disko_install.extend(["--disk", name, device])`

			`disko_install.extend(["--extra-files", str(local_dir), upload_dir])`
			`disko_install.extend(["--flake", str(machine.flake) + "#" + machine.name])`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`disko_install.extend(["--mode", str(mode)])`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`disko_install.extend(`
			`[`
			`"--system-config",`
			`json.dumps(system_config),`
			`]`
			`)`
allow to override nix options in update/install/flash commands 2024-05-29 07:08:23 +00:00			`disko_install.extend(["--option", "dry-run", "true"])`
			`disko_install.extend(extra_args)`
add flash command 2024-03-07 12:30:53 +00:00
			`cmd = nix_shell(`
Migrated blog to mkdocs 2024-05-16 13:08:24 +00:00			`["nixpkgs#disko"],`
add flash command 2024-03-07 12:30:53 +00:00			`disko_install,`
			`)`
			`run(cmd, log=Log.BOTH, error_msg=f"Failed to flash {machine}")`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00

			`@dataclass`
			`class FlashOptions:`
			`flake: Path`
			`machine: str`
add flash command 2024-03-07 12:30:53 +00:00			`disks: dict[str, str]`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`ssh_keys_path: list[Path]`
add flash command 2024-03-07 12:30:53 +00:00			`dry_run: bool`
			`confirm: bool`
			`debug: bool`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`mode: str`
Add keymap and language detection 2024-04-23 22:16:50 +00:00			`language: str`
			`keymap: str`
allow to override nix options in update/install/flash commands 2024-05-29 07:08:23 +00:00			`write_efi_boot_entries: bool`
			`nix_options: list[str]`
add flash command 2024-03-07 12:30:53 +00:00

			`class AppendDiskAction(argparse.Action):`
			`def __init__(self, option_strings: str, dest: str, **kwargs: Any) -> None:`
			`super().__init__(option_strings, dest, **kwargs)`

			`def __call__(`
			`self,`
			`parser: argparse.ArgumentParser,`
			`namespace: argparse.Namespace,`
			`values: str \| Sequence[str] \| None,`
			`option_string: str \| None = None,`
			`) -> None:`
			`disks = getattr(namespace, self.dest)`
			`assert isinstance(values, list), "values must be a list"`
			`disks[values[0]] = values[1]`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00

			`def flash_command(args: argparse.Namespace) -> None:`
			`opts = FlashOptions(`
			`flake=args.flake,`
			`machine=args.machine,`
add flash command 2024-03-07 12:30:53 +00:00			`disks=args.disk,`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`ssh_keys_path=args.ssh_pubkey,`
add flash command 2024-03-07 12:30:53 +00:00			`dry_run=args.dry_run,`
			`confirm=not args.yes,`
			`debug=args.debug,`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`mode=args.mode,`
flash: make configuration more explicit Injecting nixos configuration and potentially overriding settings a user made and can cause surprises. In most cases, users want to just make these option part of their NixOS configuration and by having the rest in the command line we make it more explicit what other configuration is being applied. 2024-05-29 09:10:14 +00:00			`language=args.language,`
Add keymap and language detection 2024-04-23 22:16:50 +00:00			`keymap=args.keymap,`
flash: add write-efi-boot-entries flag 2024-05-29 07:18:05 +00:00			`write_efi_boot_entries=args.write_efi_boot_entries,`
flash: make configuration more explicit Injecting nixos configuration and potentially overriding settings a user made and can cause surprises. In most cases, users want to just make these option part of their NixOS configuration and by having the rest in the command line we make it more explicit what other configuration is being applied. 2024-05-29 09:10:14 +00:00			`nix_options=args.option,`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`)`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`machine = Machine(opts.machine, flake=opts.flake)`
add flash command 2024-03-07 12:30:53 +00:00			`if opts.confirm and not opts.dry_run:`
			`disk_str = ", ".join(f"{name}={device}" for name, device in opts.disks.items())`
flash: improve prompt if no disk is specified 2024-04-03 09:51:21 +00:00			`msg = f"Install {machine.name}"`
			`if disk_str != "":`
			`msg += f" to {disk_str}"`
			`msg += "? [y/N] "`
			`ask = input(msg)`
add flash command 2024-03-07 12:30:53 +00:00			`if ask != "y":`
			`return`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00
flash: make configuration more explicit Injecting nixos configuration and potentially overriding settings a user made and can cause surprises. In most cases, users want to just make these option part of their NixOS configuration and by having the rest in the command line we make it more explicit what other configuration is being applied. 2024-05-29 09:10:14 +00:00			`extra_config: dict[str, Any] = {}`
			`if opts.ssh_keys_path:`
			`root_keys = []`
			`for key_path in opts.ssh_keys_path:`
			`try:`
			`root_keys.append(key_path.read_text())`
			`except OSError as e:`
			`raise ClanError(f"Cannot read SSH public key file: {key_path}: {e}")`
			`extra_config["users"] = {`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`"users": {"root": {"openssh": {"authorizedKeys": {"keys": root_keys}}}}`
flash: make configuration more explicit Injecting nixos configuration and potentially overriding settings a user made and can cause surprises. In most cases, users want to just make these option part of their NixOS configuration and by having the rest in the command line we make it more explicit what other configuration is being applied. 2024-05-29 09:10:14 +00:00			`}`
			`if opts.keymap:`
			`extra_config["console"] = {"keyMap": opts.keymap}`

			`if opts.language:`
			`extra_config["i18n"] = {"defaultLocale": opts.language}`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00
flash: expose mode option 2024-04-05 13:54:58 +00:00			`flash_machine(`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`machine,`
			`mode=opts.mode,`
			`disks=opts.disks,`
Add keymap and language detection 2024-04-23 22:16:50 +00:00			`system_config=extra_config,`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`dry_run=opts.dry_run,`
			`debug=opts.debug,`
flash: add write-efi-boot-entries flag 2024-05-29 07:18:05 +00:00			`write_efi_boot_entries=opts.write_efi_boot_entries,`
			`extra_args=opts.nix_options,`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`)`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00

			`def register_parser(parser: argparse.ArgumentParser) -> None:`
clan: add dynamic completions Add dynamic completion scaffolding to the clan `cli`. Also add a dynamic completion mechanism for machines for commands that have machines as their sole argument. More intricate dynamic completions will be implemented in follow up PR's. 2024-05-30 17:51:53 +00:00			`machines_parser = parser.add_argument(`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`"machine",`
			`type=str,`
			`help="machine to install",`
			`)`
clan: add dynamic completions Add dynamic completion scaffolding to the clan `cli`. Also add a dynamic completion mechanism for machines for commands that have machines as their sole argument. More intricate dynamic completions will be implemented in follow up PR's. 2024-05-30 17:51:53 +00:00			`add_dynamic_completer(machines_parser, complete_machines)`

clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`parser.add_argument(`
add flash command 2024-03-07 12:30:53 +00:00			`"--disk",`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`type=str,`
add flash command 2024-03-07 12:30:53 +00:00			`nargs=2,`
			`metavar=("name", "value"),`
			`action=AppendDiskAction,`
			`help="device to flash to",`
			`default={},`
			`)`
allow to override nix options in update/install/flash commands 2024-05-29 07:08:23 +00:00			`mode_help = textwrap.dedent(`
			`"""\`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`Specify the mode of operation. Valid modes are: format, mount."`
			`Format will format the disk before installing.`
			`Mount will mount the disk before installing.`
			`Mount is useful for updating an existing system without losing data.`
allow to override nix options in update/install/flash commands 2024-05-29 07:08:23 +00:00			`"""`
			`)`
flash: expose mode option 2024-04-05 13:54:58 +00:00			`parser.add_argument(`
			`"--mode",`
			`type=str,`
			`help=mode_help,`
			`choices=["format", "mount"],`
			`default="format",`
			`)`
Add --ssh-pubkey FILE argument 2024-04-23 16:55:00 +00:00			`parser.add_argument(`
			`"--ssh-pubkey",`
			`type=Path,`
			`action="append",`
			`default=[],`
			`help="ssh pubkey file to add to the root user. Can be used multiple times",`
			`)`
Add keymap and language detection 2024-04-23 22:16:50 +00:00			`parser.add_argument(`
flash: make configuration more explicit Injecting nixos configuration and potentially overriding settings a user made and can cause surprises. In most cases, users want to just make these option part of their NixOS configuration and by having the rest in the command line we make it more explicit what other configuration is being applied. 2024-05-29 09:10:14 +00:00			`"--language",`
Add keymap and language detection 2024-04-23 22:16:50 +00:00			`type=str,`
			`help="system language",`
			`)`
			`parser.add_argument(`
			`"--keymap",`
			`type=str,`
			`help="system keymap",`
			`)`
add flash command 2024-03-07 12:30:53 +00:00			`parser.add_argument(`
			`"--yes",`
			`action="store_true",`
			`help="do not ask for confirmation",`
			`default=False,`
			`)`
			`parser.add_argument(`
			`"--dry-run",`
			`help="Only build the system, don't flash it",`
			`default=False,`
			`action="store_true",`
			`)`
flash: add write-efi-boot-entries flag 2024-05-29 07:18:05 +00:00			`parser.add_argument(`
			`"--write-efi-boot-entries",`
			`help=textwrap.dedent(`
			`"""`
			`Write EFI boot entries to the NVRAM of the system for the installed system.`
			`Specify this option if you plan to boot from this disk on the current machine,`
			`but not if you plan to move the disk to another machine.`
			`"""`
			`).strip(),`
			`default=False,`
			`action="store_true",`
			`)`
clan-cli: add simple flash command 2024-02-07 04:24:43 +00:00			`parser.set_defaults(func=flash_command)`