nixos/maintainers/scripts/gce/create-gce.sh

   1 #!/usr/bin/env nix-shell
   2 #! nix-shell -i bash -p google-cloud-sdk
   3
   4 set -euo pipefail
   5
   6 BUCKET_NAME="${BUCKET_NAME:-nixos-cloud-images}"
   7 TIMESTAMP="$(date +%Y%m%d%H%M)"
   8 export TIMESTAMP
   9
  10 nix-build '<nixpkgs/nixos/lib/eval-config.nix>' \
  11    -A config.system.build.googleComputeImage \
  12    --arg modules "[ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]" \
  13    --argstr system x86_64-linux \
  14    -o gce \
  15    -j 10
  16
  17 img_path=$(echo gce/*.tar.gz)
  18 img_name=${IMAGE_NAME:-$(basename "$img_path")}
  19 img_id=$(echo "$img_name" | sed 's|.raw.tar.gz$||;s|\.|-|g;s|_|-|g')
  20 img_family=$(echo "$img_id" | cut -d - -f1-4)
  21
  22 if ! gsutil ls "gs://${BUCKET_NAME}/$img_name"; then
  23   gsutil cp "$img_path" "gs://${BUCKET_NAME}/$img_name"
  24   gsutil acl ch -u AllUsers:R "gs://${BUCKET_NAME}/$img_name"
  25
  26   gcloud compute images create \
  27     "$img_id" \
  28     --source-uri "gs://${BUCKET_NAME}/$img_name" \
  29     --family="$img_family"
  30
  31   gcloud compute images add-iam-policy-binding \
  32     "$img_id" \
  33     --member='allAuthenticatedUsers' \
  34     --role='roles/compute.imageUser'
  35 fi