63 lines
1.5 KiB
Makefile
63 lines
1.5 KiB
Makefile
SHELL = /bin/sh
|
|
|
|
ifneq (,$(wildcard .bundle-env))
|
|
include .bundle-env
|
|
endif
|
|
|
|
ifeq (root,$(shell whoami))
|
|
check-root = @true
|
|
else
|
|
check-root = $(error this target requires root)
|
|
endif
|
|
|
|
ifeq (dom0,$(shell hostname))
|
|
check-dom0 = @true
|
|
check-domu = $(error this target must be run in the guest qube)
|
|
else
|
|
check-dom0 = $(error this target must be run in dom0)
|
|
check-domu = @true
|
|
endif
|
|
|
|
BUNDLEIN := .bundles/qubes-mgmt-salt
|
|
|
|
clean-workdir = git init -q -b $* && git diff --quiet && git diff --cached --quiet || (echo 'dirty tree; check git status' && false)
|
|
|
|
.PHONY: guard-domu
|
|
guard-domu:
|
|
@ if [ "`hostname`" != "`qubesdb-read /name`" ]; then \
|
|
echo "This task must be run in a guest domain"; \
|
|
exit 1; \
|
|
fi
|
|
|
|
.PHONY: create-bundle
|
|
create-bundle: guard-domu
|
|
mkdir -p .bundles
|
|
git bundle create - --all > .bundles/qubes-mgmt-salt
|
|
|
|
.PHONY: pull pull/%
|
|
pull: pull/$(shell git branch --show-current)
|
|
pull/%:
|
|
echo "check dom0"
|
|
$(check-dom0)
|
|
echo "clean workdir"
|
|
$(clean-workdir)
|
|
|
|
echo "creating bundle"
|
|
qvm-run -p $(GUEST) "cd $(GUEST_REPO) && make create-bundle" </dev/null
|
|
|
|
qvm-run -p $(GUEST) "cat $(GUEST_REPO)/qubes-mgmt-salt" </dev/null >$(BUNDLEIN)
|
|
|
|
git remote add $(GUEST) $(BUNDLEIN) || true
|
|
|
|
git pull $(GUEST) $*:$*
|
|
|
|
qvm-run -p $(GUEST) "cd $(GUEST_REPO) && git update-ref refs/remotes/dom0/$* $*" </dev/null
|
|
|
|
@echo "updated branch $* from $(GUEST)"
|
|
|
|
apply:
|
|
echo "Applying salt states"
|
|
pushd ./guardian
|
|
sudo qubesctl top.enable guardian
|
|
sudo qubesctl --show-output --all state.apply
|
|
popd
|