pyrox.dev
1#!/usr/bin/env nix-shell
2#! nix-shell -i bash -p google-cloud-sdk
3
4set -euo pipefail
5
6BUCKET_NAME="${BUCKET_NAME:-nixos-cloud-images}"
7TIMESTAMP="$(date +%Y%m%d%H%M)"
8export TIMESTAMP
9
10nix-build '<nixpkgs/nixos/lib/eval-config.nix>' \
11 -A config.system.build.googleComputeImage \
12 --arg modules "[ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]" \
13 --argstr system x86_64-linux \
14 -o gce \
15 -j 10
16
17img_path=$(echo gce/*.tar.gz)
18img_name=${IMAGE_NAME:-$(basename "$img_path")}
19img_id=$(echo "$img_name" | sed 's|.raw.tar.gz$||;s|\.|-|g;s|_|-|g')
20img_family=$(echo "$img_id" | cut -d - -f1-4)
21
22if ! gsutil ls "gs://${BUCKET_NAME}/$img_name"; then
23 gsutil cp "$img_path" "gs://${BUCKET_NAME}/$img_name"
24 gsutil acl ch -u AllUsers:R "gs://${BUCKET_NAME}/$img_name"
25
26 gcloud compute images create \
27 "$img_id" \
28 --source-uri "gs://${BUCKET_NAME}/$img_name" \
29 --family="$img_family"
30
31 gcloud compute images add-iam-policy-binding \
32 "$img_id" \
33 --member='allAuthenticatedUsers' \
34 --role='roles/compute.imageUser'
35fi