pkgs/nixfiles: Migrate nixfiles-generate-backup-secrets to clerie-sops-edit
This commit is contained in:
parent
edabc9e892
commit
03213c8389
@ -132,6 +132,7 @@
|
|||||||
nix-remove-result-links
|
nix-remove-result-links
|
||||||
nixfiles-auto-install
|
nixfiles-auto-install
|
||||||
nixfiles-generate-config
|
nixfiles-generate-config
|
||||||
|
nixfiles-generate-backup-secrets
|
||||||
nixfiles-update-ssh-host-keys
|
nixfiles-update-ssh-host-keys
|
||||||
print-afra
|
print-afra
|
||||||
ssh-gpg
|
ssh-gpg
|
||||||
|
@ -4,7 +4,7 @@ pkgs.writeShellApplication {
|
|||||||
name = "nixfiles-generate-backup-secrets";
|
name = "nixfiles-generate-backup-secrets";
|
||||||
text = builtins.readFile ./nixfiles-generate-backup-secrets.sh;
|
text = builtins.readFile ./nixfiles-generate-backup-secrets.sh;
|
||||||
runtimeInputs = with pkgs; [
|
runtimeInputs = with pkgs; [
|
||||||
agenix
|
clerie-sops-edit
|
||||||
apacheHttpd
|
apacheHttpd
|
||||||
git
|
git
|
||||||
pwgen
|
pwgen
|
||||||
|
@ -12,21 +12,9 @@ target_cyan_htpasswd="$(htpasswd -nbB "${host}" "${target_cyan}")"
|
|||||||
target_magenta="$(pwgen -1 64 1)"
|
target_magenta="$(pwgen -1 64 1)"
|
||||||
target_magenta_htpasswd="$(htpasswd -nbB "${host}" "${target_magenta}")"
|
target_magenta_htpasswd="$(htpasswd -nbB "${host}" "${target_magenta}")"
|
||||||
|
|
||||||
mkdir -p "hosts/${host}/secrets"
|
echo "$job_main" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-job-main"
|
||||||
|
echo "$target_cyan" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-cyan"
|
||||||
|
echo "$target_magenta" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-magenta"
|
||||||
|
|
||||||
echo "$job_main" | agenix -e "hosts/${host}/secrets/new"
|
echo "${target_cyan_htpasswd}" | clerie-sops-edit "hosts/clerie-backup/secrets.json" append "restic-server-cyan-htpasswd"
|
||||||
mv "hosts/${host}/secrets/new" "hosts/${host}/secrets/clerie-backup-job-main.age"
|
echo "$target_magenta_htpasswd" | clerie-sops-edit "hosts/backup-4/secrets.json" append "restic-server-magenta-htpasswd"
|
||||||
|
|
||||||
echo "$target_cyan" | agenix -e "hosts/${host}/secrets/new"
|
|
||||||
mv "hosts/${host}/secrets/new" "hosts/${host}/secrets/clerie-backup-target-cyan.age"
|
|
||||||
|
|
||||||
echo "$target_magenta" | agenix -e "hosts/${host}/secrets/new"
|
|
||||||
mv "hosts/${host}/secrets/new" "hosts/${host}/secrets/clerie-backup-target-magenta.age"
|
|
||||||
|
|
||||||
prev_htpasswd_cyan="$(agenix -d hosts/clerie-backup/secrets/restic-server-cyan-htpasswd.age)"
|
|
||||||
cat <(echo "$prev_htpasswd_cyan") <(echo "$target_cyan_htpasswd") | agenix -e "hosts/clerie-backup/secrets/new"
|
|
||||||
mv "hosts/clerie-backup/secrets/new" "hosts/clerie-backup/secrets/restic-server-cyan-htpasswd.age"
|
|
||||||
|
|
||||||
prev_htpasswd_magenta="$(agenix -d "hosts/backup-4/secrets/restic-server-magenta-htpasswd.age")"
|
|
||||||
cat <(echo "$prev_htpasswd_magenta") <(echo "$target_magenta_htpasswd") | agenix -e "hosts/backup-4/secrets/new"
|
|
||||||
mv "hosts/backup-4/secrets/new" "hosts/backup-4/secrets/restic-server-magenta-htpasswd.age"
|
|
||||||
|
@ -11,6 +11,7 @@ final: prev: {
|
|||||||
nix-remove-result-links = final.callPackage ./nix-remove-result-links {};
|
nix-remove-result-links = final.callPackage ./nix-remove-result-links {};
|
||||||
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
|
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
|
||||||
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
||||||
|
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
|
||||||
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||||
print-afra = final.callPackage ./print-afra {};
|
print-afra = final.callPackage ./print-afra {};
|
||||||
ssh-gpg = final.callPackage ./ssh-gpg {};
|
ssh-gpg = final.callPackage ./ssh-gpg {};
|
||||||
|
Loading…
Reference in New Issue
Block a user