From 5345828a5618c198e7a09eac511ea87aa7555732 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Sun, 16 Feb 2025 18:34:15 +0100
Subject: [PATCH] pkgs/nixfiles: Display generated backup secrets and make
 configureing hosts optional

---
 .../nixfiles-generate-backup-secrets.sh       | 45 ++++++++++++++++---
 1 file changed, 40 insertions(+), 5 deletions(-)

diff --git a/pkgs/nixfiles/nixfiles-generate-backup-secrets.sh b/pkgs/nixfiles/nixfiles-generate-backup-secrets.sh
index 9286c26..dbaf989 100755
--- a/pkgs/nixfiles/nixfiles-generate-backup-secrets.sh
+++ b/pkgs/nixfiles/nixfiles-generate-backup-secrets.sh
@@ -4,17 +4,52 @@ set -euo pipefail
 
 cd "$(git rev-parse --show-toplevel)"
 
+if [[ $# -eq 0 || $# -gt 2 ]]; then
+	echo "Usage: nixfiles-generate-backup-secrets HOST [--configure-host]"
+	echo
+	echo "  --configure-host"
+	echo "      Directly sets the secrets in the hosts secret store"
+	exit 1
+fi
+
 host="$1"
 
+CONFIGURE_HOST=
+
+if [[ $# -eq 2 ]]; then
+	if [[ "$2" == "--configure-host" ]]; then
+		if [[ ! -f "hosts/${host}/secrets.json" ]]; then
+			echo "Host ${host} does not have a secrets file, can't configure"
+			exit 1
+		fi
+		CONFIGURE_HOST=1
+	else
+		echo "Unknown option $2"
+		exit 1
+	fi
+fi
+
 job_main="$(pwgen -1 64 1)"
 target_cyan="$(pwgen -1 64 1)"
 target_cyan_htpasswd="$(htpasswd -nbB "${host}" "${target_cyan}")"
 target_magenta="$(pwgen -1 64 1)"
 target_magenta_htpasswd="$(htpasswd -nbB "${host}" "${target_magenta}")"
 
-echo "$job_main" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-job-main"
-echo "$target_cyan" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-cyan"
-echo "$target_magenta" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-magenta"
-
 echo "${target_cyan_htpasswd}" | clerie-sops-edit "hosts/clerie-backup/secrets.json" append "restic-server-cyan-htpasswd"
-echo "$target_magenta_htpasswd" | clerie-sops-edit "hosts/backup-4/secrets.json" append "restic-server-magenta-htpasswd"
+echo "${target_magenta_htpasswd}" | clerie-sops-edit "hosts/backup-4/secrets.json" append "restic-server-magenta-htpasswd"
+
+echo "Repo password main: ${job_main}"
+echo
+echo "URL cyan: https://cyan.backup.clerie.de/${host}/main"
+echo "Auth username cyan: ${host}"
+echo "Auth password cyan: ${target_cyan}"
+echo
+echo "URL magenta: https://magenta.backup.clerie.de/${host}/main"
+echo "Auth username magenta: ${host}"
+echo "Auth password magenta: ${target_magenta}"
+
+if [[ -n "${CONFIGURE_HOST}" ]]; then
+	echo "$job_main" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-job-main"
+	echo "$target_cyan" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-cyan"
+	echo "$target_magenta" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-magenta"
+fi