54 lines
1.6 KiB
Bash
Executable File
54 lines
1.6 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -euo pipefail
|
|
|
|
cd "$(git rev-parse --show-toplevel)"
|
|
|
|
if [[ $# -eq 0 || $# -gt 2 ]]; then
|
|
echo "Usage: nixfiles-generate-backup-secrets HOST [--configure-host]"
|
|
echo
|
|
echo " --configure-host"
|
|
echo " Directly sets the secrets in the hosts secret store"
|
|
exit 1
|
|
fi
|
|
|
|
host="$1"
|
|
|
|
CONFIGURE_HOST=
|
|
|
|
if [[ $# -eq 2 ]]; then
|
|
if [[ "$2" == "--configure-host" ]]; then
|
|
if [[ ! -f "hosts/${host}/secrets.json" ]]; then
|
|
echo "Host ${host} does not have a secrets file, can't configure"
|
|
exit 1
|
|
fi
|
|
CONFIGURE_HOST=1
|
|
else
|
|
echo "Unknown option $2"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
job_main="$(pwgen -1 64 1)"
|
|
target_cyan="$(pwgen -1 64 1)"
|
|
target_magenta="$(pwgen -1 64 1)"
|
|
|
|
echo "${target_cyan}" | clerie-sops-edit "hosts/clerie-backup/secrets.json" cmd "restic-server-cyan-htpasswd" htpasswd -iB "{}" "${host}"
|
|
echo "${target_magenta}" | clerie-sops-edit "hosts/backup-4/secrets.json" cmd "restic-server-magenta-htpasswd" htpasswd -iB "{}" "${host}"
|
|
|
|
echo "Repo password main: ${job_main}"
|
|
echo
|
|
echo "URL cyan: https://cyan.backup.clerie.de/${host}/main"
|
|
echo "Auth username cyan: ${host}"
|
|
echo "Auth password cyan: ${target_cyan}"
|
|
echo
|
|
echo "URL magenta: https://magenta.backup.clerie.de/${host}/main"
|
|
echo "Auth username magenta: ${host}"
|
|
echo "Auth password magenta: ${target_magenta}"
|
|
|
|
if [[ -n "${CONFIGURE_HOST}" ]]; then
|
|
echo "$job_main" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-job-main"
|
|
echo "$target_cyan" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-cyan"
|
|
echo "$target_magenta" | clerie-sops-edit "hosts/${host}/secrets.json" set "clerie-backup-target-magenta"
|
|
fi
|