Made huge replacements more robust with envsubst instead of sed
This commit is contained in:
Raphaël Numbus
@@ -606,16 +606,14 @@ nix_generation() {
|
||||
cp -avu templates/nix-config/misc/* final-nix-config/etc/nixos/misc/
|
||||
|
||||
echo -e "\n✅ Writing correct ips to configuration.nix..."
|
||||
sed -i "s|HOME_SERVER_IP|${HOME_SERVER_IP}|g" final-nix-config/etc/nixos/misc/networking.nix
|
||||
sed -i "s|HOME_ROUTER_IP|${HOME_ROUTER_IP}|g" final-nix-config/etc/nixos/misc/networking.nix
|
||||
sed -i "s|TARGET_INTERFACE|${TARGET_INTERFACE}|g" final-nix-config/etc/nixos/misc/networking.nix
|
||||
sed -i "s|DOMAIN_NAME|${DOMAIN_NAME}|g" final-nix-config/etc/nixos/misc/mail.nix
|
||||
sed -i "s|EMAIL_ADDRESS|${EMAIL_ADDRESS}|g" final-nix-config/etc/nixos/misc/mail.nix
|
||||
sed -i "s|SENDER_MAIL_DOMAIN|${SENDER_EMAIL_DOMAIN}|g" final-nix-config/etc/nixos/misc/mail.nix
|
||||
sed -i "s|SENDER_MAIL_ADDRESS|${SENDER_EMAIL_ADDRESS}|g" final-nix-config/etc/nixos/misc/mail.nix
|
||||
sed -i "s|PODMAN_NETWORKS|${PODMAN_NETWORKS//$'\n'/\\n}|" final-nix-config/etc/nixos/misc/activation.nix
|
||||
sed -i "s|TRAEFIK_NETWORKS|${TRAEFIK_NETWORKS//$'\n'/\\n}|" final-nix-config/etc/nixos/podman/traefik.nix
|
||||
sed -i "s|TRAEFIK_REF_NETWORKS|${TRAEFIK_REF_NETWORKS//$'\n'/\\n}|" final-nix-config/etc/nixos/podman/traefik.nix
|
||||
envsubst '$HOME_SERVER_IP $HOME_ROUTER_IP $TARGET_INTERFACE' < final-nix-config/etc/nixos/misc/networking.nix > final-nix-config/etc/nixos/misc/networking.nix.tmp
|
||||
mv final-nix-config/etc/nixos/misc/networking.nix.tmp final-nix-config/etc/nixos/misc/networking.nix
|
||||
envsubst '$DOMAIN_NAME $EMAIL_ADDRESS $SENDER_EMAIL_DOMAIN $SENDER_EMAIL_ADDRESS' < final-nix-config/etc/nixos/misc/mail.nix > final-nix-config/etc/nixos/misc/mail.nix.tmp
|
||||
mv final-nix-config/etc/nixos/misc/mail.nix.tmp final-nix-config/etc/nixos/misc/mail.nix
|
||||
envsubst '$PODMAN_NETWORKS' < final-nix-config/etc/nixos/misc/activation.nix > final-nix-config/etc/nixos/misc/activation.nix.tmp
|
||||
mv final-nix-config/etc/nixos/misc/activation.nix.tmp final-nix-config/etc/nixos/misc/activation.nix
|
||||
envsubst '$TRAEFIK_NETWORKS $TRAEFIK_REF_NETWORKS' < final-nix-config/etc/nixos/podman/traefik.nix > final-nix-config/etc/nixos/podman/traefik.nix.tmp
|
||||
mv final-nix-config/etc/nixos/podman/traefik.nix.tmp final-nix-config/etc/nixos/podman/traefik.nix
|
||||
if [[ "${TARGET_TPM}" == "true" ]]; then
|
||||
sed -i "s|# boot.initrd.systemd.tpm2.enable = true;| boot.initrd.systemd.tpm2.enable = true;|" final-nix-config/etc/nixos/configuration.nix
|
||||
sed -i "s|# ./disks/pcr-check.nix| ./disks/pcr-check.nix|" final-nix-config/etc/nixos/configuration.nix
|
||||
|
||||
@@ -43,7 +43,7 @@
|
||||
exit 0
|
||||
fi
|
||||
|
||||
PODMAN_NETWORKS
|
||||
$PODMAN_NETWORKS
|
||||
|
||||
${pkgs.coreutils}/bin/mkdir -p /home/numbus-admin/.numbus-server/
|
||||
${pkgs.coreutils}/bin/touch /home/numbus-admin/.numbus-server/networked.true
|
||||
|
||||
@@ -11,22 +11,22 @@ in
|
||||
fromAddress = lib.mkOption {
|
||||
description = "The 'from' address";
|
||||
type = lib.types.str;
|
||||
default = "no-reply@DOMAIN_NAME";
|
||||
default = "no-reply@$DOMAIN_NAME";
|
||||
};
|
||||
toAddress = lib.mkOption {
|
||||
description = "The 'to' address";
|
||||
type = lib.types.str;
|
||||
default = "EMAIL_ADDRESS";
|
||||
default = "$EMAIL_ADDRESS";
|
||||
};
|
||||
smtpServer = lib.mkOption {
|
||||
description = "The SMTP server address";
|
||||
type = lib.types.str;
|
||||
default = "SENDER_MAIL_DOMAIN";
|
||||
default = "$SENDER_MAIL_DOMAIN";
|
||||
};
|
||||
smtpUsername = lib.mkOption {
|
||||
description = "The SMTP username";
|
||||
type = lib.types.str;
|
||||
default = "SENDER_MAIL_ADDRESS";
|
||||
default = "$SENDER_MAIL_ADDRESS";
|
||||
};
|
||||
smtpPasswordPath = lib.mkOption {
|
||||
description = "Path to the secret containing SMTP password";
|
||||
|
||||
@@ -11,15 +11,15 @@
|
||||
networking.firewall.enable = true;
|
||||
|
||||
# Bridge configuration for VMs
|
||||
networking.bridges.br0.interfaces = [ "TARGET_INTERFACE" ];
|
||||
networking.bridges.br0.interfaces = [ "$TARGET_INTERFACE" ];
|
||||
networking.interfaces.br0.useDHCP = false;
|
||||
networking.nameservers = [ "HOME_SERVER_IP" "9.9.9.9" ];
|
||||
networking.nameservers = [ "$HOME_SERVER_IP" "9.9.9.9" ];
|
||||
networking.interfaces.br0.ipv4.addresses = [{
|
||||
address = "HOME_SERVER_IP";
|
||||
address = "$HOME_SERVER_IP";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
networking.defaultGateway = {
|
||||
address = "HOME_ROUTER_IP";
|
||||
address = "$HOME_ROUTER_IP";
|
||||
interface = "br0";
|
||||
};
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@ in
|
||||
image: docker.io/library/traefik:latest
|
||||
container_name: traefik
|
||||
networks:
|
||||
TRAEFIK_NETWORKS
|
||||
$TRAEFIK_NETWORKS
|
||||
ports:
|
||||
- 8080:80
|
||||
- 8443:443
|
||||
@@ -39,7 +39,7 @@ TRAEFIK_NETWORKS
|
||||
- traefik.http.routers.traefik-https.tls.certresolver=cloudflare
|
||||
restart: always
|
||||
networks:
|
||||
TRAEFIK_REF_NETWORKS
|
||||
$TRAEFIK_REF_NETWORKS
|
||||
'';
|
||||
|
||||
systemd.services.traefik = {
|
||||
|
||||
Reference in New Issue
Block a user