Write secrets to host
This commit is contained in:
Raphaël Numbus
@@ -93,7 +93,7 @@ necessary_credentials_with_config() {
|
||||
local MISSING=0
|
||||
for VAR in "${NECESSARY_VARIABLES_LIST[@]}"; do
|
||||
if [[ -v "${VAR}" && -n "${!VAR}" ]]; then
|
||||
gum spin --title "✅ "${VAR}" imported successfully from the config file" -- sleep 0.2
|
||||
gum spin --title "✅ "${VAR}" imported successfully from the config file" -- sleep 0.1
|
||||
else
|
||||
gum spin --title "❌ "${VAR}" is missing or empty" -- sleep 1
|
||||
MISSING=1
|
||||
@@ -562,12 +562,18 @@ EOF
|
||||
PASS="$(xkcdpass -d "-")"
|
||||
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/boot-disk-${i}"
|
||||
chmod 600 "final-nix-config/etc/secrets/disks/boot-disk-${i}"
|
||||
ssh_to_host 'bash -s' << EOF
|
||||
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/boot-disk-${i}"
|
||||
EOF
|
||||
done
|
||||
if [[ "$CONTENT_DISK_NUMBER" -gt 0 ]]; then
|
||||
for i in $(seq 1 "$CONTENT_DISK_NUMBER"); do
|
||||
PASS="$(xkcdpass -d "-")"
|
||||
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/content-disk-${i}"
|
||||
chmod 600 "final-nix-config/etc/secrets/disks/content-disk-${i}"
|
||||
ssh_to_host 'bash -s' << EOF
|
||||
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/content-disk-${i}"
|
||||
EOF
|
||||
done
|
||||
fi
|
||||
if [[ "$PARITY_DISK_NUMBER" -gt 0 ]]; then
|
||||
@@ -575,6 +581,9 @@ EOF
|
||||
PASS="$(xkcdpass -d "-")"
|
||||
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/parity-disk-${i}"
|
||||
chmod 600 "final-nix-config/etc/secrets/disks/parity-disk-${i}"
|
||||
ssh_to_host 'bash -s' << EOF
|
||||
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/parity-disk-${i}"
|
||||
EOF
|
||||
done
|
||||
fi
|
||||
### Generate unlock keys <--
|
||||
|
||||
Reference in New Issue
Block a user