numbus/numbus-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TEST

Browse Source
This commit is contained in:
Raphael Numbus
2025-12-06 18:49:33 +01:00
parent 0c07311b0d
commit 1b675ac0f9
2 changed files with 35 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy.sh
Executable → Regular
+4 -10
View File
@@ -149,6 +149,7 @@ services_selection() {
files_generation() {
echo -e "\n\n ✅ Generating necessary folder tree..."
mkdir -p extra-files/run/secrets/disks/
mkdir -p extra-files/var/lib/sops-nix/
mkdir -p extra-files/etc/nixos/secrets/
mkdir -p extra-files/mnt/config-storage/traefik/config/conf/
@@ -185,6 +186,9 @@ files_generation() {
export PARITY_DISK_3_KEY="$(openssl rand -base64 10 | tr -d '\=+/ ')"
export BOOT_DISK_1_KEY="$(openssl rand -base64 10 | tr -d '\=+/ ')"
export BOOT_DISK_2_KEY="$(openssl rand -base64 10 | tr -d '\=+/ ')"
for i in {1..6}; do echo -n "${!DATA_DISK_${i}_KEY}" > "extra-files/run/secrets/disks/data-disk-$i"; done
for i in {1..3}; do echo -n "${!PARITY_DISK_${i}_KEY}" > "extra-files/run/secrets/disks/parity-disk-$i"; done
for i in {1..2}; do echo -n "${!BOOT_DISK_${i}_KEY}" > "extra-files/run/secrets/disks/boot-disk-$i"; done
echo "$REMOTE_PASS" | ssh_to_host """
sudo -S mkdir -p /run/secrets/disks/
@@ -200,16 +204,6 @@ files_generation() {
echo -n $BOOT_DISK_1_KEY | sudo -S tee /run/secrets/disks/boot-disk-1 > /dev/null
echo -n $BOOT_DISK_2_KEY | sudo -S tee /run/secrets/disks/boot-disk-2 > /dev/null
"""
mkdir -p extra-files/run/secrets/disks/
echo -n $DATA_DISK_1_KEY > extra-files/run/secrets/disks/data-disk-1
echo -n $DATA_DISK_2_KEY > extra-files/run/secrets/disks/data-disk-2
echo -n $DATA_DISK_3_KEY > extra-files/run/secrets/disks/data-disk-3
echo -n $DATA_DISK_4_KEY > extra-files/run/secrets/disks/data-disk-4
echo -n $DATA_DISK_5_KEY > extra-files/run/secrets/disks/data-disk-5
echo -n $DATA_DISK_6_KEY > extra-files/run/secrets/disks/data-disk-6
echo -n $PARITY_DISK_1_KEY > extra-files/run/secrets/disks/parity-disk-1
echo -n $PARITY_DISK_2_KEY > extra-files/run/secrets/disks/parity-disk-2
echo -n $PARITY_DISK_3_KEY > extra-files/run/secrets/disks/parity-disk-3
echo -e "\n ✅ Encrypting secrets in the correct file..."
envsubst < "config-files/sops-nix/secrets.yaml" | sops encrypt --filename-override secrets.yaml \