Fixed unwanted apparent outputs. Fixed cp bad path.
This commit is contained in:
Raphaël Numbus
@@ -58,32 +58,32 @@ necessary_credentials() {
|
||||
local SSH_KEY_REGEX='^ssh-[a-z0-9]+ [A-Za-z0-9+/]+.*'
|
||||
|
||||
#TARGET SETTINGS
|
||||
user_input "TARGET_HOST" "➡️ Please provide the IP address of the target host :" "192.168.1.100" "${IP_REGEX}" "Invalid IP address format."
|
||||
user_input "REMOTE_PASS" "➡️ Please enter the password for '${TARGET_USER}@${TARGET_HOST}' :" "${TARGET_HOST}'s password" "" "" "true"
|
||||
user_input "SSH_PUBLIC_KEY" "➡️ Please provide the public SSH key of an authorized device :" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhcYDmjMo5YApLkk/3P3HZCnOSzm0uYewNAbxL8Fci8 user@your-pc" "${SSH_KEY_REGEX}" "Invalid SSH key format (must start with ssh-...)." "true"
|
||||
user_input "TARGET_HOST" "➡️ Please provide the IP address of the target host :" "192.168.1.100" "${IP_REGEX}" "Invalid IP address format."
|
||||
user_input "REMOTE_PASS" "➡️ Please enter the password for '${TARGET_USER}@${TARGET_HOST}' :" "${TARGET_HOST}'s password" "" "" "true"
|
||||
user_input "SSH_PUBLIC_KEY" "➡️ Please provide the public SSH key of an authorized device :" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhcYDmjMo5YApLkk/3P3HZCnOSzm0uYewNAbxL8Fci8 user@your-pc" "${SSH_KEY_REGEX}" "Invalid SSH key format (must start with ssh-...)." "true"
|
||||
|
||||
# TRAEFIK SETTINGS
|
||||
user_input "DOMAIN_NAME" "➡️ Please provide the domain name (FQDN) your home server will use :" "yourdomain.com" "${DOMAIN_REGEX}" "Invalid domain name format."
|
||||
user_input "EMAIL_ADDRESS" "➡️ Please provide a valid email address (will be used for ACME, and your services) :" "myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
|
||||
user_input "CF_DNS_API_TOKEN" "➡️ Please provide a cloudflare API token with DNS zone permission :" "bA7hdvCOuXGytlNKohi3ZGtlVpf5CHpLuCMiJrE" "" "" "true"
|
||||
user_input "DOMAIN_NAME" "➡️ Please provide the domain name (FQDN) your home server will use :" "yourdomain.com" "${DOMAIN_REGEX}" "Invalid domain name format."
|
||||
user_input "EMAIL_ADDRESS" "➡️ Please provide a valid email address (will be used for ACME, and your services) :" "myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
|
||||
user_input "CF_DNS_API_TOKEN" "➡️ Please provide a cloudflare API token with DNS zone permission :" "bA7hdvCOuXGytlNKohi3ZGtlVpf5CHpLuCMiJrE" "" "" "true"
|
||||
|
||||
# SMTP SETTINGS
|
||||
echo -e "\n\n➡️ Some services will be able to send you emails. For that you need an email that supports sending emails (like Gmail for example)."
|
||||
user_input "SENDER_EMAIL_ADDRESS" "➡️ Please provide a valid sender email address :" "myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
|
||||
user_input "SENDER_EMAIL_ADDRESS_PASSWORD" "➡️ Please provide the password of this email address :" "abcd efgh ijkl mnop" "" "" "true"
|
||||
user_input "SENDER_EMAIL_DOMAIN" "➡️ Please provide the SMTP server endpoint :" "smtp.gmail.com" "${DOMAIN_REGEX}" "Invalid domain name format."
|
||||
user_input "SENDER_EMAIL_PORT" "➡️ Please provide the smtp TLS port (for gmail : 587) :" "587" "${PORT_REGEX}" "Invalid port number."
|
||||
echo -e "\n\n➡️ Some services will be able to send you emails. For that you need an email that supports sending emails (like Gmail for example).\n"
|
||||
user_input "SENDER_EMAIL_ADDRESS" "➡️ Please provide a valid sender email address :" "myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
|
||||
user_input "SENDER_EMAIL_ADDRESS_PASSWORD" "➡️ Please provide the password of this email address :" "abcd efgh ijkl mnop" "" "" "true"
|
||||
user_input "SENDER_EMAIL_DOMAIN" "➡️ Please provide the SMTP server endpoint :" "smtp.gmail.com" "${DOMAIN_REGEX}" "Invalid domain name format."
|
||||
user_input "SENDER_EMAIL_PORT" "➡️ Please provide the smtp TLS port (for gmail : 587) :" "587" "${PORT_REGEX}" "Invalid port number."
|
||||
|
||||
# NETWORK SETTINGS
|
||||
user_input "HOME_ROUTER_SUBNET" "➡️ Please provide your home network subnet :" "192.168.1.0/24" "${SUBNET_REGEX}" "Invalid subnet format (e.g. 192.168.1.1/24)."
|
||||
user_input "HOME_ROUTER_IP" "➡️ Please provide the ip address of your router :" "192.168.1.1" "${IP_REGEX}" "Invalid IP address format."
|
||||
user_input "HOME_SERVER_IP" "➡️ Please choose the ip address that your server will use (i.e. any address in the 192.168.1.1/24 range that is not in use.) :" "192.168.1.5" "${IP_REGEX}" "Invalid IP address format."
|
||||
user_input "HOME_ROUTER_SUBNET" "➡️ Please provide your home network subnet :" "192.168.1.0/24" "${SUBNET_REGEX}" "Invalid subnet format (e.g. 192.168.1.1/24)."
|
||||
user_input "HOME_ROUTER_IP" "➡️ Please provide the ip address of your router :" "192.168.1.1" "${IP_REGEX}" "Invalid IP address format."
|
||||
user_input "HOME_SERVER_IP" "➡️ Please choose the ip address that your server will use (i.e. any address in the 192.168.1.1/24 range that is not in use.) :" "192.168.1.5" "${IP_REGEX}" "Invalid IP address format."
|
||||
}
|
||||
|
||||
|
||||
|
||||
necessary_credentials_with_config() {
|
||||
echo -e "\n\n➡️ Please choose your configuration file :"
|
||||
echo -e "\n\n➡️ Please choose your configuration file :"
|
||||
local CONFIG_PATH="$(gum file)"
|
||||
|
||||
source "${CONFIG_PATH}"
|
||||
@@ -162,7 +162,7 @@ hardware_detection() {
|
||||
|
||||
ssh_to_host 'bash -s' << SSHEND
|
||||
for brand in Intel AMD NVIDIA; do
|
||||
if lspci -nn | grep -i "vga" | grep -iq "\${brand}"; then
|
||||
if lspci -nn 2>/dev/null | grep -i "vga" | grep -iq "\${brand}"; then
|
||||
TARGET_GRAPHICS="true"
|
||||
TARGET_GRAPHICS_BRAND+=("\${brand}")
|
||||
else
|
||||
@@ -170,10 +170,10 @@ for brand in Intel AMD NVIDIA; do
|
||||
fi
|
||||
done
|
||||
|
||||
ls /dev/dri/ | grep -iq "renderD128" && TARGET_GRAPHICS_RENDERER="true" || TARGET_GRAPHICS_RENDERER="false"
|
||||
lsusb | grep -iq "google" && TARGET_USB_CORAL="true" || TARGET_USB_CORAL="false"
|
||||
lspci -nn | grep -iq "089a" && TARGET_PCIE_CORAL="true" || TARGET_PCIE_CORAL="false"
|
||||
ls /dev/serial/by-id/ | grep -i "zigbee" && TARGET_ZIGBEE_DEVICE=\$(ls /dev/serial/by-id/ | grep -i "zigbee" | head -n 1) || TARGET_ZIGBEE_DEVICE=""
|
||||
ls /dev/dri/ 2>/dev/null | grep -iq "renderD128" && TARGET_GRAPHICS_RENDERER="true" || TARGET_GRAPHICS_RENDERER="false"
|
||||
lsusb 2>/dev/null | grep -iq "google" && TARGET_USB_CORAL="true" || TARGET_USB_CORAL="false"
|
||||
lspci -nn 2>/dev/null | grep -iq "089a" && TARGET_PCIE_CORAL="true" || TARGET_PCIE_CORAL="false"
|
||||
ls /dev/serial/by-id/ 2>/dev/null | grep -i "zigbee" && TARGET_ZIGBEE_DEVICE=\$(ls /dev/serial/by-id/ 2>/dev/null | grep -i "zigbee" | head -n 1) || TARGET_ZIGBEE_DEVICE=""
|
||||
|
||||
for var in TARGET_GRAPHICS TARGET_GRAPHICS_BRAND TARGET_GRAPHICS_RENDERER TARGET_USB_CORAL TARGET_PCIE_CORAL TARGET_ZIGBEE_DEVICE; do
|
||||
echo "export \${var}=\${!var}" >> "${TMPFILE}"
|
||||
@@ -185,7 +185,6 @@ SSHEND
|
||||
source "${TMPFILE}" && rm "${TMPFILE}"
|
||||
|
||||
### --> Generate hardware-configuration.nix
|
||||
echo -e "\n\n 🔎 Generating hardware-configuration.nix from target host..."
|
||||
if ssh_to_host "sudo nixos-generate-config --no-filesystems --show-hardware-config" > final-nix-config/etc/nixos/hardware-configuration.nix; then
|
||||
echo -e "✅ Hardware configuration generated"
|
||||
else
|
||||
@@ -196,7 +195,7 @@ SSHEND
|
||||
}
|
||||
|
||||
services_selection() {
|
||||
echo -e "\n\n➡️ You will now select the services you want installed on your server:"
|
||||
echo -e "\n\n➡️ You will now select the services you want installed on your server:"
|
||||
|
||||
local AVAILABLE_SERVICES=( "frigate" "gitea" "home-assistant" "immich" "it-tools" \
|
||||
"nextcloud" "passbolt" "pi-hole" )
|
||||
@@ -235,7 +234,7 @@ files_generation() {
|
||||
}
|
||||
|
||||
echo -e "\n✅ Copying the configuration to the new machine..."
|
||||
cp -avu templates/final-nix-config/etc/nixos/configuration.nix final-nix-config/etc/nixos/
|
||||
cp -avu templates/nix-config/configuration.nix final-nix-config/etc/nixos/
|
||||
cp -avu templates/nix-config/flake.nix final-nix-config/etc/nixos/
|
||||
|
||||
echo -e "\n✅ Generating sops-nix keys..."
|
||||
@@ -638,7 +637,7 @@ postrun_action() {
|
||||
|
||||
gum spin --title "Rebooting the remote..." -- sleep 120
|
||||
|
||||
gum confirm "➡️ Select 'yes' once the machine rebooted and you unlocked the disks." || { echo -e "\n\n❌ Aborting as requested."; exit 1; }
|
||||
gum confirm "➡️ Select 'yes' once the machine rebooted and you unlocked the disks." || { echo -e "\n\n❌ Aborting as requested."; exit 1; }
|
||||
|
||||
gum spin --title "\n\n🔄 Waiting for the server to boot up..." --auto << EOF
|
||||
while FOUND="false"; do
|
||||
@@ -678,7 +677,7 @@ You will almost never user it. Consider using a very strong password : you can w
|
||||
securely on a hidden sheet of paper or add it to your password manager (local with Passbolt \
|
||||
any other online password manager provider.)."
|
||||
|
||||
gum confirm "➡️ I understand, 'yes' to proceed." || { echo -e "\n\n❌ Aborting as requested."; exit 1; }
|
||||
gum confirm "➡️ I understand, 'yes' to proceed." || { echo -e "\n\n❌ Aborting as requested."; exit 1; }
|
||||
|
||||
echo $REMOTE_PASS | sudo -S passwd numbus-admin
|
||||
}
|
||||
@@ -736,8 +735,8 @@ ACTION_ANSWER=$(gum choose "[1] 🌐 Deploy NixOS on a remote machine" "[2] 💽
|
||||
TARGET_USER="nixos"
|
||||
|
||||
if [[ "$ACTION_ANSWER" == "[1] 🌐 Deploy NixOS on a remote machine" ]]; then
|
||||
echo -e "\n➡️ Proceeding with deployment…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : start the computer and boot into the NixOS iso.
|
||||
echo -e "\n➡️ Proceeding with deployment…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : start the computer and boot into the NixOS iso.
|
||||
Launch a console and set up a new user password"
|
||||
gum confirm "Do you understand and wish to proceed?" || { echo "❌ Aborting as requested"; exit 1; }
|
||||
necessary_credentials
|
||||
@@ -755,8 +754,8 @@ if [[ "$ACTION_ANSWER" == "[1] 🌐 Deploy NixOS on a remote machine" ]]; then
|
||||
postrun_action
|
||||
congrats
|
||||
elif [[ "$ACTION_ANSWER" == "[2] 💽 Deploy NixOS on a remote machine with a file configuration" ]]; then
|
||||
echo -e "\n➡️ Proceeding with deployment using a config file…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : start the computer and boot into the NixOS iso.
|
||||
echo -e "\n➡️ Proceeding with deployment using a config file…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : start the computer and boot into the NixOS iso.
|
||||
Launch a console and set up a new user password"
|
||||
gum confirm "Do you understand and wish to proceed?" || { echo "❌ Aborting as requested"; exit 1; }
|
||||
necessary_credentials_with_config
|
||||
@@ -774,8 +773,8 @@ elif [[ "$ACTION_ANSWER" == "[2] 💽 Deploy NixOS on a remote machine with a fi
|
||||
postrun_action
|
||||
congrats
|
||||
elif [[ "$ACTION_ANSWER" == "[3] 🛠️ Update a NixOS remote machine" ]]; then
|
||||
echo -e "\n➡️ Proceeding with update…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : make sure the NixOS installation you want
|
||||
echo -e "\n➡️ Proceeding with update…"
|
||||
gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "➡️ On the target host : make sure the NixOS installation you want
|
||||
to update is up-and-running, accessible with SSH"
|
||||
gum confirm "Do you understand and wish to proceed?" || { echo "❌ Aborting as requested."; exit 1; }
|
||||
nixos_update
|
||||
|
||||
Reference in New Issue
Block a user