+++ /dev/null
-#!/bin/bash
-
-RemoteRepo="gitolite@git.immae.eu:perso/Immae/Prive/Password_store/Mes_Sites/Paul"
-
-if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" \
- -o -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then
- cat <<-EOF
-Two environment variables are needed to setup the password store:
-NIXOPS_CONFIG_PASS_SUBTREE_PATH : path where the subtree will be imported
-NIXOPS_CONFIG_PASS_SUBTREE_REMOTE : remote name to give to the repository
-EOF
- exit 1
-fi
-
-if ! pass $NIXOPS_CONFIG_PASS_SUBTREE_PATH > /dev/null 2>/dev/null; then
- cat <<-EOF
-/!\ This will modify your password store to add and import a subtree
-with the specific passwords files. Choose a path that doesn’t exist
-yet in your password store.
-> pass git remote add $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE $RemoteRepo
-> pass git subtree add --prefix=$NIXOPS_CONFIG_PASS_SUBTREE_PATH $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE master
-Later, you can use pull_environment and push_environment scripts to
-update the passwords when needed
-Continue? [y/N]
-EOF
- read y
- if [ "$y" = "y" -o "$y" = "Y" ]; then
- pass git remote add $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE $RemoteRepo
- pass git subtree add --prefix=$NIXOPS_CONFIG_PASS_SUBTREE_PATH $NIXOPS_CONFIG_PASS_SUBTREE_REMOTE master
- else
- echo "Aborting"
- exit 1
- fi
-fi
-
-if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then
- cat <<EOF
-The key to access private git repositories (websites hosted by the
-server) needs to be accessible to nix builders. It will be put in
-/etc/ssh/ssh_rsa_key_nixops (sudo right is needed for that)
-> pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/NixSshKey | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null
-> pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/NixSshKey.pub | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null
-> sudo chmod u=r,go-rwx /etc/ssh/ssh_rsa_key_nixops
-> sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub
-Continue? [y/N]
-EOF
- read y
- if [ "$y" = "y" -o "$y" = "Y" ]; then
- if ! id -u nixbld1 2>/dev/null >/dev/null; then
- echo "User nixbld1 seems inexistant, did you install nix?"
- exit 1
- fi
- mask=$(umask)
- umask 0777
- # Don’t forward it directly to tee, it would break ncurse pinentry
- key=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/NixSshKey)
- echo "$key" | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null
- sudo chmod u=r,go=- /etc/ssh/ssh_rsa_key_nixops
- pubkey=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/NixSshKey.pub)
- echo "$pubkey" | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null
- sudo chmod a=r /etc/ssh/ssh_rsa_key_nixops.pub
- sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub
- umask $mask
- else
- echo "Aborting"
- exit 1
- fi
-fi
-
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-nix_config="ssh-config-file=$(dirname $DIR)/ssh/config"
-if echo "$NIX_PATH" | grep -q "$nix_config"; then
- cat <<EOF
-All set up
-EOF
-else
-cat <<EOF
-All set up, please add
-ssh-config-file=$(dirname $DIR)/ssh/config
-to your NIX_PATH environment variable (colon-separated)
-EOF
-fi
projects / perso / Immae / Config / Nix.git / blobdiff