diff options
-rwxr-xr-x | nixops/scripts/setup | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/nixops/scripts/setup b/nixops/scripts/setup index 758cc34..929b27a 100755 --- a/nixops/scripts/setup +++ b/nixops/scripts/setup | |||
@@ -14,6 +14,13 @@ if ! which nix 2>/dev/null >/dev/null; then | |||
14 | exit 1 | 14 | exit 1 |
15 | fi | 15 | fi |
16 | 16 | ||
17 | if [ "${NIX_STORE:-/nix/store}" != "/nix/store" ]; then | ||
18 | cat <<-EOF | ||
19 | Nix store outside of /nix/store is not supported | ||
20 | EOF | ||
21 | exit 1 | ||
22 | fi | ||
23 | |||
17 | if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" \ | 24 | if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" \ |
18 | -o -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then | 25 | -o -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then |
19 | cat <<-EOF | 26 | cat <<-EOF |
@@ -45,6 +52,13 @@ if ! pass $NIXOPS_CONFIG_PASS_SUBTREE_PATH > /dev/null 2>/dev/null; then | |||
45 | fi | 52 | fi |
46 | fi | 53 | fi |
47 | 54 | ||
55 | nix_group=$(stat -c %G /nix/store) | ||
56 | if [ "$nix_group" = "nixbld" ]; then | ||
57 | nix_user="nixbld1" | ||
58 | else | ||
59 | nix_user="$(stat -c %U /nix/store)" | ||
60 | fi | ||
61 | |||
48 | if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then | 62 | if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then |
49 | cat <<-EOF | 63 | cat <<-EOF |
50 | The key to access private git repositories (websites hosted by the | 64 | The key to access private git repositories (websites hosted by the |
@@ -53,13 +67,13 @@ if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then | |||
53 | > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null | 67 | > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null |
54 | > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null | 68 | > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null |
55 | > sudo chmod u=r,go-rwx /etc/ssh/ssh_rsa_key_nixops | 69 | > sudo chmod u=r,go-rwx /etc/ssh/ssh_rsa_key_nixops |
56 | > sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub | 70 | > sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub |
57 | Continue? [y/N] | 71 | Continue? [y/N] |
58 | EOF | 72 | EOF |
59 | read y | 73 | read y |
60 | if [ "$y" = "y" -o "$y" = "Y" ]; then | 74 | if [ "$y" = "y" -o "$y" = "Y" ]; then |
61 | if ! id -u nixbld1 2>/dev/null >/dev/null; then | 75 | if ! id -u $nix_user 2>/dev/null >/dev/null; then |
62 | echo "User nixbld1 seems inexistant, did you install nix?" | 76 | echo "User $nix_user seems inexistant, did you install nix?" |
63 | exit 1 | 77 | exit 1 |
64 | fi | 78 | fi |
65 | mask=$(umask) | 79 | mask=$(umask) |
@@ -71,7 +85,7 @@ if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then | |||
71 | pubkey=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub) | 85 | pubkey=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub) |
72 | echo "$pubkey" | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null | 86 | echo "$pubkey" | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null |
73 | sudo chmod a=r /etc/ssh/ssh_rsa_key_nixops.pub | 87 | sudo chmod a=r /etc/ssh/ssh_rsa_key_nixops.pub |
74 | sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub | 88 | sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub |
75 | umask $mask | 89 | umask $mask |
76 | else | 90 | else |
77 | echo "Aborting" | 91 | echo "Aborting" |