From df6dc0852edb79874314c4cd0f303a19340034ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 19 Apr 2019 15:29:52 +0200 Subject: Improve the setup script a bit --- nixops/scripts/setup | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/nixops/scripts/setup b/nixops/scripts/setup index 758cc34..929b27a 100755 --- a/nixops/scripts/setup +++ b/nixops/scripts/setup @@ -14,6 +14,13 @@ if ! which nix 2>/dev/null >/dev/null; then exit 1 fi +if [ "${NIX_STORE:-/nix/store}" != "/nix/store" ]; then + cat <<-EOF + Nix store outside of /nix/store is not supported + EOF + exit 1 +fi + if [ -z "$NIXOPS_CONFIG_PASS_SUBTREE_REMOTE" \ -o -z "$NIXOPS_CONFIG_PASS_SUBTREE_PATH" ]; then cat <<-EOF @@ -45,6 +52,13 @@ if ! pass $NIXOPS_CONFIG_PASS_SUBTREE_PATH > /dev/null 2>/dev/null; then fi fi +nix_group=$(stat -c %G /nix/store) +if [ "$nix_group" = "nixbld" ]; then + nix_user="nixbld1" +else + nix_user="$(stat -c %U /nix/store)" +fi + if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then cat <<-EOF The key to access private git repositories (websites hosted by the @@ -53,13 +67,13 @@ if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey | sudo tee /etc/ssh/ssh_rsa_key_nixops > /dev/null > pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null > sudo chmod u=r,go-rwx /etc/ssh/ssh_rsa_key_nixops - > sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub + > sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub Continue? [y/N] EOF read y if [ "$y" = "y" -o "$y" = "Y" ]; then - if ! id -u nixbld1 2>/dev/null >/dev/null; then - echo "User nixbld1 seems inexistant, did you install nix?" + if ! id -u $nix_user 2>/dev/null >/dev/null; then + echo "User $nix_user seems inexistant, did you install nix?" exit 1 fi mask=$(umask) @@ -71,7 +85,7 @@ if [ ! -f /etc/ssh/ssh_rsa_key_nixops ]; then pubkey=$(pass show $NIXOPS_CONFIG_PASS_SUBTREE_PATH/Nixops/SshKey.pub) echo "$pubkey" | sudo tee /etc/ssh/ssh_rsa_key_nixops.pub > /dev/null sudo chmod a=r /etc/ssh/ssh_rsa_key_nixops.pub - sudo chown nixbld1:nixbld /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub + sudo chown $nix_user:$nix_group /etc/ssh/ssh_rsa_key_nixops /etc/ssh/ssh_rsa_key_nixops.pub umask $mask else echo "Aborting" -- cgit v1.2.3