manage wesher key with pass

author: Alex Auvolat <alex@adnab.me> 2022-04-20 14:14:15 +0200
committer: Alex Auvolat <alex@adnab.me> 2022-04-20 14:14:15 +0200
commit: a8717f9bf5dbc9b102d872678f4e5d3d2790a408 (patch)
tree: 3cbee336ec67f9a1758de462480a8eccce3e0342 /sshtool
parent: d056b385d71d5b33165ab87cbedffb243d168c8a (diff)
download: nixcfg-a8717f9bf5dbc9b102d872678f4e5d3d2790a408.tar.gz
nixcfg-a8717f9bf5dbc9b102d872678f4e5d3d2790a408.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/sshtool b/sshtool
index b5de384..1396c87 100755
--- a/sshtool
+++ b/sshtool
@@ -81,6 +81,19 @@ chmod 0600 $TO
 EOF
 }
 
+function write_pass {
+	local PASSKEY=$1
+	local TO=$2
+	cat <<EOF
+echo '- write secret $TO from pass $PASSKEY'
+base64 -d <<EOG | tee $TO > /dev/null
+$(pass $PASSKEY | base64)
+EOG
+chown root:root $TO
+chmod 0600 $TO
+EOF
+}
+
 for NIXHOST in $NIXHOSTLIST; do
 	NIXHOST=${NIXHOST%.*}
author	Alex Auvolat <alex@adnab.me>	2022-04-20 14:14:15 +0200
committer	Alex Auvolat <alex@adnab.me>	2022-04-20 14:14:15 +0200
commit	a8717f9bf5dbc9b102d872678f4e5d3d2790a408 (patch)
tree	3cbee336ec67f9a1758de462480a8eccce3e0342 /sshtool
parent	d056b385d71d5b33165ab87cbedffb243d168c8a (diff)
download	nixcfg-a8717f9bf5dbc9b102d872678f4e5d3d2790a408.tar.gz nixcfg-a8717f9bf5dbc9b102d872678f4e5d3d2790a408.zip