From 827987d2018ce1a48697b10c039c3cf2ec0d1a19 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 23 Dec 2022 00:07:02 +0100 Subject: cleanup --- deploy_nixos | 1 - deploy_passwords | 4 +--- restic-summary | 9 --------- restic_summary | 9 +++++++++ sshtool | 17 +++++++++++++++-- 5 files changed, 25 insertions(+), 15 deletions(-) delete mode 100755 restic-summary create mode 100755 restic_summary diff --git a/deploy_nixos b/deploy_nixos index 4f8aa2a..2b4235a 100755 --- a/deploy_nixos +++ b/deploy_nixos @@ -11,7 +11,6 @@ if [ "$CLUSTER" = "staging" ]; then copy nix/nomad-driver-nix2.nix /etc/nixos/nomad-driver-nix2.nix fi - if [ "$CLUSTER" = "prod" ]; then cmd nixos-rebuild boot message "-------------------------------------------------------------------------------------" diff --git a/deploy_passwords b/deploy_passwords index 37c2143..3b21ff3 100755 --- a/deploy_passwords +++ b/deploy_passwords @@ -1,5 +1,3 @@ #!/usr/bin/env ./sshtool -write_pass deuxfleurs/cluster/$CLUSTER/passwords /root/deploy_tmp_passwords -cmd 'chpasswd -e < /root/deploy_tmp_passwords' -cmd rm /root/deploy_tmp_passwords +pipe_pass deuxfleurs/cluster/$CLUSTER/passwords "chpasswd -e" diff --git a/restic-summary b/restic-summary deleted file mode 100755 index 38e9433..0000000 --- a/restic-summary +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -for svc in dovecot consul plume cryptpad; do - export RESTIC_REPOSITORY=`pass deuxfleurs/backups/$svc/restic_repository` - export RESTIC_PASSWORD=`pass deuxfleurs/backups/$svc/restic_password` - export AWS_ACCESS_KEY_ID=`pass deuxfleurs/backups/$svc/aws_s3_access_key` - export AWS_SECRET_ACCESS_KEY=`pass deuxfleurs/backups/$svc/aws_s3_secret_key` - restic unlock - restic snapshots -done diff --git a/restic_summary b/restic_summary new file mode 100755 index 0000000..38e9433 --- /dev/null +++ b/restic_summary @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +for svc in dovecot consul plume cryptpad; do + export RESTIC_REPOSITORY=`pass deuxfleurs/backups/$svc/restic_repository` + export RESTIC_PASSWORD=`pass deuxfleurs/backups/$svc/restic_password` + export AWS_ACCESS_KEY_ID=`pass deuxfleurs/backups/$svc/aws_s3_access_key` + export AWS_SECRET_ACCESS_KEY=`pass deuxfleurs/backups/$svc/aws_s3_secret_key` + restic unlock + restic snapshots +done diff --git a/sshtool b/sshtool index 8719ffa..262f0e3 100755 --- a/sshtool +++ b/sshtool @@ -1,10 +1,11 @@ #!/usr/bin/env bash -cd $(dirname $0) - CMDFILE="$1" shift 1 +cd $(dirname $CMDFILE) +CMDFILE=./$(basename $CMDFILE) + CLUSTER="$1" if [ -z "$CLUSTER" ] || [ ! -d "cluster/$CLUSTER" ]; then echo "Usage: $CMDFILE " @@ -36,6 +37,7 @@ EOG chmod +x /tmp/deploytool_askpass export SUDO_ASKPASS=/tmp/deploytool_askpass sudo -A sh - <<'EOEVERYTHING' +set -e EOF } @@ -97,6 +99,17 @@ chmod 0600 $TO EOF } +function pipe_pass { + local PASSKEY=$1 + local CMD=$2 + cat < /dev/null +$(pass $PASSKEY | base64) +EOG +EOF +} + for NIXHOST in $NIXHOSTLIST; do NIXHOST=${NIXHOST%.*} -- cgit v1.2.3