Fixed permissions and variable error.
This commit is contained in:
parent
6896bef214
commit
46b811b42c
11 changed files with 17 additions and 6 deletions
|
@ -1,3 +1,3 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
/mnt/s3-private
|
/mnt/s3-private
|
||||||
{{- end -}}
|
{{- end -}}
|
|
@ -1,3 +1,3 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
/mnt/s3-public
|
/mnt/s3-public
|
||||||
{{- end -}}
|
{{- end -}}
|
|
@ -1,3 +1,3 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
{{ .host.home }}/.local/mnt/s3
|
{{ .host.home }}/.local/mnt/s3
|
||||||
{{- end -}}
|
{{- end -}}
|
|
@ -1,4 +1,4 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
|
CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
[docker]
|
[docker]
|
||||||
access_key_id = {{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID")) }}{{ includeTemplate "secrets/CLOUDFLARE_R2_ID" | decrypt }}{{ else }}{{ env "CLOUDFLARE_R2_ID" }}{{ end }}
|
access_key_id = {{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID")) }}{{ includeTemplate "secrets/CLOUDFLARE_R2_ID" | decrypt }}{{ else }}{{ env "CLOUDFLARE_R2_ID" }}{{ end }}
|
||||||
acl = private
|
acl = private
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET)) (ne .user.cloudflare.r2 "") -}}
|
{{- if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_ID"))) (env "CLOUDFLARE_R2_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_R2_SECRET"))) (env "CLOUDFLARE_R2_SECRET")) (ne .user.cloudflare.r2 "") -}}
|
||||||
[private]
|
[private]
|
||||||
type = s3
|
type = s3
|
||||||
provider = Cloudflare
|
provider = Cloudflare
|
||||||
|
|
|
@ -6,10 +6,19 @@
|
||||||
|
|
||||||
logg info 'Decrypting SSH keys stored in the `home/.chezmoitemplates/ssh` folder of the Install Doctor repo / fork.'
|
logg info 'Decrypting SSH keys stored in the `home/.chezmoitemplates/ssh` folder of the Install Doctor repo / fork.'
|
||||||
find "{{ .chezmoi.sourceDir }}/home/.chezmoitemplates/ssh" -type f | while read SSH_FILE; do
|
find "{{ .chezmoi.sourceDir }}/home/.chezmoitemplates/ssh" -type f | while read SSH_FILE; do
|
||||||
|
### Decrypt SSH file with Chezmoi
|
||||||
logg info 'Decrypting the $(basename "$SSH_FILE") encrypted SSH file'
|
logg info 'Decrypting the $(basename "$SSH_FILE") encrypted SSH file'
|
||||||
chezmoi decrypt "$SSH_FILE" > "$HOME/.ssh/$(basename "$SSH_FILE")" || EXIT_CODE=$?
|
chezmoi decrypt "$SSH_FILE" > "$HOME/.ssh/$(basename "$SSH_FILE")" || EXIT_CODE=$?
|
||||||
|
|
||||||
|
### Handle failed decryption with warning log message
|
||||||
if [ -n "$EXIT_CODE" ]; then
|
if [ -n "$EXIT_CODE" ]; then
|
||||||
logg warn "Unable to decrypt the file stored in $SSH_FILE"
|
logg warn "Unable to decrypt the file stored in $SSH_FILE"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
### Apply appropriate permission to decrypted ~/.ssh file
|
||||||
|
if [ -f "$HOME/.ssh/$(basename "$SSH_FILE")" ]; then
|
||||||
|
logg info "Applying appropriate permissions on $HOME/.ssh/$(basename "$SSH_FILE")"
|
||||||
|
chmod 600 "$HOME/.ssh/$(basename "$SSH_FILE")"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
|
|
|
@ -7,4 +7,5 @@
|
||||||
if [ ! -f "$HOME/.ssh/id_rsa" ]; then
|
if [ ! -f "$HOME/.ssh/id_rsa" ]; then
|
||||||
logg 'Generating missing default private key / public key (`~/.ssh/id_rsa`)'
|
logg 'Generating missing default private key / public key (`~/.ssh/id_rsa`)'
|
||||||
ssh-keygen -b 4096 -t rsa -f "$HOME/.ssh/id_rsa" -q -N ""
|
ssh-keygen -b 4096 -t rsa -f "$HOME/.ssh/id_rsa" -q -N ""
|
||||||
|
chmod 600 "$HOME/.ssh/id_rsa"
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -16,5 +16,6 @@ find "$HOME/.ssh" -type f | while read FILE; do
|
||||||
if [ ! -f "${FILE}.pub" ]; then
|
if [ ! -f "${FILE}.pub" ]; then
|
||||||
logg info 'Generating missing public key for `'"$FILE"'`'
|
logg info 'Generating missing public key for `'"$FILE"'`'
|
||||||
ssh-keygen -f "$FILE" -y > "${FILE}.pub"
|
ssh-keygen -f "$FILE" -y > "${FILE}.pub"
|
||||||
|
chmod 600 "${FILE}.pub"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
Loading…
Reference in a new issue