a2748ba201
- /home/dot_config/nvim-custom/run_onchanges_after_symlink-custom.tmpl - /home/dot_local/bin/run_onchange_ensure-executable.tmpl - /home/dot_local/share/ansible/run_onchange_after_symlink-ansible-configs.tmpl - /home/Library/Fonts/run_onchange_after_add-fonts.tmpl - /home/private_dot_ssh/fail2ban/run_onchange_after_fail2ban.tmpl - /home/private_dot_ssh/system/run_onchange_after_sshd.tmpl - /home/private_dot_ssh/endlessh/run_onchange_after_endlessh.tmpl - /home/private_dot_ssh/run_onchanges_after_decrypt-ssh-keys.tmpl - /home/private_dot_ssh/run_onchanges_after_ensure-private-key.tmpl - /home/private_dot_ssh/run_onchanges_after_generate-public-keys.tmpl - /home/.chezmoiscripts/run_onchanges_after_symlink-custom.tmpl - /home/.chezmoiscripts/run_onchange_ensure-executable.tmpl - /home/.chezmoiscripts/run_onchange_after_symlink-ansible-configs.tmpl - /home/.chezmoiscripts/run_onchange_after_add-fonts.tmpl - /home/.chezmoiscripts/run_onchange_after_fail2ban.tmpl - /home/.chezmoiscripts/run_onchange_after_sshd.tmpl - /home/.chezmoiscripts/run_onchange_after_endlessh.tmpl - /home/.chezmoiscripts/run_onchanges_after_decrypt-ssh-keys.tmpl - /home/.chezmoiscripts/run_onchanges_after_ensure-private-key.tmpl - /home/.chezmoiscripts/run_onchanges_after_generate-public-keys.tmpl
25 lines
1 KiB
Cheetah
25 lines
1 KiB
Cheetah
{{- if (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) -}}
|
|
#!/usr/bin/env bash
|
|
|
|
{{ includeTemplate "universal/profile" }}
|
|
{{ includeTemplate "universal/logg" }}
|
|
|
|
logg info 'Decrypting SSH keys stored in the `home/.chezmoitemplates/ssh` folder of the Install Doctor repo / fork.'
|
|
find "{{ .chezmoi.sourceDir }}/.chezmoitemplates/ssh" -type f | while read SSH_FILE; do
|
|
### Decrypt SSH file with Chezmoi
|
|
logg info 'Decrypting the $(basename "$SSH_FILE") encrypted SSH file'
|
|
chezmoi decrypt "$SSH_FILE" > "$HOME/.ssh/$(basename "$SSH_FILE")" || EXIT_CODE=$?
|
|
|
|
### Handle failed decryption with warning log message
|
|
if [ -n "$EXIT_CODE" ]; then
|
|
logg warn "Unable to decrypt the file stored in $SSH_FILE"
|
|
fi
|
|
|
|
### Apply appropriate permission to decrypted ~/.ssh file
|
|
if [ -f "$HOME/.ssh/$(basename "$SSH_FILE")" ]; then
|
|
logg info "Applying appropriate permissions on $HOME/.ssh/$(basename "$SSH_FILE")"
|
|
chmod 600 "$HOME/.ssh/$(basename "$SSH_FILE")"
|
|
fi
|
|
done
|
|
|
|
{{ end -}}
|