diff options
| -rwxr-xr-x | nixos-switch.sh | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/nixos-switch.sh b/nixos-switch.sh index e704437..d480f25 100755 --- a/nixos-switch.sh +++ b/nixos-switch.sh @@ -34,24 +34,3 @@ rsync -avzP favicons/ "${TLD}:${FAVICONS_ROOT}/" scp cgit-about.html "${TLD}:${GIT_ROOT}/about.html" scp ci-gen-index.sh "${TLD}:${CI_LOGS_ROOT}/ci-gen-index.sh" scp bash-profile.sh "${TLD}:.bash_profile" - - -if [[ "$PROSODY_ENABLE" = true ]]; then -echo Ugly hack to change TLS certificates permissions -echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\ -sudo chown -R nginx:prosody /var/lib/acme/; \ -sudo chmod 755 /var/lib/acme/; \ -sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/key.pem; \ -sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ -sudo chmod 770 /var/lib/acme/${PROSODY_TLD}/; \ -sudo chmod 640 /var/lib/acme/${PROSODY_CONVERSE_TLD}/key.pem; \ -sudo chmod 640 /var/lib/acme/${PROSODY_CONVERSE_TLD}/fullchain.pem; \ -sudo chmod 770 /var/lib/acme/${PROSODY_CONVERSE_TLD}/; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/key.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/fullchain.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/key.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/; \ -sudo systemctl restart prosody.service" -fi |