1 files changed, 24 insertions, 4 deletions

diff --git a/nixos-switch.sh b/nixos-switch.sh
index dc7797d..e704437 100755
--- a/nixos-switch.sh
+++ b/nixos-switch.sh
@@ -4,13 +4,33 @@
 set -Eeuo pipefail
 cd "$(dirname "${BASH_SOURCE[0]}")"
 
-envsubst < vps-configuration.env.nix | ssh "$TLD" 'cat > /etc/nixos/configuration.nix'
+if [[ "${1:-}" = '--bootstrap' ]]; then
+  USER_PASSWORD="$(cat ./secrets/base-image-old-password.txt)"
+else
+  USER_PASSWORD="$(cat ./secrets/user-password.txt)"
+fi
+
+# Copy secrets
+echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\
+sudo mkdir -p ${SECRETS_ROOT};                     \
+sudo chown -R ${USER_NAME}:users ${SECRETS_ROOT}/; \
+sudo chmod 700 ${SECRETS_ROOT}/;                   \
+sudo touch /etc/nixos/envsubst-configuration.nix;  \
+sudo chown -R ${USER_NAME}:users /etc/nixos/envsubst-configuration.nix;"
+rsync -avzP secrets/passwords/ "${TLD}:${SECRETS_ROOT}/"
+envsubst < envsubst-configuration.nix | ssh "$TLD" 'cat > /etc/nixos/envsubst-configuration.nix'
+echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\
+sudo chown nextcloud:users ${SECRETS_ROOT}/nextcloud-admin.txt; \
+sudo chown nextcloud:users ${SECRETS_ROOT}/nextcloud-database.txt;"
+
+# Run nixos-rebuild
+scp vps-configuration.nix "${TLD}:/etc/nixos/configuration.nix"
 echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S nix-channel --add "https://nixos.org/channels/nixos-${SYSTEM_STATE_VERSION}" nixos
 echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade
 
-ssh "${TLD}" rm -rf "${DATA_ROOT}/favicons/"
-rsync -avzP favicons/ "${TLD}:${DATA_ROOT}/favicons/"
-
+# Copy support files
+ssh "${TLD}" rm -rf "${FAVICONS_ROOT}/"
+rsync -avzP favicons/ "${TLD}:${FAVICONS_ROOT}/"
 scp cgit-about.html "${TLD}:${GIT_ROOT}/about.html"
 scp ci-gen-index.sh "${TLD}:${CI_LOGS_ROOT}/ci-gen-index.sh"
 scp bash-profile.sh "${TLD}:.bash_profile"