diff options
Diffstat (limited to 'nixos-switch.sh')
| -rwxr-xr-x | nixos-switch.sh | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/nixos-switch.sh b/nixos-switch.sh index 404cba4..cd05c5b 100755 --- a/nixos-switch.sh +++ b/nixos-switch.sh @@ -9,14 +9,20 @@ echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S nix-channel --add "https://nixos.or echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade rsync -avzP favicons/ "${TLD}:${DATA_ROOT}/favicons/" -# Ugly hack to change TLS certificates permissions +echo Ugly hack to change TLS certificates permissions echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\ -sudo chown -R nginx:prosody /var/lib/acme/; \ -sudo chmod 755 /var/lib/acme/; \ -sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/key.pem; \ -sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ -sudo chmod 770 /var/lib/acme/${PROSODY_TLD}/; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/key.pem; \ -sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/; \ +sudo chown -R nginx:prosody /var/lib/acme/; \ +sudo chmod 755 /var/lib/acme/; \ +sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/key.pem; \ +sudo chmod 640 /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ +sudo chmod 770 /var/lib/acme/${PROSODY_TLD}/; \ +sudo chmod 640 /var/lib/acme/${PROSODY_CONVERSE_TLD}/key.pem; \ +sudo chmod 640 /var/lib/acme/${PROSODY_CONVERSE_TLD}/fullchain.pem; \ +sudo chmod 770 /var/lib/acme/${PROSODY_CONVERSE_TLD}/; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/fullchain.pem; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/key.pem; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_TLD}/; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/fullchain.pem; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/key.pem; \ +sudo chown nginx:prosody /var/lib/acme/${PROSODY_CONVERSE_TLD}/; \ sudo systemctl restart prosody.service" |