#!/usr/bin/env nix-shell #!nix-shell -i bash # shellcheck shell=bash set -Eeuo pipefail cd "$(dirname "${BASH_SOURCE[0]}")" if [[ "${1:-}" = '--bootstrap' ]]; then USER_PASSWORD="$(cat ./secrets/base-image-old-password.txt)" else USER_PASSWORD="$(cat ./secrets/user-password.txt)" fi # Copy secrets and configuration files echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\ sudo mkdir -p ${SECRETS_ROOT}; \ sudo chown -R ${USER_NAME}:users ${SECRETS_ROOT}/; \ sudo chmod 700 ${SECRETS_ROOT}/; \ sudo touch /etc/nixos/envsubst-configuration.nix; \ sudo chown -R ${USER_NAME}:users /etc/nixos/envsubst-configuration.nix;" rsync -avzP secrets/passwords/ "${TLD}:${SECRETS_ROOT}/" envsubst < envsubst-configuration.nix | ssh "$TLD" 'cat > /etc/nixos/envsubst-configuration.nix' echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "\ sudo chown nextcloud:users ${SECRETS_ROOT}/nextcloud-admin.txt; \ sudo chown nextcloud:users ${SECRETS_ROOT}/nextcloud-database.txt;" scp mautrix-whatsapp-config.yaml "${TLD}:/data/" scp secrets/mautrix-telegram-config.yaml "${TLD}:/data/" # Run nixos-rebuild scp vps-configuration.nix "${TLD}:/etc/nixos/configuration.nix" echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S nix-channel --add "https://nixos.org/channels/nixos-${SYSTEM_STATE_VERSION}" nixos echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade # Copy support files ssh "${TLD}" rm -rf "${FAVICONS_ROOT}/" rsync -avzP favicons/ "${TLD}:${FAVICONS_ROOT}/" scp cgit-about.html "${TLD}:${GIT_ROOT}/about.html" scp ci-gen-index.sh "${TLD}:${CI_LOGS_ROOT}/ci-gen-index.sh" scp bash-profile.sh "${TLD}:.bash_profile" echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S "sudo systemctl restart matrix-synapse.service"