aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--TODOs.org2
-rwxr-xr-xnixos-update.sh5
-rw-r--r--secrets/nix/e1d5f317b0f7a-snapshot-configuration.nixbin0 -> 4309 bytes
-rw-r--r--secrets/secret-envrc.shbin2839 -> 2896 bytes
-rw-r--r--vps-configuration.env.nix (renamed from vps-configuration.nix)0
5 files changed, 3 insertions, 4 deletions
diff --git a/TODOs.org b/TODOs.org
index 0df6ab4..bd38b22 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -1,6 +1,4 @@
* Tasks - v4
-** TODO Run =sudo= as =nixos= user in server
-** TODO Change from =nixos= user to =andreh= user
** TODO nginx magic =sslCiphers= value
Why not the default? What do those mean?
** TODO cron: borg and nixos update
diff --git a/nixos-update.sh b/nixos-update.sh
index bcadfd6..b4deb7e 100755
--- a/nixos-update.sh
+++ b/nixos-update.sh
@@ -7,5 +7,6 @@ cd "$(dirname "${BASH_SOURCE[0]}")"
git crypt unlock
direnv allow
-envsubst < vps-configuration.env.nix | ssh "$TLD" 'cat > /etc/nixos/configuration.nix'
-ssh "$TLD" sudo nixos-rebuild switch --upgrade
+envsubst < vps-configuration.env.nix | ssh "$TLD" 'cat > /tmp/tmp.nix'
+echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S mv /tmp/tmp.nix /etc/nixos/configuration.nix
+echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade
diff --git a/secrets/nix/e1d5f317b0f7a-snapshot-configuration.nix b/secrets/nix/e1d5f317b0f7a-snapshot-configuration.nix
new file mode 100644
index 0000000..46b7d09
--- /dev/null
+++ b/secrets/nix/e1d5f317b0f7a-snapshot-configuration.nix
Binary files differ
diff --git a/secrets/secret-envrc.sh b/secrets/secret-envrc.sh
index 214ac25..2a750f4 100644
--- a/secrets/secret-envrc.sh
+++ b/secrets/secret-envrc.sh
Binary files differ
diff --git a/vps-configuration.nix b/vps-configuration.env.nix
index 8afa57d..8afa57d 100644
--- a/vps-configuration.nix
+++ b/vps-configuration.env.nix
generated by cgit v1.2.3 (git 2.49.0) at 2025-07-13 20:40:05 +0000