blob: 1e46434b73e99acb1185befb29336c1d951477d9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
#!/usr/bin/env nix-shell
#!nix-shell -i bash
# shellcheck shell=bash
# shellcheck disable=2086
set -Eeuo pipefail
cd "$(dirname "${BASH_SOURCE[0]}")"
set -x
USER_PASSWORD="$(cat ./secrets/base-image-old-password.txt)"
export TLD='euandreh.xyz'
# Idempotent init folders and permissions
FOLDERS='/data/ /data/secrets/ /data/favicons/ /data/git/ /data/static/ci-logs/ /data/static/ci-logs/placeholder/ /data/nixos/ /data/static/logrotate/'
echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S mkdir -p $FOLDERS
echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S chown andreh:users $FOLDERS
ssh "$TLD" touch /data/static/ci-logs/placeholder/f.log
echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S chown -R andreh:users /data/
# Copy secrets and support files
rsync -avzP secrets/passwords/ "${TLD}:/data/secrets/"
rsync -avzP favicons/ "${TLD}:/data/favicons/"
scp cgit-about.html "${TLD}:/data/git/about.html"
scp ci-gen-index.sh "${TLD}:/data/static/ci-logs/ci-gen-index.sh"
# Run nixos-rebuild
envsubst < envsubst-configuration.nix | ssh "$TLD" 'cat > /data/nixos/envsubst-configuration.nix'
scp vps-configuration.nix "${TLD}:/etc/nixos/configuration.nix"
echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S nix-channel --add "https://nixos.org/channels/nixos-unstable" nixos
echo "${USER_PASSWORD}" | ssh "$TLD" sudo -S -i nixos-rebuild switch --upgrade
ssh "$TLD" rm -rf /data/static/ci-logs/placeholder/
|
