nixos-servers/bootstrap.sh

#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'

servername="${1-}"

if [ -z "$servername" ]
  then
    echo "Usage: $0 SERVERNAME"
    exit 1
fi

confirmation="Yes, wipe ${servername}."

echo "⚠️  This will wipe ${servername} completely! ⚠️"
echo "Confirm by typing: \"${confirmation}\""
read response

if [ "$response" != "$confirmation" ]; then
  echo "Aborting."
  exit 1
fi

# Create a temporary directory
temp=$(mktemp -d)

# Function to cleanup temporary directory on exit
cleanup() {
  rm -rf "$temp"
}
trap cleanup EXIT

# Create directory where age key will go.
# Nixos-anwhere creates a kind of overlay and retains this structure on the final file system.
mkdir "$temp/root"

secret-tool lookup age-identity "$servername" > "$temp/root/age_ed25519"

# Set the correct permissions
chmod 600 "$temp/root/age_ed25519"

# Install NixOS to the host system with our age identity
nixos-anywhere --extra-files "$temp" --flake ".#${servername}" "root@${servername}.hyp"
remove ansible deploy ssh host and user keys using agenix deploy ssh certificates using ssh 2023-11-14 22:53:04 +00:00			`#!/usr/bin/env bash`
improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script 2023-11-15 10:41:45 +00:00			`set -euo pipefail`
			`IFS=$'\n\t'`

			`servername="${1-}"`

			`if [ -z "$servername" ]`
			`then`
			`echo "Usage: $0 SERVERNAME"`
			`exit 1`
			`fi`

			`confirmation="Yes, wipe ${servername}."`

			`echo "⚠️ This will wipe ${servername} completely! ⚠️"`
			`echo "Confirm by typing: \"${confirmation}\""`
			`read response`

			`if [ "$response" != "$confirmation" ]; then`
			`echo "Aborting."`
			`exit 1`
			`fi`
remove ansible deploy ssh host and user keys using agenix deploy ssh certificates using ssh 2023-11-14 22:53:04 +00:00
			`# Create a temporary directory`
			`temp=$(mktemp -d)`

			`# Function to cleanup temporary directory on exit`
			`cleanup() {`
			`rm -rf "$temp"`
			`}`
			`trap cleanup EXIT`

improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script 2023-11-15 10:41:45 +00:00			`# Create directory where age key will go.`
			`# Nixos-anwhere creates a kind of overlay and retains this structure on the final file system.`
			`mkdir "$temp/root"`
remove ansible deploy ssh host and user keys using agenix deploy ssh certificates using ssh 2023-11-14 22:53:04 +00:00
improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script 2023-11-15 10:41:45 +00:00			`secret-tool lookup age-identity "$servername" > "$temp/root/age_ed25519"`
remove ansible deploy ssh host and user keys using agenix deploy ssh certificates using ssh 2023-11-14 22:53:04 +00:00
improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script 2023-11-15 10:41:45 +00:00			`# Set the correct permissions`
			`chmod 600 "$temp/root/age_ed25519"`
remove ansible deploy ssh host and user keys using agenix deploy ssh certificates using ssh 2023-11-14 22:53:04 +00:00
improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script 2023-11-15 10:41:45 +00:00			`# Install NixOS to the host system with our age identity`
update readme update boostrap script 2023-11-15 12:24:06 +00:00			`nixos-anywhere --extra-files "$temp" --flake ".#${servername}" "root@${servername}.hyp"`