nixos-servers/terraform/modules/debian/files/get_cert.sh

#!/bin/bash
set -euo pipefail
IFS=$'\n\t'

eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host) CAHOST=\(.cahost) CASCRIPT=\(.cascript) CAKEY=\(.cakey)"')"

# TODO: Can this be done more eye-pleasingly?
set +e
CERT=$(ssh -o ConnectTimeout=3 -o ConnectionAttempts=1 root@$CAHOST '"'"$CASCRIPT"'" host "'"$CAKEY"'" "'"$PUBKEY"'" "'"$HOST"'".dmz')
retval=$?
set -e

if [ retval -neq 0 ]; then
	CERT=""
fi

jq -n --arg cert "$CERT" '{"cert":$cert}'
WIP: nixos-anywhere for virtual machines 2023-11-25 20:00:21 +00:00			`#!/bin/bash`
			`set -euo pipefail`
			`IFS=$'\n\t'`

			`eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host) CAHOST=\(.cahost) CASCRIPT=\(.cascript) CAKEY=\(.cakey)"')"`

			`# TODO: Can this be done more eye-pleasingly?`
			`set +e`
			`CERT=$(ssh -o ConnectTimeout=3 -o ConnectionAttempts=1 root@$CAHOST '"'"$CASCRIPT"'" host "'"$CAKEY"'" "'"$PUBKEY"'" "'"$HOST"'".dmz')`
			`retval=$?`
			`set -e`

			`if [ retval -neq 0 ]; then`
			`CERT=""`
			`fi`

			`jq -n --arg cert "$CERT" '{"cert":$cert}'`