-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall_remote_system.sh
executable file
·50 lines (41 loc) · 1.52 KB
/
install_remote_system.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/usr/bin/env bash
#
# this script uses nixos-anywhere to install a remote system
# before the installation it creates new ssh_host_keys, prints the public key
# and waits for the user to rekey the secrets before passing them to the
# installation
#
# usage:
# ./install_remote_system.sh <hostname> <user@host> [extra nixos-anywhere arguments]
#
set -euo pipefail
# Check if the hostname and remote host are provided
if [ "$#" -lt 2 ]; then
echo "Usage: $0 <hostname> <user@host>"
exit 1
fi
# ask the user if the tranfer directory should be removed, if it exists
if [ -d "transfer" ]; then
read -r -p "The transfer directory already exists, do you want to remove it? [y/N] " response
if [[ "$response" =~ ^([yY][eE][sS]|[yY])$ ]]; then
rm -rf "transfer"
else
echo "re-using the existing transfer directory"
fi
fi
# Create the transfer directory
mkdir -p transfer
# create the ssh host keys if not present in the transfer directory
if [ ! -f "transfer/etc/ssh/ssh_host_ed25519_key" ]; then
install -d -m755 "transfer/etc/ssh"
ssh-keygen -A -f "transfer"
fi
# Print the public key
cat "transfer/etc/ssh/ssh_host_ed25519_key.pub"
# Wait for the user to rekey the secrets
echo please rekey use the public key above to rekey the secrets
read -r -p "Press enter to continue installation"
# Install NixOS to the host system with our secrets
# we need to pass all args separately
# shellcheck disable=SC2068
nix run github:nix-community/nixos-anywhere -- --extra-files "transfer" --flake ".#$1" ${@:3} "$2"