kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

feat: the stuff of nightmares

Browse source
This commit is contained in:
Kat Inskip 2023-02-15 15:53:38 -08:00
parent b589fdda9f
commit 3a29446c96
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
51 changed files with 679 additions and 1094 deletions
Download patch file Download diff file Expand all files Collapse all files

35
iac/files.go
View file

@ -2,6 +2,7 @@ package iac
import (
"github.com/pulumi/pulumi-command/sdk/go/command/remote"
"github.com/pulumi/pulumi-command/sdk/go/command/local"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
@ -18,13 +19,39 @@ func CreatePulumiFile(ctx *pulumi.Context, name string, fqdn string, value pulum
Host: pulumi.String(fqdn),
Port: pulumi.Float64Ptr(float64(port)),
User: pulumi.String(user),
AgentSocketPath: pulumi.String("/Users/kat/.gnupg/S.gpg-agent.ssh"),
// TODO: note to self, write platform support code here. or just expect env var $SSH_AUTH_SOCK?
AgentSocketPath: pulumi.String("/run/user/1000/gnupg/S.gpg-agent.ssh"),
},
Triggers: pulumi.All(resources),
Create: pulumi.Sprintf("sudo mkdir -p /var/lib/secrets && echo \"%s\" | sudo tee \"/var/lib/secrets/%s\"", value, name),
Delete: pulumi.Sprintf("cd /var/lib/secrets && rm %s", name),
Create: pulumi.Sprintf("echo \"%s\" > \"/tmp/%s\" && sudo mkdir -p /var/lib/secrets && sudo install --owner=kat --group=users --mode=0600 \"/tmp/%s\" \"/var/lib/secrets/%s\"", value, name, name, name),
Delete: pulumi.Sprintf("cd /var/lib/secrets && rm \"%s\"", name),
Environment: pulumi.StringMap{
"PULUMI_SKIP_UPDATE_CHECK": pulumi.String("true"),
},
}, pulumi.DependsOn(resources), pulumi.IgnoreChanges([]string{"create"}))
}, pulumi.DependsOn(resources), pulumi.IgnoreChanges([]string{})) // within {} put e.g. "create"
}
func CreatePulumiLocalFile(ctx *pulumi.Context, name string, fqdn string, value pulumi.StringOutput, resources []pulumi.Resource) (*remote.Command, error) {
port := 22
user := "deploy"
if fqdn == "tewi.inskip.me" {
port = 62954
user = "root"
}
ctx.Export(name, value)
return remote.NewCommand(ctx, name, &remote.CommandArgs{
Connection: &remote.ConnectionArgs{
Host: pulumi.String(fqdn),
Port: pulumi.Float64Ptr(float64(port)),
User: pulumi.String(user),
// TODO: note to self, write platform support code here. or just expect env var $SSH_AUTH_SOCK?
AgentSocketPath: pulumi.String("/run/user/1000/gnupg/S.gpg-agent.ssh"),
},
Triggers: pulumi.All(resources),
Create: pulumi.Sprintf("echo \"%s\" > \"/tmp/%s\" && sudo mkdir -p /var/lib/secrets && sudo install --owner=kat --group=users --mode=0600 \"/tmp/%s\" \"/var/lib/secrets/%s\"", value, name, name, name),
Delete: pulumi.Sprintf("cd /var/lib/secrets && rm \"%s\"", name),
Environment: pulumi.StringMap{
"PULUMI_SKIP_UPDATE_CHECK": pulumi.String("true"),
},
}, pulumi.DependsOn(resources), pulumi.IgnoreChanges([]string{})) // within {} put e.g. "create"
}