kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

[IAC] Remaining fix-ups

Browse source
This commit is contained in:
Kat Inskip 2023-03-12 08:54:54 -07:00
parent b224bd4935
commit a05cdfd35c
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
4 changed files with 10 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -2,5 +2,6 @@
venv/ venv/
.direnv/ .direnv/
result result
.DS_Store
/kittywitch /kittywitch
data/ data/

2
config.yaml
View file

@ -64,5 +64,3 @@ zones:
kittywitch: kittywitch:
name: kittywit.ch name: kittywit.ch
machines: machines:
ran:
provider: hcloud

2
iac/device.go
View file

@ -129,7 +129,7 @@ func (d *Device) handleOSH(CAKey *tls.PrivateKey) (err error) {
Duration: pulumi.String("730h"), Duration: pulumi.String("730h"),
Hostname: pulumi.String(d.Tailskip), Hostname: pulumi.String(d.Tailskip),
Kind: pulumi.String("host"), Kind: pulumi.String("host"),
Userkey: d.PrivateKey.PrivateKeyOpenssh, Userkey: d.PrivateKeyED25519.PrivateKeyOpenssh,
}, pulumi.Provider(oshProvider)) }, pulumi.Provider(oshProvider))
if err != nil { if err != nil {
return err return err

15
iac/files.go
View file

@ -15,15 +15,16 @@ func CreatePulumiFile(ctx *pulumi.Context, name string, fqdn string, value pulum
ctx.Export(name, value) ctx.Export(name, value)
return remote.NewCommand(ctx, name, &remote.CommandArgs{ return remote.NewCommand(ctx, name, &remote.CommandArgs{
Connection: &remote.ConnectionArgs{ Connection: &remote.ConnectionArgs{
Host: pulumi.String(fqdn), Host: pulumi.String(fqdn),
Port: pulumi.Float64Ptr(float64(port)), Port: pulumi.Float64Ptr(float64(port)),
User: pulumi.String(user), User: pulumi.String(user),
// TODO: note to self, write platform support code here. or just expect env var $SSH_AUTH_SOCK? // TODO: note to self, write platform support code here. or just expect env var $SSH_AUTH_SOCK?
AgentSocketPath: pulumi.String("/run/user/1000/gnupg/S.gpg-agent.ssh"), //AgentSocketPath: pulumi.String("/run/user/1000/gnupg/S.gpg-agent.ssh"), // linux
AgentSocketPath: pulumi.String("/Users/kat/.gnupg/S.gpg-agent.ssh"), // darwin
}, },
Triggers: pulumi.All(resources), Triggers: pulumi.All(resources),
Create: pulumi.Sprintf("echo \"%s\" > \"/tmp/%s\" && sudo mkdir -p /var/lib/secrets && sudo install --owner=kat --group=users --mode=0600 \"/tmp/%s\" \"/var/lib/secrets/%s\"", value, name, name, name), Create: pulumi.Sprintf("echo \"%s\" > \"/tmp/%s\" && sudo mkdir -p /var/lib/secrets && sudo install --owner=kat --group=users --mode=0600 \"/tmp/%s\" \"/var/lib/secrets/%s\"", value, name, name, name),
Delete: pulumi.Sprintf("cd /var/lib/secrets && rm \"%s\"", name), Delete: pulumi.Sprintf("cd /var/lib/secrets && rm \"%s\"", name),
Environment: pulumi.StringMap{ Environment: pulumi.StringMap{
"PULUMI_SKIP_UPDATE_CHECK": pulumi.String("true"), "PULUMI_SKIP_UPDATE_CHECK": pulumi.String("true"),
}, },