Compare commits
2 commits
3e5ea47cea
...
a52c868ecf
| Author | SHA1 | Date | |
|---|---|---|---|
| a52c868ecf | |||
| 41ea5804e5 |
3 changed files with 35 additions and 22 deletions
|
|
@ -6,6 +6,14 @@
|
|||
}:
|
||||
let
|
||||
homeDir = "/home/${userName}";
|
||||
|
||||
projectsDir = "${homeDir}/NewProjects";
|
||||
configDir = "${projectsDir}/nixos-config";
|
||||
sopsSubmoduleDir = "${configDir}/secrets-nixos";
|
||||
|
||||
securityDir = "${homeDir}/.security";
|
||||
gpgDir = "${securityDir}/gpg";
|
||||
sopsKeyFile = "${securityDir}/sops/age/keys.txt";
|
||||
in
|
||||
{
|
||||
info = {
|
||||
|
|
@ -15,13 +23,18 @@ in
|
|||
};
|
||||
|
||||
paths = {
|
||||
inherit homeDir;
|
||||
configDir = "${homeDir}/NewProjects/nixos-config";
|
||||
downloadsDir = "${homeDir}/Downloads";
|
||||
inherit
|
||||
homeDir
|
||||
|
||||
gpgDir
|
||||
|
||||
configDir
|
||||
sopsSubmoduleDir
|
||||
sopsKeyFile
|
||||
;
|
||||
|
||||
sshDir = "${homeDir}/.ssh";
|
||||
gpgDir = "${homeDir}/.security/gpg";
|
||||
sopsKeyFile = "${homeDir}/.security/sops/age/keys.txt";
|
||||
downloadsDir = "${homeDir}/Downloads";
|
||||
};
|
||||
|
||||
device = {
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ let
|
|||
type = config.sops.secrets."sing_box/type".path;
|
||||
in
|
||||
{
|
||||
# Sops
|
||||
sops.secrets = {
|
||||
"sing_box/flow" = { };
|
||||
"sing_box/packet_encoding" = { };
|
||||
|
|
@ -33,7 +32,6 @@ in
|
|||
httpProxy = "http://127.0.0.1:12634";
|
||||
};
|
||||
|
||||
# Sing-box
|
||||
services.sing-box = {
|
||||
enable = true;
|
||||
package = pkgs.old.sing-box;
|
||||
|
|
|
|||
|
|
@ -1,40 +1,42 @@
|
|||
pkgs: {
|
||||
updateSystem =
|
||||
rebuidWithSopsSubmodule =
|
||||
configPath: secretsPath:
|
||||
pkgs.writeShellScriptBin "updateSystem" ''
|
||||
pkgs.writeShellScriptBin "rebuidWithSopsSubmodule" ''
|
||||
#!/bin/bash
|
||||
|
||||
export my_wd=$PWD
|
||||
cd ${configPath}
|
||||
|
||||
if [ ! -d "${secretsPath}" ]; then
|
||||
echo "!!! Error !!! NixConfigSecrets directory not found in ${configPath}"
|
||||
if [ ! -d ./${secretsPath} ]; then
|
||||
echo "Error: ${secretsPath} directory not found in ${configPath}"
|
||||
echo "System not updated!"
|
||||
cd $my_wd
|
||||
unset my_wd
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "$(find NixConfigSecrets -maxdepth 1 -name '*.yaml' -print -quit)" ]; then
|
||||
echo "!!! Error !!! No .yaml files found in NixConfigSecrets directory"
|
||||
if [ -z "$(find ./${secretsPath} -maxdepth 1 -name '*.yaml' -print -quit)" ]; then
|
||||
echo "Error: No .yaml files found in ${secretsPath} directory"
|
||||
echo "System not updated!"
|
||||
cd $my_wd
|
||||
unset my_wd
|
||||
exit 1
|
||||
fi
|
||||
|
||||
mkdir secrets
|
||||
cp -r NixConfigSecrets/*.yaml secrets/
|
||||
git add secrets/*.yaml
|
||||
mkdir ./secrets
|
||||
cp ./${secretsPath}/*.yaml ./secrets/
|
||||
git add ./secrets/*.yaml
|
||||
|
||||
if sudo nixos-rebuild switch --flake . "$@"; then
|
||||
echo "Success: System successfully updated with new configuration"
|
||||
echo "Success: System successfully updated with new configuration!"
|
||||
else
|
||||
echo "!!! Failure !!! Failed to apply NixOS configuration"
|
||||
echo "System version remains unchanged"
|
||||
echo "Error: Failed to rebuild NixOS configuration"
|
||||
echo "System not updated!"
|
||||
fi
|
||||
|
||||
git reset secrets/*.yaml
|
||||
rm secrets/*.yaml
|
||||
rm -d secrets
|
||||
git reset ./secrets/*.yaml
|
||||
rm ./secrets/*.yaml
|
||||
rm -d ./secrets
|
||||
cd $my_wd
|
||||
unset my_wd
|
||||
'';
|
||||
|
|
|
|||
Reference in a new issue