ahtlon
a612221e2a
All checks were successful
Check flake syntax / flake-check (push) Successful in 4m49s
45 lines
1.2 KiB
Bash
45 lines
1.2 KiB
Bash
set -o errexit
|
|
set -o pipefail
|
|
|
|
sshoptions="-o StrictHostKeyChecking=no -o ServerAliveInterval=1 -o ServerAliveCountMax=1 -p 222 -T"
|
|
hostname=$1
|
|
|
|
if [ ! -e flake.nix ]
|
|
then
|
|
echo "flake.nix not found. Searching down."
|
|
while [ ! -e flake.nix ]
|
|
do
|
|
if [ $PWD = "/" ]
|
|
then
|
|
echo "Found root. Aborting."
|
|
exit 1
|
|
else
|
|
cd ..
|
|
fi
|
|
done
|
|
fi
|
|
|
|
diskkey=$(sops -d machines/$hostname/secrets/disk.key)
|
|
|
|
echo
|
|
if [ $# = 1 ]
|
|
then
|
|
ssh $sshoptions root@$hostname-initrd "zpool import -a"
|
|
echo "$diskkey" | ssh $sshoptions root@$hostname-initrd "zfs load-key storage/encrypted" #root
|
|
echo "$diskkey" | ssh $sshoptions root@$hostname-initrd "systemd-tty-ask-password-agent" #data
|
|
|
|
elif [ $# = 2 ]
|
|
then
|
|
ip=$2
|
|
ssh $sshoptions root@$ip "zpool import -a"
|
|
echo "$diskkey" | ssh $sshoptions root@$ip "zfs load-key storage/encrypted"
|
|
echo "$diskkey" | ssh $sshoptions root@$ip "systemd-tty-ask-password-agent"
|
|
|
|
else
|
|
echo
|
|
echo "Unlock the root disk on a remote host."
|
|
echo "Usage: $0 <hostname> [ip]"
|
|
echo "If an IP is not provided, the hostname will be used as the IP address."
|
|
exit 1
|
|
fi
|