51 lines
1.0 KiB
Bash
Executable File
51 lines
1.0 KiB
Bash
Executable File
set -o errexit
|
|
#set -o pipefail
|
|
|
|
if [ ! -e flake.nix ]
|
|
then
|
|
echo "flake.nix not found. Searching down."
|
|
while [ ! -e flake.nix ]
|
|
do
|
|
if [ $PWD = "/" ]
|
|
then
|
|
echo "Found root. Aborting."
|
|
exit 1
|
|
else
|
|
cd ..
|
|
fi
|
|
done
|
|
fi
|
|
|
|
pwpath="machines"
|
|
hostkey="ssh_host_ed25519_key"
|
|
initrdkey="initrd_ed25519_key"
|
|
read -p "Enter new host name: " host
|
|
|
|
if [ "$host" = "" ]; then exit 0
|
|
fi
|
|
|
|
mkdir -p $pwpath/$host/secrets
|
|
cd $pwpath/$host/secrets
|
|
|
|
# Generate SSH keys
|
|
ssh-keygen -f $hostkey -t ed25519 -N ""
|
|
ssh-keygen -f $initrdkey -t ed25519 -N ""
|
|
|
|
#encrypt the private keys
|
|
sops -e -i ./$hostkey
|
|
sops -e -i ./$initrdkey
|
|
|
|
#generate encryption key
|
|
tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 20 > disk.key
|
|
sops -e -i ./disk.key
|
|
|
|
# Info
|
|
echo
|
|
echo "Hier ist der age public key für sops etc:"
|
|
echo "$(ssh-to-age -i ./"$hostkey".pub)"
|
|
echo
|
|
echo "Hier ist eine reproduzierbare mac-addresse:"
|
|
echo "$host"|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
|
|
|
|
exit 0
|