48 lines
993 B
Bash
Executable File
48 lines
993 B
Bash
Executable File
set -o errexit
|
|
#set -o pipefail
|
|
|
|
if [ ! -e flake.nix ]
|
|
then
|
|
echo "flake.nix not found. Searching down."
|
|
while [ ! -e flake.nix ]
|
|
do
|
|
if [ $PWD = "/" ]
|
|
then
|
|
echo "Found root. Aborting."
|
|
exit 1
|
|
else
|
|
cd ..
|
|
fi
|
|
done
|
|
fi
|
|
|
|
pwpath="machines/secrets/keys/itag"
|
|
read -p "Enter new host name: " host
|
|
|
|
if [ "$host" = "" ]; then exit 0
|
|
fi
|
|
|
|
mkdir -p $pwpath/$host
|
|
cd $pwpath/$host
|
|
|
|
# Generate SSH keys
|
|
ssh-keygen -f "$host" -t ed25519 -N ""
|
|
ssh-keygen -f "$host"-init -t ed25519 -N ""
|
|
|
|
#encrypt the private keys
|
|
sops -e -i ./"$host"
|
|
sops -e -i ./"$host"-init
|
|
|
|
#generate encryption key
|
|
tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 20 > disk.key
|
|
sops -e -i ./disk.key
|
|
|
|
# Info
|
|
echo
|
|
echo "Hier ist der age public key für sops etc:"
|
|
echo "$(ssh-to-age -i ./$host.pub)"
|
|
echo
|
|
echo "Hier ist eine reproduzierbare mac-addresse:"
|
|
echo "$host"|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
|
|
|
|
exit 0 |