mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git
synced 2024-11-22 03:51:27 +00:00
pass ENCODED_PASSWORD to nixos-infect instead of USER_PASS
This commit is contained in:
parent
659c539f38
commit
967377f171
|
@ -19,6 +19,9 @@ steps:
|
|||
INFECT_COMMIT_SHA: ${DRONE_COMMIT_SHA}
|
||||
|
||||
commands:
|
||||
- set -o nounset
|
||||
- > # TODO pass Base64 encoded password from Drone instead of this
|
||||
ENCODED_PASSWORD="$(base64 <<<"$USER_PASS")"
|
||||
# Create infect user script and then push it to a remote machine on server creation.
|
||||
- |
|
||||
cat << EOF > infect.sh
|
||||
|
@ -34,6 +37,7 @@ steps:
|
|||
DNS_PROVIDER_TOKEN=$CLOUDFLARE_TOKEN
|
||||
DNS_PROVIDER_TYPE=CLOUDFLARE
|
||||
DOMAIN=$DOMAIN
|
||||
ENCODED_PASSWORD="$ENCODED_PASSWORD"
|
||||
HOSTNAME=selfprivacy-ci-test
|
||||
LUSER=cicdcicd
|
||||
NIXOS_CONFIG_ID=default
|
||||
|
@ -41,7 +45,6 @@ steps:
|
|||
PROVIDER=hetzner
|
||||
SSH_AUTHORIZED_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBb3yVhYF4slhf1iQCiGLOVcbGKP/MmkQiEMl2un+4K"
|
||||
STAGING_ACME=true
|
||||
USER_PASS="$USER_PASS"
|
||||
|
||||
curl --fail https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/commit/$INFECT_COMMIT_SHA/nixos-infect \
|
||||
| bash 2>&1 | tee /root/nixos-infect.log
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
: "${STAGING_ACME:?STAGING_ACME variable is not set}"
|
||||
: "${DNS_PROVIDER_TOKEN:?DNS_PROVIDER_TOKEN variable is not set}"
|
||||
: "${DB_PASSWORD:?DB_PASSWORD variable is not set}"
|
||||
: "${USER_PASS:?USER_PASS variable is not set}"
|
||||
: "${ENCODED_PASSWORD:?ENCODED_PASSWORD variable is not set}"
|
||||
: "${NIX_VERSION:?NIX_VERSION variable is not set}"
|
||||
: "${NIXOS_CONFIG_ID:?NIXOS_CONFIG_ID variable is not set}"
|
||||
: "${CONFIG_URL:?CONFIG_URL variable is not set}"
|
||||
|
@ -293,6 +293,12 @@ findESP() {
|
|||
}
|
||||
|
||||
prepareEnv() {
|
||||
if ! USER_PASS="$(base64 -d <<<"$ENCODED_PASSWORD")"; then
|
||||
echo "Error decoding ENCODED_PASSWORD from Base64!"
|
||||
exit 1
|
||||
fi
|
||||
readonly USER_PASS
|
||||
|
||||
isEFI=0
|
||||
[ -d /sys/firmware/efi ] && isEFI=1
|
||||
|
||||
|
|
Loading…
Reference in a new issue