another try to fix some scripts
This commit is contained in:
parent
035cf0e555
commit
c129c6adfb
GPG Key ID:
FD266B810DF48DF2
@ -58,13 +58,13 @@ with lib;
|
||||
HEADSCALE_CLI_ADDRESS = "wg.ataraxiadev.com:443";
|
||||
};
|
||||
script = ''
|
||||
auth_key=$(headscale preauthkeys create -e ${cfg.expire} -u ${cfg.user} -o json ${optionalString cfg.ephemeral "--ephemeral"} | jq -r .key)
|
||||
if [ "$auth_key" = "null" ]; then
|
||||
echo "Cannot retrieve auth key." >&2
|
||||
exit 1
|
||||
else
|
||||
echo $auth_key > "${cfg.outPath}"
|
||||
fi
|
||||
while true; do
|
||||
auth_key=$(headscale preauthkeys create -e ${cfg.expire} -u ${cfg.user} -o json ${optionalString cfg.ephemeral "--ephemeral"} | jq -r .key)
|
||||
[[ "$auth_key" = "null" ]] || break
|
||||
echo "Cannot retrieve auth key. Will try again after 5 seconds." >&2
|
||||
sleep 5
|
||||
done
|
||||
echo $auth_key > "${cfg.outPath}"
|
||||
'';
|
||||
serviceConfig = {
|
||||
EnvironmentFile = config.sops.secrets.headscale-api-env.path;
|
||||
|
||||
@ -24,10 +24,16 @@ in {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
partOf = [ "vault.service" ];
|
||||
after = [ "vault.service" ];
|
||||
path = [ pkgs.curl ];
|
||||
path = [ pkgs.curl pkgs.jq ];
|
||||
script = ''
|
||||
set -aeuo pipefail
|
||||
set -a
|
||||
source ${config.sops.secrets.vault-keys-env.path}
|
||||
while true; do
|
||||
initialized=$(curl -s ${api-addr}/v1/sys/health | jq -r '.initialized')
|
||||
[[ "$initialized" = "true" ]] && break
|
||||
echo "Vault has not been initialized yet. Will try again after 5 seconds." >&2
|
||||
sleep 5
|
||||
done
|
||||
curl -H "Content-Type: application/json" --data "{\"key\":\"$VAULT_KEY1\"}" ${api-addr}/v1/sys/unseal >/dev/null 2>&1
|
||||
curl -H "Content-Type: application/json" --data "{\"key\":\"$VAULT_KEY2\"}" ${api-addr}/v1/sys/unseal >/dev/null 2>&1
|
||||
curl -H "Content-Type: application/json" --data "{\"key\":\"$VAULT_KEY3\"}" ${api-addr}/v1/sys/unseal >/dev/null 2>&1
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user