project: add bootstrap script
This commit is contained in:
parent
08c16bd27f
commit
5041fc7472
99
bootstrap.sh
Executable file
99
bootstrap.sh
Executable file
|
|
@ -0,0 +1,99 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p bitwarden-cli git gnupg jq nixFlakes
|
||||
|
||||
# Command failure is script failure
|
||||
set -e
|
||||
|
||||
BOLD_RED="\e[0;1;31m"
|
||||
BOLD_BLUE="\e[0;1;34m"
|
||||
BOLD_GREEN="\e[0;1;32m"
|
||||
|
||||
RESET="\e[0m"
|
||||
|
||||
DEST="$HOME/.config/nixpkgs"
|
||||
BW_SESSION=""
|
||||
|
||||
warn() {
|
||||
echo -e "${BOLD_RED}$1${RESET}"
|
||||
}
|
||||
|
||||
info() {
|
||||
echo -e "${BOLD_BLUE}$1${RESET}"
|
||||
}
|
||||
|
||||
success() {
|
||||
echo -e "${BOLD_GREEN}$1${RESET}"
|
||||
}
|
||||
|
||||
set_perm() {
|
||||
# $1: destination
|
||||
# $2: permissions
|
||||
|
||||
chmod "$2" "$1" && success "--> Set permission of $1 to $2"
|
||||
}
|
||||
|
||||
get_doc() {
|
||||
# $1: name of folder which contains the wanted document
|
||||
# $2: name of the document
|
||||
# $3: destination
|
||||
# $4: permissions
|
||||
|
||||
local FOLDER_ID
|
||||
local NOTES
|
||||
FOLDER_ID="$(bw list folders |
|
||||
jq '.[] | select(.name == "'"$1"'") | .id' |
|
||||
cut -d'"' -f2)"
|
||||
|
||||
NOTES="$(bw list items --folderid "$FOLDER_ID" |
|
||||
jq '.[] | select(.name == "'"$2"'") | .notes' |
|
||||
cut -d'"' -f2)"
|
||||
|
||||
printf "%b" "$NOTES" > "$3"
|
||||
set_perm "$3" "$4"
|
||||
}
|
||||
|
||||
get_ssh() {
|
||||
mkdir -p "$HOME/.ssh" && info "-> Creating .ssh folder."
|
||||
chmod 700 "$HOME/.ssh" && info "--> Modifying permissions of .ssh folder."
|
||||
|
||||
get_doc "SysAdmin/SSH" "shared-key-public" "$HOME/.ssh/shared_rsa.pub" 644
|
||||
get_doc "SysAdmin/SSH" "shared-key-private" "$HOME/.ssh/shared_rsa" 600
|
||||
}
|
||||
|
||||
get_pgp() {
|
||||
local KEY
|
||||
KEY=key.asc
|
||||
get_doc "SysAdmin/PGP" "pgp-key-private" "$KEY" 644
|
||||
|
||||
gpg \
|
||||
--pinentry-mode loopback \
|
||||
--import "$KEY"
|
||||
printf '5\ny\n' |
|
||||
gpg \
|
||||
--command-fd 0 \
|
||||
--pinentry-mode loopback \
|
||||
--edit-key 'Bruno BELANYI' \
|
||||
trust
|
||||
rm "$KEY"
|
||||
}
|
||||
|
||||
get_creds() {
|
||||
BW_SESSION="$(bw login --raw)"
|
||||
export BW_SESSION
|
||||
|
||||
get_ssh
|
||||
get_pgp
|
||||
}
|
||||
|
||||
setup_gpg() {
|
||||
info 'Setting up loopback pinentry for GnuPG'
|
||||
echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
|
||||
|
||||
info 'Signing dummy message to ensure GnuPG key is usable by `git-crypt`'
|
||||
echo whatever | gpg --clearsign --armor --pinentry loopback --output /dev/null
|
||||
}
|
||||
|
||||
[ -z "$NOCREDS" ] && get_creds
|
||||
[ -z "$NOGPG" ] && setup_gpg
|
||||
|
||||
nix --experimental-features 'nix-command flakes' develop
|
||||
Loading…
Reference in a new issue