felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-05-02 04:33:15 +02:00
Code Issues Projects Releases Wiki Activity

Run shellcheck

Browse Source
This commit is contained in:
Felix Albrigtsen
2026-02-08 12:10:53 +01:00
committed by h7x4
parent eee7e9ad7b
commit 2a062a6031
6 changed files with 44 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
modules/matrix-ooye.nix
View File

@@ -77,29 +77,29 @@ in
id
echo "Before if statement"
stat ''${REGISTRATION_FILE}
stat "''${REGISTRATION_FILE}"
if [[ ! -f ''${REGISTRATION_FILE} ]]; then
if [[ ! -f "''${REGISTRATION_FILE}" ]]; then
echo "No registration file found at '$REGISTRATION_FILE'"
cp --no-preserve=mode,ownership ${baseConfig} ''${REGISTRATION_FILE}
cp --no-preserve=mode,ownership "${baseConfig}" "''${REGISTRATION_FILE}"
fi
echo "After if statement"
stat ''${REGISTRATION_FILE}
stat "''${REGISTRATION_FILE}"
AS_TOKEN=$(${lib.getExe pkgs.jq} -r .as_token ''${REGISTRATION_FILE})
HS_TOKEN=$(${lib.getExe pkgs.jq} -r .hs_token ''${REGISTRATION_FILE})
DISCORD_TOKEN=$(cat /run/credentials/matrix-ooye-pre-start.service/discord_token)
DISCORD_CLIENT_SECRET=$(cat /run/credentials/matrix-ooye-pre-start.service/discord_client_secret)
AS_TOKEN="$('${lib.getExe pkgs.jq}' -r .as_token "''${REGISTRATION_FILE}")"
HS_TOKEN="$('${lib.getExe pkgs.jq}' -r .hs_token "''${REGISTRATION_FILE}")"
DISCORD_TOKEN="$(cat /run/credentials/matrix-ooye-pre-start.service/discord_token)"
DISCORD_CLIENT_SECRET="$(cat /run/credentials/matrix-ooye-pre-start.service/discord_client_secret)"
# Check if we have all required tokens
if [[ -z "$AS_TOKEN" || "$AS_TOKEN" == "null" ]]; then
AS_TOKEN=$(${lib.getExe pkgs.openssl} rand -hex 64)
AS_TOKEN="$('${lib.getExe pkgs.openssl}' rand -hex 64)"
echo "Generated new AS token: ''${AS_TOKEN}"
fi
if [[ -z "$HS_TOKEN" || "$HS_TOKEN" == "null" ]]; then
HS_TOKEN=$(${lib.getExe pkgs.openssl} rand -hex 64)
HS_TOKEN="$('${lib.getExe pkgs.openssl}' rand -hex 64)"
echo "Generated new HS token: ''${HS_TOKEN}"
fi
@@ -115,13 +115,13 @@ in
exit 1
fi
shred -u ''${REGISTRATION_FILE}
cp --no-preserve=mode,ownership ${baseConfig} ''${REGISTRATION_FILE}
shred -u "''${REGISTRATION_FILE}"
cp --no-preserve=mode,ownership "${baseConfig}" "''${REGISTRATION_FILE}"
${lib.getExe pkgs.jq} '.as_token = "'$AS_TOKEN'" | .hs_token = "'$HS_TOKEN'" | .ooye.discord_token = "'$DISCORD_TOKEN'" | .ooye.discord_client_secret = "'$DISCORD_CLIENT_SECRET'"' ''${REGISTRATION_FILE} > ''${REGISTRATION_FILE}.tmp
'${lib.getExe pkgs.jq}' '.as_token = "'$AS_TOKEN'" | .hs_token = "'$HS_TOKEN'" | .ooye.discord_token = "'$DISCORD_TOKEN'" | .ooye.discord_client_secret = "'$DISCORD_CLIENT_SECRET'"' "''${REGISTRATION_FILE}" > "''${REGISTRATION_FILE}.tmp"
shred -u ''${REGISTRATION_FILE}
mv ''${REGISTRATION_FILE}.tmp ''${REGISTRATION_FILE}
shred -u "''${REGISTRATION_FILE}"
mv "''${REGISTRATION_FILE}.tmp" "''${REGISTRATION_FILE}"
'';
in

20
modules/snakeoil-certs.nix
View File

@@ -51,24 +51,24 @@ in
script = let
openssl = lib.getExe pkgs.openssl;
in lib.concatMapStringsSep "\n" ({ name, value }: ''
mkdir -p $(dirname "${value.certificate}") $(dirname "${value.certificateKey}")
if ! ${openssl} x509 -checkend 86400 -noout -in ${value.certificate}
mkdir -p "$(dirname '${value.certificate}')" "$(dirname '${value.certificateKey}')"
if ! ${openssl} x509 -checkend 86400 -noout -in '${value.certificate}'
then
echo "Regenerating '${value.certificate}'"
${openssl} req \
-newkey rsa:4096 \
-new -x509 \
-days "${toString value.daysValid}" \
-days '${toString value.daysValid}' \
-nodes \
-subj "${value.subject}" \
-out "${value.certificate}" \
-keyout "${value.certificateKey}" \
-subj '${value.subject}' \
-out '${value.certificate}' \
-keyout '${value.certificateKey}' \
${lib.escapeShellArgs value.extraOpenSSLArgs}
fi
chown "${value.owner}:${value.group}" "${value.certificate}"
chown "${value.owner}:${value.group}" "${value.certificateKey}"
chmod "${value.mode}" "${value.certificate}"
chmod "${value.mode}" "${value.certificateKey}"
chown '${value.owner}:${value.group}' '${value.certificate}'
chown '${value.owner}:${value.group}' '${value.certificateKey}'
chmod '${value.mode}' '${value.certificate}'
chmod '${value.mode}' '${value.certificateKey}'
echo "\n-----------------\n"
'') (lib.attrsToList cfg);