Adds secret loading

2025-09-27 15:15:30 +02:00 · 2025-09-27 15:15:30 +02:00 · 63fcd502a8
commit 63fcd502a8
parent cbf899eb40
5 changed files with 81 additions and 30 deletions
--- a/.config/yadm/bootstrap.v2/applications/00-Dependencies.sh
+++ b/.config/yadm/bootstrap.v2/applications/00-Dependencies.sh
--- a/.config/yadm/bootstrap.v2/applications/01-LoadSecrets.sh
+++ b/.config/yadm/bootstrap.v2/applications/01-LoadSecrets.sh
@ -0,0 +1,36 @@
+#!/bin/bash
+
+loadSecretsRepo() {
+  secretsGitPath="ssh://secrets-git-host/neintonine/yadm-config-secrets.git"
+  secretsFolderPath="$HOME/.local/share/secrets"
+  configFile="$HOME/.ssh/config"
+
+  if [[ -d "$secretsFolderPath/.git" ]]; then
+    (
+      cd "$secretsFolderPath"
+      git pull --ff-only
+    )
+    return 0
+  fi
+
+  if [[ ! -f "$configFile" ]]; then
+    echo "Can't find the ssh config file!"
+    return 1
+  fi
+
+  if ! grep "Host secrets-git-host" "$configFile" >/dev/null; then
+    echo "Can't find secrets-git-host config"
+    return 1
+  fi
+
+  git clone "$secretsGitPath" "$secretsFolderPath"
+}
+
+loadSecrets() {
+  secretsFolderPath="$HOME/.local/share/secrets"
+
+  loadSecretsRepo
+  "$secretsFolderPath/deploy.sh"
+}
+
+addActions loadSecrets
--- a/.config/yadm/bootstrap.v2/bootstrap
+++ b/.config/yadm/bootstrap.v2/bootstrap
@ -26,6 +26,8 @@ declare -x -a actions
 actions=()
 declare -x -a gitInstalls

+applications+=("")
+
 addApplications ()
 {
  for application in "$@"; do
@ -48,12 +50,15 @@ addGitInstall() {
  gitInstalls+=("$name;$path;$setupCommand")
 }

-while IFS= read -r file; do
-  if [[ -x "$file" && ! "$file" =~ "##" && ! "$file" =~ ~$ && ! "$file" =~ ".bak" ]]; then
-    source $file
-  fi
-done < <(find -L "$APPLICATIONS_PATH" -type f | sort) 
-
+if [[ ! -z "$1"  ]]; then
+  source "$APPLICATIONS_PATH/$1.sh"
+else
+  while IFS= read -r file; do
+    if [[ -x "$file" && ! "$file" =~ "##" && ! "$file" =~ ~$ && ! "$file" =~ ".bak" ]]; then
+      source $file
+    fi
+  done < <(find -L "$APPLICATIONS_PATH" -type f | sort) 
+fi


 echo -n "# Installing/Updating applications (${#applications[@]})"
@ -109,5 +114,5 @@ echo "# Executing actions... (${#actions[@]})"
 for action in "${actions[@]}";
 do
  echo "==> Now executing: ${action}"
-  $action > /dev/null
+  $action
 done
--- a/.config/yadm/hooks/pre_commit
+++ b/.config/yadm/hooks/pre_commit
@ -1,28 +1,32 @@
 #!/bin/env sh

-foundSymlinks=false
+handleYadmSymlinks() {
+  foundSymlinks=false

-for file in $(yadm diff --name-only --cached); do
-  lsResult=$(ls -1 -l "$file")
-  if [[ $lsResult != *"->"* ]]; then
-    continue
+  for file in $(yadm diff --name-only --cached); do
+    lsResult=$(ls -1 -l "$file")
+    if [[ $lsResult != *"->"* ]]; then
+      continue
+    fi
+
+    symlinkTarget=$(echo "$lsResult" | awk '{print $NF}')
+
+    if [[ $lsResult != *"##"* ]]; then
+      continue
+    fi
+
+    echo "$file is a YADM symlink. Telling git to ignore it..."
+
+    yadm restore --staged "$file"
+    echo "$file" >>~/.gitignore
+
+    foundSymlinks=true
+  done
+
+  if [ $foundSymlinks ]; then
+    echo "Symlinks found. Adding .gitignore to commit..."
+    yadm add ~/.gitignore
  fi
+}

-  symlinkTarget=$(echo "$lsResult" | awk '{print $NF}')
-
-  if [[ $lsResult != *"##"* ]]; then
-    continue
-  fi
-
-  echo "$file is a YADM symlink. Telling git to ignore it..."
-
-  yadm restore --staged "$file"
-  echo "$file" >>~/.gitignore
-
-  foundSymlinks=true
-done
-
-if [ $foundSymlinks ]; then
-  echo "Symlinks found. Adding .gitignore to commit..."
-  yadm add ~/.gitignore
-fi
+handleYadmSymlinks