updated sp.sh and psp.sh

for_new_sovran_pros/sp.sh

@@ -2,7 +2,7 @@
 
 # wget https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/for_new_sovran_pros/sp.sh
 
-set -o nounset
+set -e
 
 GREEN="\e[32m"
 LIGHTBLUE="\e[94m"
@@ -116,7 +116,7 @@ cat <<EOT >> /var/lib/agenix-secrets/secrets.nix
 
 let
 
-  root = "" ;
+  root = "placeholder" ;
 
 in
 {
@@ -162,28 +162,6 @@ echo -n ADMIN_TOKEN=$(openssl rand -base64 48
 
 #
 
-pushd /var/lib/agenix-secrets/
-
-  echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
-
-  echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
-
-  echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
-
-  echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
-
-  echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
-
-popd
-
-  if [[ $? != 0 ]]; then
-
-   exit 1
-
-  fi
-
-#
-
 pushd /etc/nixos
 
   nix flake update
@@ -192,44 +170,6 @@ pushd /etc/nixos
 
 popd
 
-  if [[ $? != 0 ]]; then
-
-   exit 1
-
-  fi
-
-#
-
-chown caddy:php /var/lib/domains -R
-
-chmod 770 /var/lib/domains -R
-
-#
-
-mkdir /root/.ssh/agenix
-
-ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys
-
-sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix
-
-sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
-
-#
-
-pushd /etc/nixos
-
-  nix flake update
-
-  nixos-rebuild switch --impure
-
-popd
-
-  if [[ $? != 0 ]]; then
-
-   exit 1
-
-  fi
-
 #
 
 chown root:root /var/lib/secrets/main -R
@@ -254,10 +194,50 @@ chmod 770 /var/lib/secrets/ -R
 
 #
 
-set -x
+mkdir /root/.ssh/agenix
+
+ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys
+
+sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix
+
+sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
 
 #
 
+pushd /var/lib/agenix-secrets/
+
+  echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
+
+  echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
+
+  echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
+
+  echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
+
+  echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
+
+popd
+
+#
+
+chown caddy:php /var/lib/domains -R
+
+chmod 770 /var/lib/domains -R
+
+#
+
+pushd /etc/nixos
+
+  nix flake update
+
+  nixos-rebuild switch --impure
+
+popd
+
+#
+
+set -x
+
 wget -P /var/lib/www/downloadwp https://wordpress.org/latest.zip
 
 wget -P /var/lib/www/downloadnc https://download.nextcloud.com/server/releases/latest.zip