diff options
| -rwxr-xr-x | install-for | 53 | ||||
| -rwxr-xr-x | install-for-prosody | 23 |
2 files changed, 53 insertions, 23 deletions
diff --git a/install-for b/install-for new file mode 100755 index 0000000..9487273 --- /dev/null +++ b/install-for @@ -0,0 +1,53 @@ +#!/usr/bin/env python3 +# SPDX-FileCopyrightText: 2024 Matthew Fennell <matthew@fennell.dev> +# +# SPDX-License-Identifier: AGPL-3.0-only + +import argparse +import itertools +import os +import subprocess + +parser = argparse.ArgumentParser() +parser.add_argument("identity_file") +parser.add_argument("--prosody", nargs=1, default = []) +parser.add_argument("--forgejo", nargs=1, default = []) +args = parser.parse_args() + +ssh_args = f"-o IdentitiesOnly=yes -F /dev/null -i {args.identity_file}" + +commands = { + "prosody": [ + "sudo chmod 640 ~/*.crt ~/*.key", + "sudo mv ~/*.crt ~/*.key /etc/prosody/certs", + "sudo chown -R root:prosody /etc/prosody/certs", + "sudo service nginx restart", + "sudo service prosody restart", + ], + "forgejo": [ + "sudo chown root:root ~/*.crt ~/*.key", + "sudo mv ~/*.crt ~/*.key /etc/nginx/ssl/", + "sudo service forgejo restart", + "sudo service nginx restart", + ], +} + +possible_services = { + "prosody": next(iter(args.prosody), None), + "forgejo": next(iter(args.forgejo), None), +} +services = dict(filter(lambda service: service[1] is not None, possible_services.items())) +files_to_copy = {os.environ["LEGO_CERT_PATH"], os.environ["LEGO_CERT_KEY_PATH"]} + +def scp_commands(files: set[str], host:str) -> list[str]: + return [f"scp {ssh_args} {' '.join(files)} {host}:~"] + +def ssh_commands(service: str, host: str) -> list[str]: + return list(map(lambda command: f"ssh {ssh_args} -tt {host} '{command}'", commands[service])) + +for service, host in services.items(): + commands_to_run = itertools.chain(scp_commands(files_to_copy, host), ssh_commands(service, host)) + + for command in commands_to_run: + print(command) + subprocess.run(command, shell=True) diff --git a/install-for-prosody b/install-for-prosody deleted file mode 100755 index 4ab540b..0000000 --- a/install-for-prosody +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# SPDX-FileCopyrightText: 2024 Matthew Fennell <matthew@fennell.dev> -# -# SPDX-License-Identifier: AGPL-3.0-only - -set -eux - -connection_string="$1" -ssh_key="$2" - -ssh_args=(-o IdentitiesOnly=yes -F /dev/null -i "${ssh_key}") - -# LEGO_CERT_PATH is an environment variable -#shellcheck disable=SC2154 -scp "${ssh_args[@]}" "${LEGO_CERT_PATH}" "${connection_string}":~ - -# LEGO_CERT_KEY_PATH is an environment variable -#shellcheck disable=SC2154 -scp "${ssh_args[@]}" "${LEGO_CERT_KEY_PATH}" "${connection_string}":~ - -ssh "${ssh_args[@]}" -tt "${connection_string}" "sudo mv ~/*.crt ~/*.key /etc/prosody/certs" -ssh "${ssh_args[@]}" -tt "${connection_string}" "sudo chown -R prosody:prosody /etc/prosody/certs" -ssh "${ssh_args[@]}" -tt "${connection_string}" "sudo service prosody reload" |