scripts: Rename nebula scripts

2026-03-22 22:29:06 +01:00 · 2026-02-06 22:15:56 +01:00 · 2026-02-06 22:15:56 +01:00 · ed070e6abe
commit ed070e6abe
parent 0f69eb0355
3 changed files with 6 additions and 6 deletions
--- a/scripts/nebula/recert-all-hosts.nix
+++ b/scripts/nebula/recert-all-hosts.nix
@ -0,0 +1,31 @@
+{ self', pkgs, ... }:
+pkgs.writeShellApplication {
+  name = "nebula-recert-all-hosts";
+
+  runtimeInputs = [
+    pkgs.bitwarden-cli
+    pkgs.jq
+    self'.packages.nebula-recert-host
+  ];
+
+  text = ''
+    hosts="$(nix eval .#nixosConfigurations --apply 'builtins.attrNames' --json | jq -r '.[]')"
+
+    if ! declare -px BW_SESSION >/dev/null 2>&1; then
+      BW_SESSION="$(bw unlock --raw || bw login --raw)"
+      export BW_SESSION
+    fi
+
+    ca_key="$(mktemp)"
+    chmod 600 "$ca_key"
+    trap 'rm -f "$ca_key"' EXIT
+    bw get notes 'nebula ca-key' > "$ca_key"
+
+    for host in $hosts; do
+      echo "Regenerating certificate for $host..."
+      nebula-recert-host "$host" "$ca_key"
+    done
+
+    echo "Done!"
+  '';
+}