Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2021-11-21 13:44:39 +0100
committer: tv <tv@krebsco.de> 2021-11-21 13:44:39 +0100
commit: e250f858382a1c830a55a7243a80e1fbd2d1b15d (patch)
tree: 0dd30c66ddc473112f1f1fcbf0c80ad896a38204 /lass/2configs/pass.nix
parent: a752af84bedc24fdc32004a8760532b3206c0421 (diff)
parent: b0f39ae34d1f248a4c1b92946a42418779f69490 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix
index 48070ea06..8ec3ac092 100644
--- a/lass/2configs/pass.nix
+++ b/lass/2configs/pass.nix
@@ -4,7 +4,15 @@
   users.users.mainUser.packages = with pkgs; [
     (pass.withExtensions (ext: [ ext.pass-otp ]))
     gnupg
+    (pkgs.writers.writeDashBin "unlock" ''
+      set -efu
+      HOST=$1
+
+      pw=$(pass show "admin/$HOST/luks")
+      torify sshn root@$(pass "hosts/$HOST/initrd/hostname") "echo $pw > /crypt-ramfs/passphrase"
+    '')
   ];
 
   programs.gnupg.agent.enable = true;
+
 }
author	tv <tv@krebsco.de>	2021-11-21 13:44:39 +0100
committer	tv <tv@krebsco.de>	2021-11-21 13:44:39 +0100
commit	e250f858382a1c830a55a7243a80e1fbd2d1b15d (patch)
tree	0dd30c66ddc473112f1f1fcbf0c80ad896a38204 /lass/2configs/pass.nix
parent	a752af84bedc24fdc32004a8760532b3206c0421 (diff)
parent	b0f39ae34d1f248a4c1b92946a42418779f69490 (diff)