]> Git — Sourcephile - sourcephile-nix.git/blob - private/hosts/decrypt.sh
nftables: wg-intra: cleanup
[sourcephile-nix.git] / private / hosts / decrypt.sh
1 #!/usr/bin/env sh
2 set -eu
3 dir=${0%/*}
4 key=$1
5 name=${key##*/}
6 name=${name%.secret}
7 sudo unshare --mount sh -xc "
8 mount --bind '$dir'/credential.secret /var/lib/systemd/credential.secret &&
9 systemd-creds decrypt --with-key=host --name '$name' '$key' -
10 "