Verified Commit dce3bdfa authored by fpletz's avatar fpletz 🚧
Browse files

luftschleuse: don't use etag for authorized keys update

parent f527b753
......@@ -216,7 +216,12 @@ in
systemd.services.update-authorized-keys = {
script = ''
${pkgs.curl}/bin/curl -s -o "$STATE_DIRECTORY/authorized_keys" --etag-save "$STATE_DIRECTORY/etag" --etag-compare "$STATE_DIRECTORY/etag" --header "PRIVATE-TOKEN: $(cat /root/gitlab-deploy-token)" "https://gitlab.muc.ccc.de/api/v4/projects/169/jobs/artifacts/master/raw/authorized_keys?job=authorized_keys"
${pkgs.curl}/bin/curl -s -o "/tmp/authorized_keys" \
--header "PRIVATE-TOKEN: $(cat /root/gitlab-deploy-token)" \
"https://gitlab.muc.ccc.de/api/v4/projects/169/jobs/artifacts/master/raw/authorized_keys?job=authorized_keys"
[[ $(sha512sum /tmp/authorized_keys) != $(sha512sum $STATE_DIRECTORY/authorized_keys) ]] \
&& cp -v /tmp/authorized_keys $STATE_DIRECTORY/authorized_keys
exit 0
'';
serviceConfig = {
Type = "oneshot";
......@@ -226,7 +231,7 @@ in
systemd.timers.update-authorized-keys = {
wantedBy = [ "timers.target" ];
timerConfig.OnCalendar = "minutely";
timerConfig.OnCalendar = "*:0/5";
};
systemd.services.hostapd = {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment