forked from Fediversity/simple-nixos-fediverse
Ignore errors of garage key import
This commit is contained in:
parent
9be8232083
commit
55a6377b12
|
@ -52,7 +52,8 @@ let
|
||||||
${escapeShellArg bucket} --key ${escapeShellArg key}
|
${escapeShellArg bucket} --key ${escapeShellArg key}
|
||||||
'';
|
'';
|
||||||
ensureKeyScriptFn = key: {id, secret, ensureAccess}: ''
|
ensureKeyScriptFn = key: {id, secret, ensureAccess}: ''
|
||||||
garage key import --yes -n ${escapeShellArg key} ${escapeShellArg id} ${escapeShellArg secret}
|
## FIXME: Check whether the key exist and skip this step if that is the case. Get rid of this `|| :`
|
||||||
|
garage key import --yes -n ${escapeShellArg key} ${escapeShellArg id} ${escapeShellArg secret} || :
|
||||||
${concatMapAttrs (ensureAccessScriptFn key) ensureAccess}
|
${concatMapAttrs (ensureAccessScriptFn key) ensureAccess}
|
||||||
'';
|
'';
|
||||||
ensureKeysScript = concatMapAttrs ensureKeyScriptFn cfg.ensureKeys;
|
ensureKeysScript = concatMapAttrs ensureKeyScriptFn cfg.ensureKeys;
|
||||||
|
@ -197,7 +198,8 @@ in
|
||||||
|
|
||||||
# XXX: this is a hack because we want to write to the buckets here but we're not guaranteed any access keys
|
# XXX: this is a hack because we want to write to the buckets here but we're not guaranteed any access keys
|
||||||
# TODO: generate this key here rather than using a well-known key
|
# TODO: generate this key here rather than using a well-known key
|
||||||
garage key import --yes -n tmp ${snakeoil_key.id} ${snakeoil_key.secret}
|
# TODO: if the key already exists, we get an error; hacked with this `|| :` which needs to be removed
|
||||||
|
garage key import --yes -n tmp ${snakeoil_key.id} ${snakeoil_key.secret} || :
|
||||||
export AWS_ACCESS_KEY_ID=${snakeoil_key.id};
|
export AWS_ACCESS_KEY_ID=${snakeoil_key.id};
|
||||||
export AWS_SECRET_ACCESS_KEY=${snakeoil_key.secret};
|
export AWS_SECRET_ACCESS_KEY=${snakeoil_key.secret};
|
||||||
|
|
||||||
|
|
Reference in a new issue