run_onchange_after_deploy-etc.sh.tmpl


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

#!/bin/sh
# Deploy system-level configs from etc/ to /etc/.
# chezmoi re-runs this script whenever any file under etc/ changes.
# etc/ content hash: {{ output "sh" "-c" (printf "cd %q && find etc -type f ! -name .ignore -exec sha256sum {} + | LC_ALL=C sort" .chezmoi.sourceDir) | sha256sum }}
# luks root uuid: {{ output "lsblk" "-dno" "UUID" (printf "/dev/%s" .luksRootPartition) | trim }}
set -eu

cd "$CHEZMOI_SOURCE_DIR"
find etc -type f ! -name .ignore | while IFS= read -r src; do
    case "$src" in
        *.tmpl)
            dest="/${src%.tmpl}"
            tmp=$(mktemp)
            chezmoi execute-template <"$src" >"$tmp"
            doas install -D -m 0644 -o root -g root "$tmp" "$dest"
            rm -f "$tmp"
            ;;
        *)
            dest="/${src}"
            doas install -D -m 0644 -o root -g root "$src" "$dest"
            ;;
    esac
done

# doas refuses to parse /etc/doas.conf unless it's 0400 root:root
doas chmod 0400 /etc/doas.conf