From a3ce707a5bf8282d3cdf3d4870db4de4c4117e9d Mon Sep 17 00:00:00 2001 From: Deeman Date: Fri, 27 Feb 2026 07:31:14 +0100 Subject: [PATCH] =?UTF-8?q?fix(infra):=20fix=20setup=5Fserver.sh=20summary?= =?UTF-8?q?=20=E2=80=94=20correct=20bootstrap=20command=20+=20sops=20forma?= =?UTF-8?q?t?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Detect server IP at runtime (hostname -I) and print real ssh command - Replace misleading >- yaml block + '+' notation with correct comma-separated age key format: age: , - Label next steps as "(run from your workstation)" Co-Authored-By: Claude Sonnet 4.6 --- infra/setup_server.sh | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/infra/setup_server.sh b/infra/setup_server.sh index 6b1005f..89a3071 100644 --- a/infra/setup_server.sh +++ b/infra/setup_server.sh @@ -144,6 +144,7 @@ fi DEPLOY_PUB=$(cat "${DEPLOY_KEY}.pub") AGE_PUB=$(grep "public key:" "${AGE_KEY_FILE}" | awk '{print $NF}') +SERVER_IP=$(hostname -I | awk '{print $1}') echo "" echo "==================================================================" @@ -158,25 +159,21 @@ echo " ${AGE_PUB}" echo "" echo "==================================================================" echo "" -echo " Next steps:" +echo " Next steps (run from your workstation):" echo "" echo " 1. Add the SSH deploy key to GitLab:" echo " → Repository Settings → Deploy Keys → Add key (read-only)" echo "" -echo " 2. Add the age public key to .sops.yaml on your workstation:" -echo " creation_rules:" -echo " - path_regex: \\.env\\.(dev|prod)\\.sops\$" -echo " age: >-" -echo " " -echo " + ${AGE_PUB}" +echo " 2. Add the server age key to .sops.yaml (comma-separated):" +echo " age: ,${AGE_PUB}" echo "" -echo " 3. Re-encrypt prod secrets to include the server key:" +echo " 3. Re-encrypt and push:" echo " sops updatekeys .env.prod.sops" echo " git add .sops.yaml .env.prod.sops" echo " git commit -m 'chore: add server age key'" echo " git push" echo "" echo " 4. Run bootstrap:" -echo " bash infra/bootstrap_supervisor.sh" +echo " ssh root@${SERVER_IP} 'bash -s' < infra/bootstrap_supervisor.sh" echo "" echo "=================================================================="