Update pre-commit hook

.pre-commit-config.yaml

@@ -7,7 +7,7 @@ repos:
     rev: v0.13.0
     hooks:
       - id: yamlfmt
-        exclude: ^charts/
+        exclude: (^charts/|^secrets/)
   - repo: local
     hooks:
       - id: check-sops-secrets

.sops.yaml

@@ -1,5 +1,5 @@
 creation_rules:
-  - path_regex: values/.*/secrets.server-xray-public.yaml
+  - path_regex: values/.*/secrets.server-xray-public.yaml*
     key_groups:
       - age:
           - age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8

scripts/add_xray_user.sh

@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+set -e
+
+CONFIG=$(sops -d ./values/badhouseplants/secrets.server-xray-public.yaml | yq '.files.config.entries."config.json".data' | jq)
+
+read -p "Enter fullname (Ivan Ivanov): " FULLNAME
+read -p "Enter email (ivan@fakemail.net): " EMAIL
+PASS=$(openssl rand -base64 10)
+
+CONFIG_ENTRY=$(cat <<-EndOfMessage
+[
+{
+  "id": "${FULLNAME} ${PASS}",
+  "flow": "xtls-rprx-vision",
+  "level": 0,
+  "email": "${EMAIL}"
+}
+]
+EndOfMessage
+)
+
+echo "You're about to add a following entry to the config, is it correct?"
+echo "${CONFIG_ENTRY}"
+read -p "Type 'YES' to continue " AGREE
+
+if [ "${AGREE}" != "YES" ]; then echo "Alright, goodbye" && exit 1; fi
+
+NEW_CONFIG=$(jq '.inbounds[].settings.clients += '"${CONFIG_ENTRY}"'' <<< "${CONFIG}" | jq)
+echo $NEW_CONFIG
+echo "Does the diff looks correct?"
+diff <(echo $CONFIG) <(echo $NEW_CONFIG) || true
+read -p "Type 'YES' to continue " AGREE
+if [ "${AGREE}" != "YES" ]; then echo "Alright, goodbye" && exit 1; fi
+
+WORKDIR=$(mktemp -d)
+export NEW_CONFIG
+sops -d ./values/badhouseplants/secrets.server-xray-public.yaml | yq '.files.config.entries."config.json".data = strenv(NEW_CONFIG)' > ./values/badhouseplants/secrets.server-xray-public.yaml && sops -e ./values/badhouseplants/secrets.server-xray-public.yaml
+
+helmfile -e badhouseplants -f ./installations/applications -l name=server-xray-public diff
+