]>
git.immae.eu Git - perso/Immae/Config/Nix.git/blob - nixops/scripts/setup
5 if ! which nix
2>/dev
/null
>/dev
/null
; then
7 nix is needed, please install it:
8 > curl https://nixos.org/nix/install | sh
9 (or any other way handled by your distribution)
14 if [ "${NIX_STORE:-/nix/store}" != "/nix/store" ]; then
16 Nix store outside of /nix/store is not supported
21 if ! which direnv
2>/dev
/null
>/dev
/null
; then
23 direnv is needed, please install it
28 if [ -z "$NIXOPS_ENV_LOADED" ]; then
30 direnv environment needs to be loaded
35 if [ "$(git config --get include.path)" != "../.gitconfig" ]; then
37 it is recommended to include the .gitconfig file into (local) git configuration:
38 git config --local include.path '../.gitconfig'
39 Run this command? [y/N]
42 if [ "$y" = "y" -o "$y" = "Y" ]; then
43 git config
--local include.path
'../.gitconfig'
47 for key
in public_keys
/*; do
48 fpr
=$(cat "$key" | gpg --import-options show-only --import --with-colons | grep -e "^pub" | cut -d':' -f5)
49 gpg
--list-key "$fpr" >/dev
/null
2>/dev
/null
&& imported
=yes || imported
=no
50 # /usr/share/doc/gnupg/DETAILS field 2
51 (cat "$key" | gpg
--import-options show
-only --import --with-colons |
54 grep -q '[fu]') && signed
=yes || signed
=no
55 if [ "$signed" = no
-o "$imported" = no
] ; then
56 echo "The key for $key needs to be imported and signed (a local signature is enough)"
57 cat "$key" | gpg
--import-options show
-only --import
58 echo "Continue? [y/N]"
60 if [ "$y" = "y" -o "$y" = "Y" ]; then
61 cat "$key" | gpg
--import
62 gpg
--expert --edit-key "$fpr" lsign quit
70 if nix show
-config --json | jq
-e '.sandbox.value == "true"' >/dev
/null
; then
72 There used to be some impure derivations (grep __noChroot), you may need
75 you may also want to add
77 keep-derivations = true
78 to prevent garbage collector from deleting build dependencies (they take a lot of time to build)
80 allow-import-from-derivation = false
81 as an attempt to avoid having build-time derivations (doesn’t work for all packages)
89 Please make sure you’re using make commands when deploying