X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fscripts%2Fwith_env;h=c570ccf2afcd95cde5495679f18fce4f40911f1f;hb=fa25ffd4583cc362075cd5e1b4130f33306103f0;hp=26e74b5f6d77b2f1851c9159f249344ad7f17b6c;hpb=1052bfda27ad0607cd4dc5dc91e2d8e8220c30c7;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env
index 26e74b5..c570ccf 100755
--- a/nixops/scripts/with_env
+++ b/nixops/scripts/with_env
@@ -1,26 +1,22 @@
 #!/usr/bin/env bash
 
-if [ -z "$NIXOPS" ]; then
-  echo "Please set NIXOPS to the nixops command"
+if [ -z "$NIXOPS_ENV_LOADED" ]; then
+  echo "Please load the environment with direnv"
   exit 1;
 fi
 
+umask 0077
 TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
 chmod go-rwx $TEMP
 
 finish() {
   rm -rf "$TEMP"
-  $NIXOPS set-args --unset privateFiles
 }
 
 trap finish EXIT
 
-# pass cannot "just" list files in a directory without showing a tree :(
-files=$(pass ls Nixops/files | sed -e '1d' -e 's/^.* //')
+sops -d secrets/vars.yml | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
 
-for file in $files; do
-  pass show "Nixops/files/$file" > $TEMP/$file
-done
-$NIXOPS set-args --argstr privateFiles "$TEMP"
+export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
 
 "$@"