scripts/with_env

   1 #!/usr/bin/env bash
   2
   3 if [ -z "$SOPS_VARS_FILE" ]; then
   4   echo "Variable SOPS_VARS_FILE is needed with a path to the sops variables"
   5   exit 1;
   6 fi
   7
   8 umask 0077
   9 TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
  10 chmod go-rwx $TEMP
  11
  12 finish() {
  13   rm -rf "$TEMP"
  14 }
  15
  16 trap finish EXIT
  17
  18 sops -d $SOPS_VARS_FILE | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
  19
  20 cat > $TEMP/ssh_config <<EOF
  21 Host *
  22 IdentityFile $TEMP/id_ed25519
  23 EOF
  24 export SSH_CONFIG_FILE="$TEMP/ssh_config"
  25 export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
  26
  27 "$@"