#!/usr/bin/env bash

if [ -z "$NIXOPS_ENV_LOADED" ]; then
  echo "Please load the environment with direnv"
  exit 1;
fi

umask 0077
TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
chmod go-rwx $TEMP

finish() {
  rm -rf "$TEMP"
}

trap finish EXIT

# pass cannot "just" list files in a directory without showing a tree :(
files=$(pass ls Nixops/files | sed -e '1d' -e 's/^.* //')

for file in $files; do
  pass show "Nixops/files/$file" > $TEMP/$file
done

export NIX_PATH="privateFiles=$TEMP:$NIX_PATH"
export SSH_IDENTITY_FILE="$TEMP/id_ed25519"

"$@"