]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - nixops/Makefile
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Simplify management of secrets in nixops
[perso/Immae/Config/Nix.git] / nixops / Makefile
diff --git a/nixops/Makefile b/nixops/Makefile
index c5216829862c4c27bca76605bb4052611428c494..a7b24cd98c7cd7dfe7d78daf57eadb0f39612a91 100644 (file)
--- a/nixops/Makefile
+++ b/nixops/Makefile
@@ -1,8 +1,5 @@
 export
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_PATH
-  $(error Please set NIXOPS_CONFIG_PASS_SUBTREE_PATH to the password-store subtree path)
-endif
-
+PASSWORD_STORE_DIR = $(shell pwd)/secrets
 NIXOPS_STATE ?= ./state/eldiron.nixops
 NIXOPS_DEPLOYMENT = cef694f3-081d-11e9-b31f-0242ec186adf
 nixpkgs ?= $(shell cat ../nix/sources.json | jq -r '."nixpkgs-nixops".url')
@@ -34,6 +31,9 @@ ifdef TARGET
 endif
 SSH_ARGS ?=
 
+edit_env:
+       pass edit Nixops/files/environment.nix || true
+
 nixops:
        $(NIXOPS_PRIV) $(NIXOPS_ARGS)
 
@@ -101,17 +101,6 @@ cleanup: delete-generations
 .PHONY: cleanup
 
 ###### Pull environment and deployment from remote
-# Don't include pull_deployment by default as this should happen only rarely
-pull: pull_environment;
-.PHONY: pull
-
-pull_environment:
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
-       $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
-endif
-       pass git subtree pull --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
-.PHONY: pull_environment
-
 pull_deployment:
        @if $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null ; then \
          echo "This will remove your current deployment file and recreate it!. Continue? [y/N]" && \
@@ -119,7 +108,7 @@ pull_deployment:
          [ "$$y" = "y" -o "$$y" = "Y" ] && \
          $(NIXOPS) delete --force -d $(NIXOPS_DEPLOYMENT); \
        fi
-       pass show $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment | $(NIXOPS) import
+       pass show Nixops/Deployment | $(NIXOPS) import
        $(NIXOPS) modify -d $(NIXOPS_DEPLOYMENT) "$$(pwd)/default.nix"
 .PHONY: pull_deployment
 
@@ -127,17 +116,7 @@ deployment_is_set:
        $(NIXOPS) info -d $(NIXOPS_DEPLOYMENT) 2>/dev/null >/dev/null
 .PHONY: deployment_is_set
 
-###### Push environment and deployment information to password store
-push: push_deployment push_environment;
-.PHONY: push
-
+###### Push deployment information to password store
 push_deployment:
-       $(NIXOPS) export | pass insert -m $(NIXOPS_CONFIG_PASS_SUBTREE_PATH)/Nixops/Deployment
-.PHONY: push_deployment
-
-push_environment:
-ifndef NIXOPS_CONFIG_PASS_SUBTREE_REMOTE
-       $(error "Please set NIXOPS_CONFIG_PASS_SUBTREE_REMOTE to the password-store subtree remote name")
-endif
-       pass git subtree push --prefix=$(NIXOPS_CONFIG_PASS_SUBTREE_PATH) $(NIXOPS_CONFIG_PASS_SUBTREE_REMOTE) master
-.PHONY: push_environment
+       $(NIXOPS) export | pass insert -m Nixops/Deployment
+.PHONY: push
My infrastructure configuration