Refactor secrets handling

[perso/Immae/Config/Nix.git] / nixops / scripts / with_env

diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env
index f8e5537b43423b3ac0362d79bb8b9226f502d3ac..c570ccf2afcd95cde5495679f18fce4f40911f1f 100755 (executable)
--- a/nixops/scripts/with_env
+++ b/nixops/scripts/with_env
@@ -15,14 +15,8 @@ finish() {
 
 trap finish EXIT
 
-# pass cannot "just" list files in a directory without showing a tree :(
-files=$(pass ls Nixops/files | sed -e '1d' -e 's/^.* //')
+sops -d secrets/vars.yml | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
 
-for file in $files; do
-  pass show "Nixops/files/$file" > $TEMP/$file
-done
-
-export NIX_PATH="privateFiles=$TEMP:$NIX_PATH"
 export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
 
 "$@"