diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-07 15:17:30 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-10-13 00:00:55 +0200 |
| commit | 282c67a117b7d349b30a96972b050d630f906dec (patch) | |
| tree | 6686bdc126d5c0bd548cd6286a41be5c8cfdc01f /nixops/scripts/with_env | |
| parent | 97f5a24bc8839328571b23eb5f910de206ddbe1f (diff) | |
| download | Nix-282c67a117b7d349b30a96972b050d630f906dec.tar.gz Nix-282c67a117b7d349b30a96972b050d630f906dec.tar.zst Nix-282c67a117b7d349b30a96972b050d630f906dec.zip | |
Refactor secrets handling
Diffstat (limited to 'nixops/scripts/with_env')
| -rwxr-xr-x | nixops/scripts/with_env | 8 |
1 files changed, 1 insertions, 7 deletions
diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env index f8e5537..c570ccf 100755 --- a/nixops/scripts/with_env +++ b/nixops/scripts/with_env | |||
| @@ -15,14 +15,8 @@ finish() { | |||
| 15 | 15 | ||
| 16 | trap finish EXIT | 16 | trap finish EXIT |
| 17 | 17 | ||
| 18 | # pass cannot "just" list files in a directory without showing a tree :( | 18 | sops -d secrets/vars.yml | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519 |
| 19 | files=$(pass ls Nixops/files | sed -e '1d' -e 's/^.* //') | ||
| 20 | 19 | ||
| 21 | for file in $files; do | ||
| 22 | pass show "Nixops/files/$file" > $TEMP/$file | ||
| 23 | done | ||
| 24 | |||
| 25 | export NIX_PATH="privateFiles=$TEMP:$NIX_PATH" | ||
| 26 | export SSH_IDENTITY_FILE="$TEMP/id_ed25519" | 20 | export SSH_IDENTITY_FILE="$TEMP/id_ed25519" |
| 27 | 21 | ||
| 28 | "$@" | 22 | "$@" |