diff options
| author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 01:35:06 +0200 |
|---|---|---|
| committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2023-10-04 02:11:48 +0200 |
| commit | 1a64deeb894dc95e2645a75771732c6cc53a79ad (patch) | |
| tree | 1b9df4838f894577a09b9b260151756272efeb53 /scripts/with_env | |
| parent | fa25ffd4583cc362075cd5e1b4130f33306103f0 (diff) | |
| download | Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip | |
Squash changes containing private information
There were a lot of changes since the previous commit, but a lot of them
contained personnal information about users. All thos changes got
stashed into a single commit (history is kept in a different place) and
private information was moved in a separate private repository
Diffstat (limited to 'scripts/with_env')
| -rwxr-xr-x | scripts/with_env | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/scripts/with_env b/scripts/with_env new file mode 100755 index 0000000..783d86c --- /dev/null +++ b/scripts/with_env | |||
| @@ -0,0 +1,27 @@ | |||
| 1 | #!/usr/bin/env bash | ||
| 2 | |||
| 3 | if [ -z "$SOPS_VARS_FILE" ]; then | ||
| 4 | echo "Variable SOPS_VARS_FILE is needed with a path to the sops variables" | ||
| 5 | exit 1; | ||
| 6 | fi | ||
| 7 | |||
| 8 | umask 0077 | ||
| 9 | TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files) | ||
| 10 | chmod go-rwx $TEMP | ||
| 11 | |||
| 12 | finish() { | ||
| 13 | rm -rf "$TEMP" | ||
| 14 | } | ||
| 15 | |||
| 16 | trap finish EXIT | ||
| 17 | |||
| 18 | sops -d $SOPS_VARS_FILE | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519 | ||
| 19 | |||
| 20 | cat > $TEMP/ssh_config <<EOF | ||
| 21 | Host * | ||
| 22 | IdentityFile $TEMP/id_ed25519 | ||
| 23 | EOF | ||
| 24 | export SSH_CONFIG_FILE="$TEMP/ssh_config" | ||
| 25 | export SSH_IDENTITY_FILE="$TEMP/id_ed25519" | ||
| 26 | |||
| 27 | "$@" | ||