1 files changed, 4 insertions, 2 deletions
diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env
index 9882f78..f8e5537 100755
--- a/nixops/scripts/with_env
+++ b/nixops/scripts/with_env
@@ -5,12 +5,12 @@ if [ -z "$NIXOPS_ENV_LOADED" ]; then
  exit 1;
 fi
+umask 0077
 TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
 chmod go-rwx $TEMP
 finish() {
  rm -rf "$TEMP"
-  nixops set-args --unset privateFiles
 }
 trap finish EXIT
@@ -21,6 +21,8 @@ files=$(pass ls Nixops/files | sed -e '1d' -e 's/^.* //')
 for file in $files; do
  pass show "Nixops/files/$file" > $TEMP/$file
 done
-nixops set-args --argstr privateFiles "$TEMP"
+export NIX_PATH="privateFiles=$TEMP:$NIX_PATH"
+export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
 "$@"

diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env index 9882f78..f8e5537 100755 --- a/nixops/scripts/with_env +++ b/nixops/scripts/with_env
@@ -5,12 +5,12 @@ if [ -z "$NIXOPS_ENV_LOADED" ]; then
5	exit 1;	5	exit 1;
6	fi	6	fi
7		7
		8	umask 0077
8	TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)	9	TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
9	chmod go-rwx $TEMP	10	chmod go-rwx $TEMP
10		11
11	finish() {	12	finish() {
12	rm -rf "$TEMP"	13	rm -rf "$TEMP"
13	nixops set-args --unset privateFiles
14	}	14	}
15		15
16	trap finish EXIT	16	trap finish EXIT
@@ -21,6 +21,8 @@ files=$(pass ls Nixops/files \| sed -e '1d' -e 's/^.* //')
21	for file in $files; do	21	for file in $files; do
22	pass show "Nixops/files/$file" > $TEMP/$file	22	pass show "Nixops/files/$file" > $TEMP/$file
23	done	23	done
24	nixops set-args --argstr privateFiles "$TEMP"	24
		25	export NIX_PATH="privateFiles=$TEMP:$NIX_PATH"
		26	export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
25		27
26	"$@"	28	"$@"