1 files changed, 27 insertions, 0 deletions
diff --git a/scripts/with_env b/scripts/with_env
new file mode 100755
index 0000000..783d86c
--- /dev/null
+++ b/scripts/with_env
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+if [ -z "$SOPS_VARS_FILE" ]; then
+  echo "Variable SOPS_VARS_FILE is needed with a path to the sops variables"
+  exit 1;
+fi
+umask 0077
+TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
+chmod go-rwx $TEMP
+finish() {
+  rm -rf "$TEMP"
+}
+trap finish EXIT
+sops -d $SOPS_VARS_FILE | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
+cat > $TEMP/ssh_config <<EOF
+Host *
+IdentityFile $TEMP/id_ed25519
+EOF
+export SSH_CONFIG_FILE="$TEMP/ssh_config"
+export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
+"$@"

diff --git a/scripts/with_env b/scripts/with_env new file mode 100755 index 0000000..783d86c --- /dev/null +++ b/scripts/with_env
@@ -0,0 +1,27 @@
	1	#!/usr/bin/env bash
	2
	3	if [ -z "$SOPS_VARS_FILE" ]; then
	4	echo "Variable SOPS_VARS_FILE is needed with a path to the sops variables"
	5	exit 1;
	6	fi
	7
	8	umask 0077
	9	TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
	10	chmod go-rwx $TEMP
	11
	12	finish() {
	13	rm -rf "$TEMP"
	14	}
	15
	16	trap finish EXIT
	17
	18	sops -d $SOPS_VARS_FILE \| yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
	19
	20	cat > $TEMP/ssh_config <<EOF
	21	Host *
	22	IdentityFile $TEMP/id_ed25519
	23	EOF
	24	export SSH_CONFIG_FILE="$TEMP/ssh_config"
	25	export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
	26
	27	"$@"