blob: c570ccf2afcd95cde5495679f18fce4f40911f1f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
#!/usr/bin/env bash
if [ -z "$NIXOPS_ENV_LOADED" ]; then
echo "Please load the environment with direnv"
exit 1;
fi
umask 0077
TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
chmod go-rwx $TEMP
finish() {
rm -rf "$TEMP"
}
trap finish EXIT
sops -d secrets/vars.yml | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
"$@"
|
