blob: 783d86c0634c0029b4cb09a2a184af5a321c97fc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
#!/usr/bin/env bash
if [ -z "$SOPS_VARS_FILE" ]; then
echo "Variable SOPS_VARS_FILE is needed with a path to the sops variables"
exit 1;
fi
umask 0077
TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files)
chmod go-rwx $TEMP
finish() {
rm -rf "$TEMP"
}
trap finish EXIT
sops -d $SOPS_VARS_FILE | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519
cat > $TEMP/ssh_config <<EOF
Host *
IdentityFile $TEMP/id_ed25519
EOF
export SSH_CONFIG_FILE="$TEMP/ssh_config"
export SSH_IDENTITY_FILE="$TEMP/id_ed25519"
"$@"
|
