home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit cdca60489c7acb332635cc2e55f286ed384e1b1e
parent 38f4ac0fcab84c025b9a40b8a296978b8e881ee3
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Mon, 13 Sep 2021 11:41:41 +0200

nix: add sops/sops-nix to prepare…

… managing secrets better.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
M.envrc | 4+++-
Mnix/sources.json | 12++++++++++++
Mshell.nix | 1+
3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/.envrc b/.envrc @@ -1,5 +1,7 @@ use_nix shell.nix -# use_flake + +watch_file ./shell.nix +watch_file ./nix/sources.json test -f .secrets && source .secrets || echo "no secrets" export QEMU_OPTS="-m 8096 -cpu host" diff --git a/nix/sources.json b/nix/sources.json @@ -118,5 +118,17 @@ "type": "tarball", "url": "https://github.com/NixOS/nixpkgs/archive/08ef0f28e3a41424b92ba1d203de64257a9fca6a.tar.gz", "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" + }, + "sops-nix": { + "branch": "master", + "description": "Atomic secret provisioning for NixOS based on sops", + "homepage": "", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "3e4ebc851c91d1ce5c65da23436726c555a0d7e8", + "sha256": "0mpzkjvw2vyd6mf5hx6naic3sbhiwj1n6v5j94bm31marm8d2adq", + "type": "tarball", + "url": "https://github.com/Mic92/sops-nix/archive/3e4ebc851c91d1ce5c65da23436726c555a0d7e8.tar.gz", + "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" } } diff --git a/shell.nix b/shell.nix @@ -13,6 +13,7 @@ pkgs.mkShell niv nixos-generators nixpkgs-fmt + sops ]; shellHook = '' export NIX_PATH="nixpkgs=${pkgs.path}:nixos=${nixos.path}:nixos-unstable=${nixos-unstable.path}"