From 7f020def439cb44565cba2f137e4aac9b37cf643 Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Tue, 20 Aug 2024 11:57:49 +0000 Subject: [PATCH] introduce secrix-wrapper to devShel --- flake.nix | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/flake.nix b/flake.nix index 90f0dd9..b3de6c2 100644 --- a/flake.nix +++ b/flake.nix @@ -151,6 +151,50 @@ }; + packages."${system}".secrix-wrapper = pkgs.writeShellApplication { + name = "secr"; + text = '' + secrix() { + set -x + exec ${outputs.apps.${system}.secrix.program} "$@" + } + + help() { + echo "Usages:" + echo " $0 [create|rekey|edit|encrypt] [ …] " + echo " $0 decrypt [ …] " + } + + main() { + if [[ $# -lt 1 ]]; then + help + exit 0 + fi + cmd="$1" + shift 1 + case "$cmd" in + help|-h|--help) + help + ;; + create) + secrix "$cmd" --all-users --system "$@" + ;; + rekey|edit) + secrix "$cmd" --identity "$SECRIX_ID" --all-users --system "$@" + ;; + encrypt) + secrix "$cmd" --all-users --system "$@" + ;; + decrypt) + secrix "$cmd" --identity "$SECRIX_ID" "$@" + ;; + esac + } + + main "$@" + ''; + }; + devShells."${system}".default = let pkgs = pkgs_unstable; @@ -161,7 +205,13 @@ rsync opentofu terranix + # tooling for services + outputs.packages.${system}.secrix-wrapper + wireguard-tools ]; + shellHook = '' + export SECRIX_ID=~/".ssh/id_ed25519" + ''; }; };