2023-08-15 05:29:23 +02:00
|
|
|
# shell.nix
|
|
|
|
with import <nixpkgs> {};
|
|
|
|
let
|
|
|
|
sops-nix = builtins.fetchTarball {
|
|
|
|
url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz";
|
|
|
|
};
|
2023-09-19 10:39:24 +02:00
|
|
|
lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
|
2023-08-15 05:29:23 +02:00
|
|
|
in
|
2023-09-19 10:52:43 +02:00
|
|
|
# A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file
|
|
|
|
# Useful to avoid using channels when using legacy nix commands
|
2023-09-19 10:54:12 +02:00
|
|
|
{ pkgs ? import (
|
|
|
|
fetchTarball {
|
|
|
|
url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; sha256 = lock.narHash;
|
|
|
|
}
|
|
|
|
) { }
|
2023-09-19 10:52:43 +02:00
|
|
|
}: {
|
2023-09-19 10:54:33 +02:00
|
|
|
default = pkgs.mkShell {
|
2023-09-19 10:52:43 +02:00
|
|
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
|
|
|
# imports all files ending in .asc/.gpg
|
|
|
|
sopsPGPKeyDirs = [
|
2023-09-19 10:54:12 +02:00
|
|
|
"${toString ./.}/keys/hosts"d
|
2023-09-19 10:52:43 +02:00
|
|
|
"${toString ./.}/keys/users"
|
|
|
|
];
|
|
|
|
nativeBuildInputs = [
|
|
|
|
pkgs.nix
|
|
|
|
pkgs.home-manager
|
|
|
|
pkgs.git
|
|
|
|
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
|
|
|
|
];
|
2023-09-19 10:54:50 +02:00
|
|
|
};
|
2023-08-15 05:29:23 +02:00
|
|
|
}
|