diff --git a/lib/nkxpkgs.nix b/lib/nkxpkgs.nix index 8b89f550..4275ad32 100644 --- a/lib/nkxpkgs.nix +++ b/lib/nkxpkgs.nix @@ -1,14 +1,7 @@ # A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file # Useful to avoid using channels when using legacy nix commands -let - nixpkgs-lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; - sops-nix-lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.sops-nix.locked; -in -import (fetchTarball { +let nixpkgs-lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; +in import (fetchTarball { url = "https://github.com/nixos/nixpkgs/archive/${nixpkgs-lock.rev}.tar.gz"; sha256 = nixpkgs-lock.narHash; -}) -import (fetchTarball { - url = "https://github.com/Mic92/sops-nix/archive/${sops-nix-lock.rev}.tar.gz"; - sha256 = sops-nix.lock.narHash; }) \ No newline at end of file diff --git a/lib/sops-nix.nix b/lib/sops-nix.nix new file mode 100644 index 00000000..1b19aef1 --- /dev/null +++ b/lib/sops-nix.nix @@ -0,0 +1,6 @@ +# Useful to avoid using channels when using legacy nix commands +let sops-nix-lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.sops-nix.locked; +in import (fetchTarball { + url = "https://github.com/Mic92/sops-nix/archive/${sops-nix-lock.rev}.tar.gz"; + sha256 = sops-nix.lock.narHash; +}) \ No newline at end of file diff --git a/shell.nix b/shell.nix index bfc3861a..28613e33 100644 --- a/shell.nix +++ b/shell.nix @@ -1,7 +1,10 @@ # shell.nix # A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file # Useful to avoid using channels when using legacy nix commands -{ pkgs ? (import ./lib/nixpkgs.nix) { } }: { +{ + pkgs ? (import ./lib/nixpkgs.nix) { }, + sops-nix ? (import ./lib/sops-nix.nix) { } +}: { default = pkgs.mkShell { NIX_CONFIG = "experimental-features = nix-command flakes"; # imports all files ending in .asc/.gpg