nix/shell.nix
2023-09-19 17:54:33 +09:00

31 lines
No EOL
927 B
Nix

# shell.nix
with import <nixpkgs> {};
let
sops-nix = builtins.fetchTarball {
url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz";
};
lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
in
# A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file
# Useful to avoid using channels when using legacy nix commands
{ pkgs ? import (
fetchTarball {
url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; sha256 = lock.narHash;
}
) { }
}: {
default = pkgs.mkShell {
NIX_CONFIG = "experimental-features = nix-command flakes";
# imports all files ending in .asc/.gpg
sopsPGPKeyDirs = [
"${toString ./.}/keys/hosts"d
"${toString ./.}/keys/users"
];
nativeBuildInputs = [
pkgs.nix
pkgs.home-manager
pkgs.git
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
];
}
}