26 lines
No EOL
711 B
Nix
26 lines
No EOL
711 B
Nix
# shell.nix
|
|
with import <nixpkgs> {};
|
|
let
|
|
sops-nix = builtins.fetchTarball {
|
|
url = "https://github.com/Mic92/sops-nix/archive/master.tar.gz";
|
|
};
|
|
lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
|
|
in
|
|
mkShell {
|
|
import (fetchTarball {
|
|
url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz";
|
|
sha256 = lock.narHash;
|
|
})
|
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
|
# imports all files ending in .asc/.gpg
|
|
sopsPGPKeyDirs = [
|
|
"${toString ./.}/keys/hosts"
|
|
"${toString ./.}/keys/users"
|
|
];
|
|
nativeBuildInputs = [
|
|
pkgs.nix
|
|
pkgs.home-manager
|
|
pkgs.git
|
|
(pkgs.callPackage sops-nix {}).sops-import-keys-hook
|
|
];
|
|
} |