b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

secrets: create on entering a nix-shell

Browse source
This commit is contained in:
Timothy DeHerrera 2020-01-03 17:54:27 -07:00
parent 73d3826d64
commit 89c2e04bb3
No known key found for this signature in database
GPG key ID: 8985725DB5B0C122
2 changed files with 11 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -112,10 +112,13 @@ your user should be declared here. For convenience, [home-manager][home-manager]
is available automatically for home directory setup. is available automatically for home directory setup.
## Secrets ## Secrets
Anything you wish to keep encrypted goes in the [secrets](secrets) directory. Anything you wish to keep encrypted goes in the directory, which is created
Be sure to run `git crypt init`, before committing anything to this repo. on first entering a `nix-shell`.
Be sure to check out the [documentation](https://github.com/AGWA/git-crypt) if
your not familiar. Be sure to run `git crypt init`, before committing anything to this directory.
Be sure to check out git-crypts [documentation](https://github.com/AGWA/git-crypt)
if your not familiar. The filter is already set up to encrypt everything in this
folder by default.
To keep [profiles](profiles) resuable across configurations, secrets should To keep [profiles](profiles) resuable across configurations, secrets should
only be imported from the [users](users) directory. only be imported from the [users](users) directory.

4
shell.nix
View file

@ -24,6 +24,10 @@ pkgs.mkShell {
rebuild rebuild
]; ];
shellHook = ''
mkdir -p secrets
'';
NIX_CONF_DIR = let NIX_CONF_DIR = let
current = pkgs.lib.optionalString (builtins.pathExists /etc/nix/nix.conf) current = pkgs.lib.optionalString (builtins.pathExists /etc/nix/nix.conf)
(builtins.readFile /etc/nix/nix.conf); (builtins.readFile /etc/nix/nix.conf);