Migrate Secrets into Nix Module

2023-03-09 22:58:50 -05:00
parent 16ad504018
commit d57bbc5e94
6 changed files with 49 additions and 50 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -115,24 +115,28 @@
        
        hydraJobs = checks // lib.optionalAttrs
          (system == "x86_64-linux" ) {
-            runCommandHook = let
-              deployFlake = pkgs.runCommand "New Alan Deploy" {} ''
-                mkdir $out
-                substitute ${./deploy/flake.nix} $out/flake.nix \
-                  --replace "main.tar.gz" "${self.rev}.tar.gz"
-              '';
-              in {
+            runCommandHook = {
              newalan = pkgs.runCommand "New Alan Deployscript" {
-                nativeBuildInputs = [
-                  newalan
-                  checks.newalan-nextest
-                ];
+                nativeBuildInputs = builtins.attrValues checks;
              } ''
-                echo '#!${pkgs.runtimeShell}' >> $out
-                echo 'export flake=${deployFlake}' >> $out
-                echo Deploying ${deployFlake}
-                echo '# ${pkgs.runtimeShell} ./secrets/deploy.sh' >> $out
+                export tmp=$(mktemp -d)
+                pushd $tmp
+                ${pkgs.wget}/bin/wget \
+          https://git.syzygial.cc/Syzygial/New-Alan/archive/${self.rev}.bundle
+                git clone * src
+                ${pkgs.tree}/bin/tree
+                cd src
+                sops -i -d secrets/config.nix
+                echo << 'DOC'
+                  #!${pkgs.runtimeShell}
+                  export flake="$tmp/src/deploy"
+                  # ${pkgs.runtimeShell} ./secrets/deploy.sh
+                DOC >> $out
                chmod +x $out
+                popd
+                rm -rf $tmp
+                echo Listing $tmp
+                ls $tmp
              '';
            };
          };