swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: repo-local secrets implemented for yubikey

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-06-11 04:01:07 +02:00
parent 609bb1597f
commit 85cbd5e1f6
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
11 changed files with 230 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nix/extra-builtins.nix
View file

@ -17,8 +17,8 @@ in
nixFile:
assert assertMsg (builtins.isPath nixFile)
"The file to decrypt must be given as a path to prevent impurity.";
assert assertMsg (hasSuffix ".nix.age" nixFile)
"The content of the decrypted file must be a nix expression and should therefore end in .nix.age";
assert assertMsg (hasSuffix ".nix.enc" nixFile)
"The content of the decrypted file must be a nix expression and should therefore end in .nix.enc";
exec [
./sops-decrypt-and-cache.sh
nixFile