refactor(sys): Modularize and move to `modules/system` or `pkgs`

1 files changed, 37 insertions, 0 deletions

diff --git a/modules/system/secrets/update.sh b/modules/system/secrets/update.sh
new file mode 100755
index 00000000..edc4ae8a
--- /dev/null
+++ b/modules/system/secrets/update.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/env nix
+#! nix shell nixpkgs#age nixpkgs#jq nixpkgs#dash --command dash
+# shellcheck shell=dash
+
+cleanup() {
+    [ "$key_file" ] && rm "$key_file"
+}
+trap cleanup EXIT
+
+update_lf_cd_paths() {
+    echo "Starting to update the lf/cd_paths file.."
+
+    cd "$(git rev-parse --show-toplevel)/sys/secrets" || {
+        echo "A secrets dir does not exist! (This is most likely a bug)"
+        exit 1
+    }
+
+    key_file="$(mktemp)"
+
+    nix eval -f ./secrets.nix --json | jq --raw-output '.["lf/cd_paths"].publicKeys | join("\n")' >"$key_file"
+
+    # `lf-make-map` is provided by the dev shell
+    {
+        lf-make-map --quiet --depth 4 visualize ~/media ~/repos ~/school | sed 's|\(.*\)|# \1|'
+        lf-make-map --quiet --depth 4 generate ~/media ~/repos ~/school
+    } | age --recipients-file "$key_file" --encrypt --armor --output ./lf/cd_paths
+
+    echo "Finished updating the lf/cd_paths file.."
+}
+
+main() {
+    update_lf_cd_paths
+}
+
+main
+
+# vim: ft=sh