diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-09 14:08:26 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-09 20:33:34 +0200 |
| commit | 5fcdae15704a82032016d79272a1601f9d232365 (patch) | |
| tree | b16dc9c5135d86b3b3f75282a11345043f1d0629 /sys/secrets/update.sh | |
| parent | feat(pkgs/lf-make-map): Add de-serialization to lf mappings (diff) | |
| download | nixos-config-5fcdae15704a82032016d79272a1601f9d232365.zip | |
feat(sys/secrets/lf/cd_paths): Generate with `lf-make-map`
Diffstat (limited to 'sys/secrets/update.sh')
| -rwxr-xr-x | sys/secrets/update.sh | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/sys/secrets/update.sh b/sys/secrets/update.sh new file mode 100755 index 00000000..82aea59e --- /dev/null +++ b/sys/secrets/update.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env nix +#! nix shell nixpkgs#age nixpkgs#jq nixpkgs#dash --command dash + +cleanup() { + [ "$key_file" ] && rm "$key_file" +} +trap cleanup EXIT + +update_lf_cd_paths() { + echo "Starting to update the lf/cd_paths file.." + + cd "$(git rev-parse --show-toplevel)/sys/secrets" || { + echo "A secrets dir does not exist! (This is most likely a bug)" + exit 1 + } + + key_file="$(mktemp)" + + nix eval -f ./secrets.nix --json | jq --raw-output '.["lf/cd_paths"].publicKeys | join("\n")' >"$key_file" + + # `lf-make-map` is provided by the dev shell + { + lf-make-map --quiet --depth 4 visualize ~/media ~/repos ~/school | sed 's|\(.*\)|# \1|' + lf-make-map --quiet --depth 4 generate ~/media ~/repos ~/school + } | age --recipients-file "$key_file" --encrypt --armor --output ./lf/cd_paths + + echo "Finished updating the lf/cd_paths file.." +} + +main() { + update_lf_cd_paths +} + +main + +# vim: ft=sh |