From d9c5b5a31a0d076e99fd70f976d69c647dd726be Mon Sep 17 00:00:00 2001 From: Robert Gerus Date: Mon, 23 Oct 2023 15:39:48 +0200 Subject: [PATCH] crimes --- .ci.sdImages.sh | 5 +++++ .ci.sh | 5 +++++ ci-secrets.nix | 3 +++ modules/ci-runners.nix | 1 + nixos/akamanto/default.nix | 5 +++-- 5 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 ci-secrets.nix diff --git a/.ci.sdImages.sh b/.ci.sdImages.sh index 85cdf86..a8b5fe5 100755 --- a/.ci.sdImages.sh +++ b/.ci.sdImages.sh @@ -1,6 +1,11 @@ #!/usr/bin/env bash +set -a source /run/agenix/ci-secrets +set +a + +cat ci-secrets.nix | envsubst > ci-secrets.nix.tmp +mv ci-secrets.nix.tmp ci-secrets.nix set -eou pipefail diff --git a/.ci.sh b/.ci.sh index a8b3c5e..06978a6 100755 --- a/.ci.sh +++ b/.ci.sh @@ -1,6 +1,11 @@ #!/usr/bin/env bash +set -a source /run/agenix/ci-secrets +set +a + +cat ci-secrets.nix | envsubst > ci-secrets.nix.tmp +mv ci-secrets.nix.tmp ci-secrets.nix set -eou pipefail diff --git a/ci-secrets.nix b/ci-secrets.nix new file mode 100644 index 0000000..60265c0 --- /dev/null +++ b/ci-secrets.nix @@ -0,0 +1,3 @@ +{ + wifi = "$__SECRET_wifi_secrets"; +} diff --git a/modules/ci-runners.nix b/modules/ci-runners.nix index 2562717..f2be486 100644 --- a/modules/ci-runners.nix +++ b/modules/ci-runners.nix @@ -42,6 +42,7 @@ in { wget jq nixos-rebuild + envsubst ]; }; diff --git a/nixos/akamanto/default.nix b/nixos/akamanto/default.nix index 59d45a2..3f580cc 100644 --- a/nixos/akamanto/default.nix +++ b/nixos/akamanto/default.nix @@ -1,5 +1,7 @@ { config, pkgs, lib, inputs, ... }: +let ci-secrets = import ../../ci-secrets.nix; +in { # https://en.wikipedia.org/wiki/Aka_Manto networking.hostName = "akamanto"; @@ -20,8 +22,7 @@ supportedFilesystems = lib.mkForce [ "vfat" "ext4" ]; }; - environment.etc."wifi-secrets".text = - builtins.getEnv "__SECRET_wifi_secrets"; + environment.etc."wifi-secrets".text = ci-secrets.wifi; networking = { useDHCP = false;