all repos — nixfiles @ 75761ab69e043d4d23ba7c2d7005090bfc91260a

System and user configuration, managed by nix and home-manager

use separate direnv/shell for secrets subdirectory

Alan Pearce
commit

75761ab69e043d4d23ba7c2d7005090bfc91260a

parent

1de714d82eea0a6871961ca2fabf5ef20d37ef14

2 files changed, 15 insertions(+), 1 deletion(-)

changed files
M flake.nixflake.nix
@@ -198,8 +198,10 @@ nixos-rebuild-ng
               (writeShellScriptBin "nixos-rebuild" ''
                 exec ${lib.getExe nixos-rebuild-ng} "$@"
               '')
-              agenix.packages.${system}.default
             ];
+          };
+          secrets = pkgs.mkShell {
+            packages = [ agenix.packages.${system}.default ];
           };
         }
       );
A secrets/.envrc
@@ -0,0 +1,12 @@
+if type -P lorri &>/dev/null; then
+  if test -v TMPDIR; then
+    export TMPDIR="$(readlink -f $TMPDIR)"
+  fi
+  eval "$(lorri direnv --flake ..#secrets)"
+else
+  echo 'while direnv evaluated .envrc, could not find the command "lorri" [https://github.com/nix-community/lorri]'
+  use flake ..#secrets
+fi
+
+dotenv_if_exists
+watch_file ../flake.lock