devShell: add agenix to the devShell

Progresses #11
2023-04-05 10:42:22 +10:00 · 2023-04-05 10:42:22 +10:00 · cdb41cb22a
parent 66fb43735c
commit cdb41cb22a
4 changed files with 36 additions and 4 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,26 @@
 {
  "nodes": {
+    "agenix": {
+      "inputs": {
+        "darwin": [],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1680281360,
+        "narHash": "sha256-XdLTgAzjJNDhAG2V+++0bHpSzfvArvr2pW6omiFfEJk=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "e64961977f60388dd0b49572bb0fc453b871f896",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
    "colmena": {
      "inputs": {
        "flake-compat": "flake-compat",
@ -208,6 +229,7 @@
    },
    "root": {
      "inputs": {
+        "agenix": "agenix",
        "colmena": "colmena",
        "hakyll-skeleton": "hakyll-skeleton",
        "jfdic-web": "jfdic-web",
--- a/flake.nix
+++ b/flake.nix
@ -2,6 +2,11 @@
  description = "jfdic-ops deployment";

  inputs = {
+    agenix = {
+      url = "github:ryantm/agenix";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.darwin.follows = ""; # skip Darwin dependencies
+    };
    hakyll-skeleton = {
      flake = false;
      url = git+https://source.jfdic.org/jfdic/hakyll-skeleton/?ref=consensus;
--- a/outputs.nix
+++ b/outputs.nix
@ -2,6 +2,7 @@
  self,
  hakyll-skeleton,
  jfdic-web,
+  agenix,
  colmena,
  nix,
  nixpkgs,
@ -17,6 +18,7 @@ in {
  devShell =
    pkgs.callPackage
    ./shell.nix {
+      inherit (agenix.packages."${pkgs.system}") agenix;
      inherit (colmena.packages."${pkgs.system}") colmena;
      inherit (nix.packages."${pkgs.system}") nix;
      inherit (nixpkgsUnstable.legacyPackages."${pkgs.system}") alejandra;
@ -33,9 +35,10 @@ in {
      };
    };
    toscano = import ./nixos/hosts/toscano/configuration.nix;
-    nixosConfigurations = import ./nixos/configurations.nix (inputs
-      // {
-        inherit inputs;
-      });
+    # The below lines are in the wrong place
+    #nixosConfigurations = import ./nixos/configurations.nix (inputs
+    #  // {
+    #    inherit inputs;
+    #  });
  };
 }
--- a/shell.nix
+++ b/shell.nix
@ -1,5 +1,6 @@
 {
  pkgs ? import <nixpkgs> {},
+  agenix,
  alejandra,
  mkShell,
  colmena,
@ -8,6 +9,7 @@
 with pkgs;
  mkShell {
    buildInputs = [
+      agenix # CLI management of secrets encrypted via existing SSH keys
      alejandra # The Uncompromising Nix Code Formatter
      colmena # simple, stateless NixOS deployment tool
      nix # Powerful package manager, makes packaging reliable & reproducible