mirror of
https://github.com/Mic92/sops-nix.git
synced 2024-12-14 11:57:52 +00:00
98aa76b72e
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/79a13f1437e149dc7be2d1290c74d378dad60814' (2024-02-03)
→ 'github:NixOS/nixpkgs/f8e2ebd66d097614d51a56a755450d4ae1632df1' (2024-02-07)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/9a333eaa80901efe01df07eade2c16d183761fa3' (2024-01-22)
→ 'github:NixOS/nixpkgs/bc6cb3d59b7aab88e967264254f8c1aa4c0284e9' (2024-02-08)
57 lines
2 KiB
Nix
57 lines
2 KiB
Nix
{
|
|
description = "Integrates sops into nixos";
|
|
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
inputs.nixpkgs-stable.url = "github:NixOS/nixpkgs/release-23.11";
|
|
nixConfig.extra-substituters = ["https://cache.thalheim.io"];
|
|
nixConfig.extra-trusted-public-keys = ["cache.thalheim.io-1:R7msbosLEZKrxk/lKxf9BTjOOH7Ax3H0Qj0/6wiHOgc="];
|
|
outputs = {
|
|
self,
|
|
nixpkgs,
|
|
nixpkgs-stable
|
|
}: let
|
|
systems = [
|
|
"x86_64-linux"
|
|
"x86_64-darwin"
|
|
"aarch64-darwin"
|
|
"aarch64-linux"
|
|
];
|
|
forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
|
|
suffix-version = version: attrs: nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair (name + version) value) attrs;
|
|
suffix-stable = suffix-version "-23_11";
|
|
in {
|
|
overlays.default = final: prev: let
|
|
localPkgs = import ./default.nix {pkgs = final;};
|
|
in {
|
|
inherit (localPkgs) sops-install-secrets sops-init-gpg-key sops-pgp-hook sops-import-keys-hook sops-ssh-to-age;
|
|
# backward compatibility
|
|
inherit (prev) ssh-to-pgp;
|
|
};
|
|
nixosModules = {
|
|
sops = import ./modules/sops;
|
|
default = self.nixosModules.sops;
|
|
};
|
|
homeManagerModules.sops = import ./modules/home-manager/sops.nix;
|
|
homeManagerModule = self.homeManagerModules.sops;
|
|
packages = forAllSystems (system:
|
|
import ./default.nix {
|
|
pkgs = import nixpkgs {inherit system;};
|
|
});
|
|
checks = nixpkgs.lib.genAttrs ["x86_64-linux" "aarch64-linux"]
|
|
(system: let
|
|
tests = self.packages.${system}.sops-install-secrets.tests;
|
|
packages-stable = import ./default.nix {
|
|
pkgs = import nixpkgs-stable {inherit system;};
|
|
};
|
|
tests-stable = packages-stable.sops-install-secrets.tests;
|
|
in tests //
|
|
(suffix-stable tests-stable) //
|
|
(suffix-stable packages-stable));
|
|
|
|
devShells = forAllSystems (system: let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
in {
|
|
unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix {};
|
|
default = pkgs.callPackage ./shell.nix {};
|
|
});
|
|
};
|
|
}
|