nixfiles/lib/desu/secrets-unsafe.nix

{ 
  age, 
  writeShellScript, 
  system,
  ...
}: 

{
  readUnsafe = name: let 
    identityPath = ../secrets/unsafe.key;

    path = ../secrets + "/UNSAFE.${name}.age";
    drv = builtins.derivation { 
      system = system;
      name = name;
      src = path;
      builder = writeShellScript "read-${name}.sh" ''
        ${age}/bin/age --decrypt --identity ${identityPath} $src > $out
      '';
    };
  in builtins.readFile drv;
}
refactor: avoid importing libs 2024-11-23 16:37:34 +03:00			`{`
			`age,`
			`writeShellScript,`
			`system,`
			`...`
			`}:`

			`{`
			`readUnsafe = name: let`
			`identityPath = ../secrets/unsafe.key;`

			`path = ../secrets + "/UNSAFE.${name}.age";`
			`drv = builtins.derivation {`
			`system = system;`
			`name = name;`
			`src = path;`
			`builder = writeShellScript "read-${name}.sh" ''`
			`${age}/bin/age --decrypt --identity ${identityPath} $src > $out`
			`'';`
			`};`
			`in builtins.readFile drv;`
			`}`