Add secrets support to dev VMs

2022-02-22 01:30:27 +00:00
parent 8c61cea30d
commit fcad909111
3 changed files with 16 additions and 4 deletions
--- a/devshell/commands.nix
+++ b/devshell/commands.nix
@@ -1,6 +1,7 @@
 { pkgs, ... }:
 let
  homeFlake = "$HOME/.config/nixpkgs/flake.nix";
+  devKey = ".keys/dev.key";
 in
 {
  commands = [
@@ -67,7 +68,9 @@ in
      command =
        ''
          cd "$PRJ_ROOT"
-          nix run ".#nixosConfigurations.\"$1\".config.my.buildAs.devVM"
+          tmp="$(mktemp -d nix-vm.XXXXXXXXXX --tmpdir)"
+          install -Dm0400 "${devKey}" "$tmp/xchg/dev.key"
+          TMPDIR="$tmp" USE_TMPDIR=1 nix run ".#nixosConfigurations.\"$1\".config.my.buildAs.devVM"
        '';
    }
    {