diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-07-07 16:03:51 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-07-07 16:03:51 -0700 |
| commit | c214a560f0500e4be077086e557c3e6d336c7c27 (patch) | |
| tree | 760d484ecdf1c242075394fbcd97927f95f1048c /flake.nix | |
| parent | add a few tags to org-mode (diff) | |
| download | infra-c214a560f0500e4be077086e557c3e6d336c7c27.tar.gz | |
move scripts managed by nix out of the flake
In order to keep the flake readable, the various scripts managed by nix
are now moved to their own files under `nix/scripts`.
Diffstat (limited to 'flake.nix')
| -rw-r--r-- | flake.nix | 74 |
1 files changed, 8 insertions, 66 deletions
@@ -130,7 +130,10 @@ detect-private-keys.enable = true; end-of-file-fixer.enable = true; mixed-line-endings.enable = true; - shellcheck.enable = true; + shellcheck = { + enable = true; + excludes = [ "\\.envrc$" ]; + }; flake-checker.enable = true; treefmt = { enable = true; @@ -181,69 +184,9 @@ let pkgs = getPkgs system; pre-commit-check = mkPreCommitHooks system ./.; - - # Scripts that are specific to darwin - darwinScripts = - if nixpkgs.lib.hasSuffix "darwin" system then - [ - (pkgs.writeScriptBin "nbuild" '' - set -e - echo "> Running darwin-rebuild build..." - ${inputs.darwin.packages.${system}.darwin-rebuild}/bin/darwin-rebuild build --flake . - echo "> darwin-rebuild build was successful ✅" - echo "> macOS config was successfully applied 🚀" - '') - (pkgs.writeScriptBin "nswitch" '' - set -e - echo "> Running darwin-rebuild switch..." - ${inputs.darwin.packages.${system}.darwin-rebuild}/bin/darwin-rebuild switch --flake . - echo "> darwin-rebuild build was successful ✅" - echo "> macOS config was successfully applied 🚀" - '') - (pkgs.writeScriptBin "switch-vm-synology" '' - set -e - echo "> Running nixos-rebuild switch ..." - ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --keep-going --flake .#vm-synology --target-host vm-synology --build-host vm-synology --fast --use-remote-sudo --use-substitutes - echo "> nixos-rebuild switch was successful ✅" - '') - (pkgs.writeScriptBin "sync-agenix-key" '' - set -e - echo "> Copying agenix SSH key from 1password ..." - mkdir -p ~/.ssh - ${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/agenix/private key?ssh-format=openssh" > ~/.ssh/agenix - ${pkgs._1password-cli}/bin/op --account my.1password.com read "op://Private/agenix/public key" > ~/.ssh/agenix.pub - echo "> agenix SSH key copied successfully 🔐" - '') - ] - else - [ ]; - - # Scripts that are specific to linux - linuxScripts = - if nixpkgs.lib.hasSuffix "linux" system then - [ - (pkgs.writeScriptBin "nbuild" '' - set -e - echo "> Running nixos-rebuild build..." - sudo nixos-rebuild build --flake . - echo "> nixos-rebuild build was successful ✅" - '') - (pkgs.writeScriptBin "nswitch" '' - set -e - echo "> Running nixos-rebuild switch..." - sudo nixos-rebuild switch --flake . - echo "> nixos-rebuild switch was successful ✅" - echo "> NixOS config was successfully applied 🚀" - '') - ] - else - [ ]; - - commonScripts = [ - (pkgs.writeScriptBin "update-deps" "nix flake update --commit-lock-file") - ]; - - systemSpecificScripts = darwinScripts ++ linuxScripts; + scripts = import ./nix/scripts { + inherit pkgs system inputs; + }; in { default = pkgs.mkShellNoCC { @@ -255,8 +198,7 @@ git inputs.agenix.packages."${system}".default ] - ++ commonScripts - ++ systemSpecificScripts; + ++ scripts.all; }; } ); |