1
0
Fork 0

Use statically generated env file rather than dynamic

The original approach ensured secrets were always up to date but
really slowed down cd'ing into the directory or opening files in emacs.
trunk
Gabriel Simmer 2023-07-15 12:01:59 +01:00
parent d47b2e90ea
commit e07c3921f4
Signed by: arch
GPG Key ID: C81B106D46C5B875
3 changed files with 12 additions and 7 deletions

8
.env.age Normal file
View File

@ -0,0 +1,8 @@
age-encryption.org/v1
-> piv-p256 Vmeusg Apk0u/z04skt4ktJsHDslOrOrwEVcBFzcORCAhbCS48I
WbCYJz5qY0fWslurJUKUc5Coa1mnZejTd9iNubBYWv8
-> hxTct-grease F
Nsg4ckSmYxQxGekmQjq6ipcIKgxvRoh4S8Jud45XOjKKQG4vLvdrFtwhf+5MqgjP
SbvzIs9J1w
--- acYQQSnX0IY7NpTZiPQrtR5S7SIY5PrKrRbBRZl7Glo
Z²\Vl;Øýá³<C3A1>håò<C3A5>»ÿÚG¨ehÖo„‰Þu¯Ó\ðåg+“ÈkP1+"ziŽI\Æ<01>nùJr´ÚOÂOÙ4íYÐËèÇ3:MAÚèµÌ®áõ˜ÄÜ©N·Ë®q=gЈ¦¿³i4P§‡ÝpMQµâÆðXD<Ò1@èM¨™9ˆô9çd$2ÔKtâî¡ÝRÙ<52>c"1”Nèžl4+J÷Ç<10>/³N_\«„M·UÇ©(·ÞÖba?0[†sÑCq¸Û@•C`"cXçË,WúªÌî2[ˆÛ²=ç|Í•"šÎ½Æp­<y"NácoŠéqø7ê²<C3AA>kÕÌò”rÝ;=KQÉÏ=Œ–~ÛMØÁ>÷­T

1
.gitignore vendored
View File

@ -41,3 +41,4 @@ terraform.rc
output/
result
.direnv/
.env

View File

@ -14,13 +14,9 @@
devShells.default = pkgs.mkShell {
shellHook =
''
bw sync
export BW_SESSION=$(bw unlock --raw)
export VERCEL_API_TOKEN=$(bw list items --search "Vercel API" | jq -r '.[0].notes')
export HCLOUD_TOKEN=$(bw list items --search "Hetzner" | jq -r '.[0].fields[] | select(.name | contains("API")) | .value')
export TF_VAR_tailscale_key=$(bw list items --search "Tailscale Key" | jq -r '.[0].notes')
export CLOUDFLARE_API_TOKEN=$(bw list items --search "CloudFlare" | jq -r '.[0].fields[] | select(.name | contains("Zone API Key")) | .value')
# alias terraform='terraform -chdir=terraform'
set -o allexport
source .env set
+o allexport
'';
nativeBuildInputs = [
pkgs.jq