Skip to content

Commit

Permalink
host: hamilton: Added github access token to nix.conf to bypass API l…
Browse files Browse the repository at this point in the history 
…imits on nix flake update.
  • Loading branch information
@aftix
aftix committed Oct 4, 2024
1 parent f493576 commit 28f1b32
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 3 deletions.
14 changes: 14 additions & 0 deletions host/hamilton.nix
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
pkgs,
lib,
config,
...
}: let
inherit (lib.strings) optionalString;
Expand All @@ -23,6 +24,15 @@ in {
sops = {
defaultSopsFile = ./secrets.yaml;
age.keyFile = "/home/aftix/.local/persist/.config/sops/age/keys.txt";

secrets.gh_access_token = {};

templates.nixAccessTokens = {
mode = "0444";
content = ''
extra-access-tokens = github.com=${config.sops.placeholder.gh_access_token}
'';
};
};

my = {
Expand Down Expand Up @@ -59,6 +69,10 @@ in {
'';
};

nix.extraOptions = ''
!include ${config.sops.templates.nixAccessTokens.path}
'';

environment = {
systemPackages = with pkgs; [
btrfs-progs
Expand Down
7 changes: 4 additions & 3 deletions host/secrets.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
backblaze_key_id: ENC[AES256_GCM,data:XTcodnmPdo6v3qIum4W+h8g80SzzOnX8dw==,iv:ktsvBUafzYGyk4RASxSO6iLh5Mbr6tS4WURlUYm5GaU=,tag:L6JuyAW880ZGVKpekYa4IA==,type:str]
backblaze_application_key: ENC[AES256_GCM,data:IPww264yPPToRWwS0XaIaUOzhOcnlJyCEW0JvUWVfg==,iv:uhNZNrzkAahiqvMO2Ise4rBpEaNScu2gxnnqC0Bx9Rw=,tag:+apKUtlWIMjRi0Ffv+Ehdw==,type:str]
gh_access_token: ENC[AES256_GCM,data:sk13zEkRavIFOY9xIsLI0PCfZFLhDyoORcjeloslGE/Xdbb+5WZBVO81jwGt0od0S6UYNLEVLnq7Eh7jCpufLvXwGk7Nf2Sn7jGiQbbZ/kTHRWrbg8s+GvMqDqaG,iv:3fvCpYuUXKkliK9BjnFlH8K1/MDujb3k2rNSGOCWLyI=,tag:zWoy1ZJn1w7NDLPzwa7eNw==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -24,8 +25,8 @@ sops:
RjhSaktPdEJ4RWJLaFNEYUp0UnBDdFUKPodmqC26uxy+e3ILWpEAhLhdsBLKe3Ex
Z750N/XU26lCxZ9c+drILu57e/WitPx/sk6nodchDM0zD3+uRXnWng==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-08T19:40:47Z"
mac: ENC[AES256_GCM,data:3jx5CB4cfr1bfpOR2MYvhbrBH9jYwfeJg1n7ITCj2VX5Fikk2Y51Z03gWAdYgDHU3E8nBVYm6HGpILqDGgr4GSNF5jhv3EnDGjQdroh5PfjEBfQnO7NJV5dsEi4+XwFV+DCdgikCWtlCtIjwLX4cYE4j+5enRLl4n5DheX0+fwA=,iv:YHwjppHb4g+YTi5TffVPHbSeS4CWKOxW8ArUSTizvKI=,tag:Ye0o8c5wyQ2CTCkcHV1reQ==,type:str]
lastmodified: "2024-10-04T23:23:46Z"
mac: ENC[AES256_GCM,data:D6hgb6ZLyvULNoI7VzHnFAQyT18q8PGx0igXIfD4Gww6V2iU4D6kmOekOJFRagh0u2sc13umLgcgzFhZcfe6F2Elj935d8JDlrpb4N3XZY8xGTid1lcbiRFPt9TIUI13dYH3GeWQM8ulUyRYEMOZE6sDdilQd2o6L7iRUA4BDlk=,iv:XaM+2rlb+rH5rKxo2H5KinqSQqzMu/Whcyi8zusz8aM=,tag:4PIkc9kuPJmJaE5HIPaSsg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0

0 comments on commit 28f1b32

Please sign in to comment.