dotfiles/apps/encrypt-secret.nix

20 lines
543 B
Nix
Raw Permalink Normal View History

2024-04-20 13:42:06 +00:00
{ pkgs, ... }:
{
2022-10-16 01:32:39 +00:00
# nix run github:nmasur/dotfiles#encrypt-secret > private/mysecret.age
type = "app";
2024-04-20 13:42:06 +00:00
program = builtins.toString (
pkgs.writeShellScript "encrypt-secret" ''
printf "\nEnter the secret data to encrypt for all hosts...\n\n" 1>&2
read -p "Secret: " secret
printf "\nEncrypting...\n\n" 1>&2
tmpfile=$(mktemp)
echo "''${secret}" > ''${tmpfile}
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${builtins.toString ../misc/public-keys} $tmpfile
rm $tmpfile
''
);
2022-10-16 01:32:39 +00:00
}