32 lines
930 B
Makefile
32 lines
930 B
Makefile
|
SOPS_FILE := "../nix-secrets/secrets.yaml"
|
||
|
|
||
|
# default recipe to display help information
|
||
|
default:
|
||
|
@just --list
|
||
|
|
||
|
# ensure the latest revisions of nix-secrets are used next time a rebuild occurs
|
||
|
update-nix-secrets:
|
||
|
(cd ../nix-secrets && git fetch && git rebase) || true
|
||
|
nix flake lock --update-input nix-secrets
|
||
|
|
||
|
# full system rebuild from flake (stages changes and automatically detects host)
|
||
|
rebuild-system:
|
||
|
git add *.nix
|
||
|
sudo nixos-rebuild switch --flake $(readlink -f /etc/nixos)#$(hostname)
|
||
|
|
||
|
# updates all flake inputs for system
|
||
|
update-flake:
|
||
|
nix flake update
|
||
|
|
||
|
# edit sops file
|
||
|
edit-sops:
|
||
|
echo "Editing {{SOPS_FILE}}"
|
||
|
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
|
||
|
|
||
|
# update
|
||
|
update-secrets:
|
||
|
cd $HOME/nix-secrets && (\
|
||
|
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
|
||
|
git add -u && (git commit -m "updated secrets" || true) && git push \
|
||
|
)
|