SOPS_FILE := "~/.local/share/src/nix-secrets/secrets.yaml" # default recipe to display help information default: @just --list # fetches from remote and updates flake.lock with latest revisions of nix-secrets for next time a rebuild occurs update-flake-secrets: nix flake lock --update-input nix-secrets pkill -RTMIN+11 dwmblocks # full system rebuild from flake (stages changes and automatically detects host) rebuild-system: if [ -n "$(diff <(cat /etc/nixos/flake.lock) <(cat flake.lock))" ]; then echo "local flake.lock has diverged from system. Please update flake or rebase. Exiting" && exit 1; fi sudo nixos-rebuild switch --option eval-cache false --flake .#$(hostname) # test full system rebuild from flake (stages changes and automatically detects host) rebuild-system-test: if [ -n "$(diff <(cat /etc/nixos/flake.lock) <(cat flake.lock))" ]; then echo "local flake.lock has diverged from system. Please update flake or rebase. Exiting" && exit 1; fi sudo nixos-rebuild test --option eval-cache false --flake .#$(hostname) # updates all flake inputs for system update-flake: nix flake update pkill -RTMIN+11 dwmblocks # edit sops file edit-sops: echo "Editing {{SOPS_FILE}}" cd $(dirname {{SOPS_FILE}}) && git pull nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}" cd $(dirname {{SOPS_FILE}}) && git add . && git commit -m "autocommit-$(date +'%d-%m-%y@%H:%m:%S')" && git push # update keys in secrets.yaml and push to remote update-sops-secrets: cd ~/.local/share/src/nix-secrets && (\ nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \ git add -u && (git commit -m "updated secrets" || true) && git push \ )