From 06b8e8067de1106ace0e0607f05b409e2d0cb506 Mon Sep 17 00:00:00 2001
From: Alexis Pentori <alexis@status.im>
Date: Fri, 9 Aug 2024 12:03:05 +0200
Subject: [PATCH] flake: add direnv to load vault variables

Signed-off-by: Alexis Pentori <alexis@status.im>
---
 .envrc    | 4 ++++
 flake.nix | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 .envrc

diff --git a/.envrc b/.envrc
new file mode 100644
index 0000000..27f67a0
--- /dev/null
+++ b/.envrc
@@ -0,0 +1,4 @@
+export VAULT_CACERT=./ansible/files/vault-ca.crt
+export VAULT_CLIENT_CERT=./ansible/files/vault-client-user.crt
+export VAULT_CLIENT_KEY=./ansible/files/vault-client-user.key
+export CONSUL_HTTP_TOKEN=$(pass services/consul/tokens/terraform)
diff --git a/flake.nix b/flake.nix
index 9fa98fd..0cceefc 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,7 +25,7 @@
         in pkgs.mkShellNoCC {
           packages = with pkgs.buildPackages; [
             # misc
-            git openssh jq fzf silver-searcher
+            git openssh jq fzf silver-searcher direnv
             # networking
             curl nmap nettools dnsutils
             # infra
@@ -40,6 +40,8 @@
           shellHook = ''
             ./ansible/roles.py --check || \
               echo -e '\nWARNING: Your role versions appear to be incorrect!' >&2
+            eval "$(direnv hook bash)"
+            direnv allow .
           '';
         };
       });