flake: open nix flake devShell automatically with direnv (nix-direnv)

Benefits: - everyone running the same environemnt - no PYTHONPATH setup needed for Ansible - showing roles.py on dir entry for status Docs: - https://github.com/nix-community/nix-direnv - https://github.com/direnv/direnv/wiki/Nix To make direnv less verbose: `export DIRENV_LOG_FORMAT=`
2024-09-16 12:05:53 +02:00 · 2024-09-16 12:05:53 +02:00 · 32a8552eaf
parent affa41a334
commit 32a8552eaf
3 changed files with 10 additions and 6 deletions
--- a/.envrc
+++ b/.envrc
@ -1,4 +1,6 @@
-export VAULT_CACERT=./ansible/files/vault-ca.crt
-export VAULT_CLIENT_CERT=./ansible/files/vault-client-user.crt
-export VAULT_CLIENT_KEY=./ansible/files/vault-client-user.key
-export CONSUL_HTTP_TOKEN=$(pass services/consul/tokens/terraform)
+if ! has nix_direnv_version || ! nix_direnv_version 3.0.6; then
+  source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.6/direnvrc" "sha256-RYcUJaRMf8oF5LznDrlCXbkOQrywm0HDv1VjYGaJGdM="
+fi
+
+source .envrc.secrets
+use flake
--- a/.envrc.secrets
+++ b/.envrc.secrets
@ -0,0 +1,4 @@
+export VAULT_CACERT=./ansible/files/vault-ca.crt
+export VAULT_CLIENT_CERT=./ansible/files/vault-client-user.crt
+export VAULT_CLIENT_KEY=./ansible/files/vault-client-user.key
+export CONSUL_HTTP_TOKEN=$(pass services/consul/tokens/terraform)
--- a/flake.nix
+++ b/flake.nix
@ -40,8 +40,6 @@
          shellHook = ''
            ./ansible/roles.py --check || \
              echo -e '\nWARNING: Your role versions appear to be incorrect!' >&2
-            eval "$(direnv hook bash)"
-            direnv allow .
          '';
        };
      });