From 32a8552eaf0347c217fa7d80572b06d5cd90243d Mon Sep 17 00:00:00 2001 From: Anton Iakimov Date: Mon, 16 Sep 2024 12:05:53 +0200 Subject: [PATCH] flake: open nix flake devShell automatically with direnv (nix-direnv) Benefits: - everyone running the same environemnt - no PYTHONPATH setup needed for Ansible - showing roles.py on dir entry for status Docs: - https://github.com/nix-community/nix-direnv - https://github.com/direnv/direnv/wiki/Nix To make direnv less verbose: `export DIRENV_LOG_FORMAT=` --- .envrc | 10 ++++++---- .envrc.secrets | 4 ++++ flake.nix | 2 -- 3 files changed, 10 insertions(+), 6 deletions(-) create mode 100644 .envrc.secrets diff --git a/.envrc b/.envrc index 27f67a0..100d7b9 100644 --- a/.envrc +++ b/.envrc @@ -1,4 +1,6 @@ -export VAULT_CACERT=./ansible/files/vault-ca.crt -export VAULT_CLIENT_CERT=./ansible/files/vault-client-user.crt -export VAULT_CLIENT_KEY=./ansible/files/vault-client-user.key -export CONSUL_HTTP_TOKEN=$(pass services/consul/tokens/terraform) +if ! has nix_direnv_version || ! nix_direnv_version 3.0.6; then + source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.6/direnvrc" "sha256-RYcUJaRMf8oF5LznDrlCXbkOQrywm0HDv1VjYGaJGdM=" +fi + +source .envrc.secrets +use flake diff --git a/.envrc.secrets b/.envrc.secrets new file mode 100644 index 0000000..27f67a0 --- /dev/null +++ b/.envrc.secrets @@ -0,0 +1,4 @@ +export VAULT_CACERT=./ansible/files/vault-ca.crt +export VAULT_CLIENT_CERT=./ansible/files/vault-client-user.crt +export VAULT_CLIENT_KEY=./ansible/files/vault-client-user.key +export CONSUL_HTTP_TOKEN=$(pass services/consul/tokens/terraform) diff --git a/flake.nix b/flake.nix index 6adfbcb..632bc2c 100644 --- a/flake.nix +++ b/flake.nix @@ -40,8 +40,6 @@ shellHook = '' ./ansible/roles.py --check || \ echo -e '\nWARNING: Your role versions appear to be incorrect!' >&2 - eval "$(direnv hook bash)" - direnv allow . ''; }; });