From 6ae0c69fa5198981c2dab9334edd3c5c0b150e0c Mon Sep 17 00:00:00 2001 From: ibizaman Date: Tue, 13 Sep 2022 21:07:40 -0700 Subject: [PATCH] add pass plugin to read secrets from password store --- extra-builtins.nix | 3 +++ nix-pass.sh | 10 ++++++++++ 2 files changed, 13 insertions(+) create mode 100644 extra-builtins.nix create mode 100755 nix-pass.sh diff --git a/extra-builtins.nix b/extra-builtins.nix new file mode 100644 index 0000000..ce73079 --- /dev/null +++ b/extra-builtins.nix @@ -0,0 +1,3 @@ +{ exec, ... }: { + pass = name: exec [./nix-pass.sh name]; +} diff --git a/nix-pass.sh b/nix-pass.sh new file mode 100755 index 0000000..c4ec7dd --- /dev/null +++ b/nix-pass.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# nix-pass.sh + +set -euo pipefail + +f=$(mktemp) +trap "rm $f" EXIT +pass show "$1" | head -c -1 > $f +nix-instantiate --eval -E "builtins.readFile $f"