forked from zentralwerk/network
24 lines
476 B
Nix
24 lines
476 B
Nix
|
{ pkgs ? import <nixpkgs> {}
|
||
|
, gpgKeyFile ? ../../salt-gpg.asc
|
||
|
}:
|
||
|
|
||
|
path:
|
||
|
let
|
||
|
json = pkgs.runCommand "json-from-j2yaml" {
|
||
|
nativeBuildInputs = with pkgs; [
|
||
|
gnupg
|
||
|
pythonPackages.j2cli ruby yaml2json
|
||
|
];
|
||
|
} ''
|
||
|
export GNUPGHOME=$(mktemp -d)
|
||
|
gpg --import ${gpgKeyFile}
|
||
|
|
||
|
j2 ${path} > expanded.yaml
|
||
|
ruby ${./yaml-gpg.rb} expanded.yaml > decrypted.yaml
|
||
|
yaml2json < decrypted.yaml > $out
|
||
|
'';
|
||
|
in
|
||
|
builtins.fromJSON (
|
||
|
builtins.readFile json
|
||
|
)
|