diff --git a/.gitattributes b/.gitattributes index 42db5b2..b242476 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,3 @@ **/private/** filter=git-crypt diff=git-crypt -private/** filter=git-crypt diff=git-crypt \ No newline at end of file +private/** filter=git-crypt diff=git-crypt +*-private.nix filter=git-crypt diff=git-crypt \ No newline at end of file diff --git a/nix/common.nix b/nix/common.nix index 72416fd..5275e6d 100644 --- a/nix/common.nix +++ b/nix/common.nix @@ -178,49 +178,58 @@ assertion = builtins ? currentSystem; message = "MKK must be build with --impure"; } + { - assertion = - let - file = ../private/check-encryption; - resultFile = pkgs.runCommandLocal "check-encryption" { src = file; } '' - if [[ "$(< $src)" != "DECRYPTED" ]]; then - echo -n "no" >> $out; - else - echo -n "yes" >> $out; - fi - ''; - in - (builtins.readFile resultFile == "yes"); + assertion = config.konfig.decrypted; message = "Need to decrypt MKK repo to build"; } ]; } # * Args - { - options.konfig = lib.mkOption { default = { }; }; - config = { - konfig = { - unstable = mkkArg.unstable; - stable = mkkArg.stable; - current = mkkArg.current; - nixerusPkgs = - (import mkkArg.current.nixerus { inherit pkgs; }) - // ( - if (pkgs.system == "x86_64-linux") then - { - i686Linux = import mkkArg.current.nixerus { pkgs = pkgs.pkgsi686Linux; }; - } - else - { } - ); - arg = mkkArg; - rootFlake = (builtins.getFlake mkkArg.configRootPath); - vars = lib.mkDefault { }; + ( + let + decryptedBool = + let + file = ../private/check-encryption; + resultFile = pkgs.runCommandLocal "check-encryption" { src = file; } '' + if [[ "$(< $src)" != "DECRYPTED" ]]; then + echo -n "no" >> $out; + else + echo -n "yes" >> $out; + fi + ''; + in + (builtins.readFile resultFile == "yes"); + + in + { + options.konfig = lib.mkOption { default = { }; }; + config = { + konfig = { + decrypted = decryptedBool; + unstable = mkkArg.unstable; + stable = mkkArg.stable; + current = mkkArg.current; + nixerusPkgs = + (import mkkArg.current.nixerus { inherit pkgs; }) + // ( + if (pkgs.system == "x86_64-linux") then + { + i686Linux = import mkkArg.current.nixerus { pkgs = pkgs.pkgsi686Linux; }; + } + else + { } + ); + + arg = mkkArg; + rootFlake = (builtins.getFlake mkkArg.configRootPath); + vars = lib.mkDefault { }; + }; + _module.args.konfig = config.konfig; }; - _module.args.konfig = config.konfig; - }; - } + } + ) # * common.nix END ]; diff --git a/nix/default.nix b/nix/default.nix index fe22784..266e4b0 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -1,4 +1,4 @@ -# * default.nix +# * Outputs - default.nix { inputs, configRootPath }: let stable = inputs.config-stable; @@ -24,7 +24,7 @@ in ./hosts/materusPC.nix ]; }; - +# * default.nix END }; } diff --git a/nix/hosts/materusPC-private.nix b/nix/hosts/materusPC-private.nix new file mode 100644 index 0000000..d2a8f65 Binary files /dev/null and b/nix/hosts/materusPC-private.nix differ diff --git a/nix/hosts/materusPC.nix b/nix/hosts/materusPC.nix index 2c3437e..c779c24 100644 --- a/nix/hosts/materusPC.nix +++ b/nix/hosts/materusPC.nix @@ -8,6 +8,7 @@ }: { imports = [ + ./materusPC-private.nix # * CONFIG # ** Nix System Settings {