From f845b093f157076d9a3e6a8237dfa7bc42879e11 Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Wed, 24 Dec 2025 01:03:15 +0100 Subject: [PATCH] sops: Streamline bitwarden integration --- flake-parts/install-anywhere.nix | 6 ++---- flake-parts/sops.nix | 9 +++------ 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/flake-parts/install-anywhere.nix b/flake-parts/install-anywhere.nix index 8030b1e..aee7ef8 100644 --- a/flake-parts/install-anywhere.nix +++ b/flake-parts/install-anywhere.nix @@ -8,9 +8,7 @@ _: { runtimeInputs = [ pkgs.sops pkgs.ssh-to-age - pkgs.bitwarden-cli - pkgs.jq ]; text = '' @@ -40,10 +38,10 @@ _: { sed -i -E "s|(agePublicKey\s*=\s*\")[^\"]*(\";)|\1$new_age_key\2|" "hosts/$host/default.nix" echo "==> Updating SOPS secrets..." - if BW_SESSION="$(bw login --raw)"; then + if BW_SESSION="$(bw unlock --raw || bw login --raw)"; then export BW_SESSION fi - SOPS_AGE_KEY="$(bw get item 'admin age-key' | jq -r '.notes')" + SOPS_AGE_KEY="$(bw get notes 'admin age-key')" export SOPS_AGE_KEY SOPS_CONFIG="$(nix build .#sops-config --print-out-paths)" export SOPS_CONFIG diff --git a/flake-parts/sops.nix b/flake-parts/sops.nix index 015cd23..19772de 100644 --- a/flake-parts/sops.nix +++ b/flake-parts/sops.nix @@ -47,15 +47,12 @@ pkgs.ssh-to-age ]; - nativeBuildInputs = [ - pkgs.bitwarden-cli - pkgs.jq - ]; + nativeBuildInputs = [ pkgs.bitwarden-cli ]; shellHook = '' - if BW_SESSION="$(bw login --raw)"; then + if BW_SESSION="$(bw unlock --raw || bw login --raw)"; then export BW_SESSION fi - SOPS_AGE_KEY="$(bw get item 'admin age-key' | jq -r '.notes')" + SOPS_AGE_KEY="$(bw get notes 'admin age-key')" export SOPS_AGE_KEY SOPS_CONFIG="${self'.packages.sops-config}" export SOPS_CONFIG