panoptes-nix/scripts/default.nix

{ pkgs, systemSettings, ... }:
{
  environment.systemPackages = with pkgs; [
    (pkgs.writeShellScriptBin "nfs" ''
      sudo nixos-rebuild switch --flake $(readlink -f /etc/nixos)#${systemSettings.hostName} --impure
    '')
    (pkgs.writeShellScriptBin "nfsu" ''
      FLAKE=$(readlink -f /etc/nixos)
      nix flake update --flake $FLAKE --impure
      git -C $FLAKE add "$FLAKE/flake.lock" > /dev/null 2>&1
      sudo nixos-rebuild switch --flake $FLAKE#${systemSettings.hostName} --impure
    '')
    (pkgs.writeShellScriptBin "edit-secrets" "sudo sops $(readlink -f /etc/nixos)/secrets/encrypted_secrets.yaml")
    (pkgs.writeShellScriptBin "public-age-key" ''
      nix run nixpkgs#ssh-to-age -- -i /etc/ssh/ssh_host_ed25519_key.pub
    '')
    (pkgs.writeShellScriptBin "private-age-key" ''
      sudo mkdir -p ~/.config/sops/age
      sudo nix run nixpkgs#ssh-to-age -- -private-key -i /etc/ssh/ssh_host_ed25519_key > ~/.config/sops/age/keys.txt
      sudo chown -R 0:0 ~/.config
      sudo chmod -R 600 ~/.config/sops
    '')
  ];
}