about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2024-12-18 09:05:00 -0800
committerFranck Cuny <franck@fcuny.net>2024-12-18 09:05:35 -0800
commit062e241e425f3457019a44e88f7664c10ed50ff4 (patch)
tree5f10e0252eea2c75639b09ca17eb3c0fa42f981d
parentinstall some tools only on work machine (diff)
downloadworld-062e241e425f3457019a44e88f7664c10ed50ff4.tar.gz
add overlay for the hashi tool
-rw-r--r--nix/users/fcuny/work.nix10
-rw-r--r--overlays/default.nix5
-rw-r--r--packages/hashi/default.nix35
3 files changed, 49 insertions, 1 deletions
diff --git a/nix/users/fcuny/work.nix b/nix/users/fcuny/work.nix
index cc80104..20c49c4 100644
--- a/nix/users/fcuny/work.nix
+++ b/nix/users/fcuny/work.nix
@@ -9,5 +9,15 @@
 
     # for ssh
     sapi
+
+    # for tokens
+    hashi
   ];
+
+  programs.fish = {
+    shellAbbrs = {
+      "ssh-sign-chi" =
+        "${pkgs.hashi}/bin/hashi -e chi1 sign --key=/Users/fcuny/.ssh/id_ed25519.pub key";
+    };
+  };
 }
diff --git a/overlays/default.nix b/overlays/default.nix
index 305e8de..45d1d4e 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -1 +1,4 @@
-final: _: { sapi = final.callPackage ../packages/sapi { }; }
+final: _: {
+  sapi = final.callPackage ../packages/sapi { };
+  hashi = final.callPackage ../packages/hashi { };
+}
diff --git a/packages/hashi/default.nix b/packages/hashi/default.nix
new file mode 100644
index 0000000..54f71d1
--- /dev/null
+++ b/packages/hashi/default.nix
@@ -0,0 +1,35 @@
+{ stdenv, fetchurl, lib, ... }:
+let
+  url =
+    "https://artifactory.rbx.com:443/artifactory/generic-rbx-local/hashi/0.1.4/bin/hashi_darwin-amd64";
+in
+stdenv.mkDerivation rec {
+  pname = "hashi";
+  version = "0.1.4";
+  src = builtins.trace "Attempting to fetch: ${url}" fetchurl {
+    inherit url;
+    sha256 = "sha256-uX6AdOUfh6JEwS20kQwjp9Os12lVOGoCajOV9sYWXtA=";
+  };
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp $src $out/bin/hashi
+    chmod +x $out/bin/hashi
+  '';
+
+  dontUnpack = true;
+  dontStrip = true;
+  doInstallCheck = true;
+
+  installCheckPhase = ''
+    $out/bin/hashi -e sitetest3 version
+  '';
+
+  meta = with lib; {
+    description = "hashi command-line tool";
+    homepage = "http://go/hashicli";
+    license = licenses.unfree;
+    platforms = [ "x86_64-darwin" ];
+  };
+}
+