dln/dotfiles
0
0
Code Issues Pull requests2 Activity

nvim: use symlinkJoin to wrap nvim with agenix secret(s)

Browse source
This commit is contained in:
Daniel Lundin 2025-07-15 16:38:53 +02:00
commit 2600c114f4
Signed by: dln
SSH key fingerprint: SHA256:dQy1Xj3UiqJYpKR5ggQ2bxgz4jCH8IF+k3AB8o0kmdI
2 changed files with 55 additions and 35 deletions
flake.lock
home/common/nvim
default.nix

60
flake.lock generated
View file

@ -124,11 +124,11 @@
]
},
"locked": {
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"lastModified": 1751413152,
"narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
"type": "github"
},
"original": {
@ -208,11 +208,11 @@
]
},
"locked": {
"lastModified": 1748000383,
"narHash": "sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk=",
"lastModified": 1752595130,
"narHash": "sha256-CNBgr4OZSuklGtNOa9CnTNo9+Xceqn/EDAC1Tc43fH8=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "231726642197817d20310b9d39dd4afb9e899489",
"rev": "5f2e09654b2e70ba643e41609d9f9b6640f22113",
"type": "github"
},
"original": {
@ -228,11 +228,11 @@
]
},
"locked": {
"lastModified": 1752286566,
"narHash": "sha256-A4nftqiNz2bNihz0bKY94Hq/6ydR6UQOcGioeL7iymY=",
"lastModified": 1752780113,
"narHash": "sha256-w312x4qtwWzJZSLG8c9srlr/hQTh1IfyOaV40xmg4Fg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "392ddb642abec771d63688c49fa7bcbb9d2a5717",
"rev": "e595fe1df49d75e971b33f311e365f032089f450",
"type": "github"
},
"original": {
@ -274,11 +274,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1752297151,
"narHash": "sha256-VXKnhiTTxswVp0WcEch9g2o7xbimrG48WPJpu90mv1s=",
"lastModified": 1752753780,
"narHash": "sha256-EiCUyqaoTdXDMBFb30hBKB9Sx3eY9mrqhgGriIsKuIU=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "65153b41eab701d138176482756f1e50fe2ae9e1",
"rev": "053ea16d7d94f21ee6ed0b70007cd4378c8e4825",
"type": "github"
},
"original": {
@ -290,11 +290,11 @@
"neovim-src": {
"flake": false,
"locked": {
"lastModified": 1752275731,
"narHash": "sha256-Q+dexX/9mDo4M/rJu2AqlTKzZYJovAKxoa49JIb956M=",
"lastModified": 1752707870,
"narHash": "sha256-h/td8ApD44htLyMnue39Y882fs1VpV/oy21WiySmXDE=",
"owner": "neovim",
"repo": "neovim",
"rev": "8c6ea76ebcdf59ee9894412c838ecedde15c1f07",
"rev": "fcec1610e7ba501be812f636dabc7d9f4c8f436f",
"type": "github"
},
"original": {
@ -310,11 +310,11 @@
]
},
"locked": {
"lastModified": 1752305182,
"narHash": "sha256-6i4Q68G7wzNq1m2+l3lJUYgGZ9PwULvSVJpRSTTC46o=",
"lastModified": 1752441837,
"narHash": "sha256-FMH1OSSJp8Cx8MZHXz6KckxJGbCnVMotZNAH3v2WneU=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "ad29e2961dd0d58372384563bf00d510fc9f2e15",
"rev": "839e02dece5845be3a322e507a79712b73a96ba2",
"type": "github"
},
"original": {
@ -325,11 +325,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1751949589,
"narHash": "sha256-mgFxAPLWw0Kq+C8P3dRrZrOYEQXOtKuYVlo9xvPntt8=",
"lastModified": 1752596105,
"narHash": "sha256-lFNVsu/mHLq3q11MuGkMhUUoSXEdQjCHvpReaGP1S2k=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9b008d60392981ad674e04016d25619281550a9d",
"rev": "dab3a6e781554f965bde3def0aa2fda4eb8f1708",
"type": "github"
},
"original": {
@ -341,11 +341,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1752162966,
"narHash": "sha256-3MxxkU8ZXMHXcbFz7UE4M6qnIPTYGcE/7EMqlZNnVDE=",
"lastModified": 1752620740,
"narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "10e687235226880ed5e9f33f1ffa71fe60f2638a",
"rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e",
"type": "github"
},
"original": {
@ -357,11 +357,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1751949589,
"narHash": "sha256-mgFxAPLWw0Kq+C8P3dRrZrOYEQXOtKuYVlo9xvPntt8=",
"lastModified": 1752747119,
"narHash": "sha256-2Kp9St3Pbsmu+xMsobLcgzzUxPvZR7alVJWyuk2BAPc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9b008d60392981ad674e04016d25619281550a9d",
"rev": "fa0ef8a6bb1651aa26c939aeb51b5f499e86b0ec",
"type": "github"
},
"original": {
@ -373,11 +373,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1751984180,
"narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=",
"lastModified": 1752480373,
"narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0",
"rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
"type": "github"
},
"original": {

30
home/common/nvim/default.nix
View file

@ -6,23 +6,43 @@
...
}:
let
nvimWrapper =
let
nvimPackage = inputs.neovim-nightly-overlay.packages.${pkgs.system}.default;
in
pkgs.symlinkJoin {
name = "nvim-wrapper";
meta = nvimPackage.meta // {
description = "Neovim with environment variables";
};
lua = nvimPackage.lua;
paths = [ nvimPackage ];
buildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/nvim \
--run 'export CODESTRAL_API_KEY="$(cat ${config.age.secrets.codestral_api_key.path})"'
'';
};
nvim-remote = pkgs.writeShellApplication {
name = "nvim-remote";
text = ''
_sess=$(echo -n "$USER@''${SSH_CONNECTION:-$HOSTNAME}" | tr -c '[:alnum:]@.' '_')
_nvim_sock="''${XDG_RUNTIME_DIR:-/tmp}/nvim.$_sess.sock"
CODESTRAL_API_KEY="$(cat "${config.age.secrets.codestral_api_key.path}")"
export CODESTRAL_API_KEY
exec nvim --listen "$_nvim_sock" --server "$_nvim_sock" "$@"
exec ${config.programs.neovim.finalPackage}/bin/nvim --listen "$_nvim_sock" --server "$_nvim_sock" "$@"
'';
};
in
{
imports = [
./treesitter.nix
];
home.packages = [ nvim-remote ];
home.packages = [
nvim-remote
];
programs.man.generateCaches = false;
@ -32,7 +52,7 @@ in
programs.neovim = {
enable = true;
package = inputs.neovim-nightly-overlay.packages.${pkgs.system}.default;
package = nvimWrapper;
defaultEditor = true;
viAlias = true;