git-crypt-hook
Decrypts git-crypt-encrypted sources as part of postUnpack.
userSetupScript runs after unpacking, so you have to use preUnpack
to write the private key.
|
Example:
effects.mkEffect {
src = lib.cleanSource ./.;
inputs = [ effects.git-crypt-hook ];
preUnpack = ''
writeGPGKey git-crypt
'';
secretsMap.git-crypt = "default-gpg";nix
The src attribute must include:
-
the
.git-cryptat the root -
the
.gitattributesfiles