From e2752d192629cbfe27fd31dbe23d2dafe4ace1a1 Mon Sep 17 00:00:00 2001
From: kat witch <kat@kittywit.ch>
Date: Mon, 15 Mar 2021 17:04:17 +0000
Subject: [PATCH] nix-eval move to lessen secrets in store

---
 lib/deploy.nix                   | 2 +-
 modules/nixos/deploy/default.nix | 3 +--
 nyx                              | 4 ++--
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/lib/deploy.nix b/lib/deploy.nix
index fd3a0312..b94db016 100644
--- a/lib/deploy.nix
+++ b/lib/deploy.nix
@@ -3,7 +3,7 @@
 with pkgs.lib;
 
 (mapAttrs (name: hosts:
-  pkgs.writeScript "deploy-group-${name}" ''
+  ''
     #!${pkgs.runtimeShell}
     export PATH=
     ${concatMapStrings (host: ''
diff --git a/modules/nixos/deploy/default.nix b/modules/nixos/deploy/default.nix
index 816409b1..38ca2b9f 100644
--- a/modules/nixos/deploy/default.nix
+++ b/modules/nixos/deploy/default.nix
@@ -53,8 +53,7 @@ in {
     }) config.deploy.profiles);
     deploy.groups = [ "all" ];
 
-    system.build.deployScript =
-      pkgs.writeScript "deploy-${config.networking.hostName}" ''
+    system.build.deployScript = ''
         #!${pkgs.runtimeShell}
         set -xeo pipefail
         export PATH=${with pkgs; lib.makeBinPath [ coreutils openssh nix ]}
diff --git a/nyx b/nyx
index b07e30db..f41113ab 100755
--- a/nyx
+++ b/nyx
@@ -5,7 +5,7 @@ usage() {
     echo example: $0 build samhain boot
 }
 
-build() {
+deploy() {
     HOST=$1
     if [ $# -gt 2 ]; then
         METHOD=$2
@@ -13,7 +13,7 @@ build() {
         METHOD="switch"
     fi
 
-    nix build -f . deploy.$HOST && ./result $METHOD
+    nix eval --raw deploy.${HOST} -f . | bash -s -- ${METHOD}
 }
 
 install() {