diff --git a/modules/scripts/download.nix b/modules/scripts/download.nix index 4c4b7b4..33ad048 100644 --- a/modules/scripts/download.nix +++ b/modules/scripts/download.nix @@ -13,11 +13,24 @@ config = let inherit (inputs.jawz-scripts.packages.x86_64-linux) download; + gallerySecretsPath = lib.attrByPath [ "sops" "secrets" "gallery-dl/secrets" "path" ] null config; + wrappedDownload = + if gallerySecretsPath != null then + pkgs.symlinkJoin { + name = "download-with-secrets"; + paths = [ download ]; + buildInputs = [ pkgs.makeWrapper ]; + postBuild = '' + wrapProgram $out/bin/download --run 'if [ -r "${gallerySecretsPath}" ]; then set -a; source "${gallerySecretsPath}"; set +a; fi' + ''; + } + else + download; in { home-manager.users.jawz.programs.${config.my.shell.type} = { shellAliases = inputs.self.lib.mergeAliases inputs.self.lib.commonAliases { - dl = "${download}/bin/download -u jawz -i"; + dl = "${wrappedDownload}/bin/download -u jawz -i"; comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"''; gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"''; }; @@ -43,15 +56,16 @@ restartIfChanged = true; description = "Downloads ${desc}"; wantedBy = [ "default.target" ]; - path = [ - pkgs.bash - ]; + path = [ pkgs.bash ]; serviceConfig = { TimeoutStartSec = 2000; TimeoutStopSec = 2000; Restart = "on-failure"; RestartSec = 30; - ExecStart = "${download}/bin/download ${execStartCmd}"; + ExecStart = "${wrappedDownload}/bin/download ${execStartCmd}"; + } + // lib.optionalAttrs (gallerySecretsPath != null) { + EnvironmentFile = gallerySecretsPath; }; }; in @@ -108,7 +122,7 @@ install = true; service = false; name = "download"; - package = download; + package = wrappedDownload; }; }; }