| 2 Jan 2025 |
 countoren | * you mean nix shell --impure ? as well? | 15:15:56 |
 atemu12 | However you prefer to eval Nix code | 15:17:57 |
| atemu12 | I'd use a repl or --expr but whatever you like | 15:18:15 |
| countoren | where should I see KEYSDIR? | 15:21:08 |
| atemu12 | You should check whether the path you've passed through to the sandbox actually exists and the contents are readable | 15:21:34 |
| atemu12 | (From within the sandbox of course.) | 15:25:01 |
| countoren | I guess I never had to use extra-sendbox-paths for everything I did until now(like 10 years of nix) I always resulted with a wrapper if "secrets" are involved. I did add it to my nixos configuration getting permission issues now, I will look into it.
but I wonder how hard it will be (or make sense) to "wrap" the builder in writeShellApplication/Script to execute not from a nix sendbox. | 16:17:37 |
| atemu12 | That's precisely what the release script does AFAIK | 16:18:11 |
| countoren | o really | 16:18:27 |
| countoren | so I can build release and run it? | 16:18:37 |
| atemu12 | Again, never used it | 16:19:25 |
| atemu12 | oak did though I think | 16:19:32 |
| atemu12 | Just try it | 16:19:36 |
