From d2472c79eeeac5725d4a11dac5705467534781ce Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 1 May 2023 12:09:47 +0200
Subject: [PATCH] lib/flake-helper.nix: Automatically load secrets from hosts
 secrets directory

---
 hosts/clerie-backup/configuration.nix   | 2 --
 hosts/clerie-backup/secrets/default.nix | 5 -----
 lib/flake-helper.nix                    | 8 ++++++++
 3 files changed, 8 insertions(+), 7 deletions(-)
 delete mode 100644 hosts/clerie-backup/secrets/default.nix

diff --git a/hosts/clerie-backup/configuration.nix b/hosts/clerie-backup/configuration.nix
index 7616663..98b767c 100644
--- a/hosts/clerie-backup/configuration.nix
+++ b/hosts/clerie-backup/configuration.nix
@@ -6,8 +6,6 @@
       ./hardware-configuration.nix
       ../../configuration/proxmox-vm
 
-      ./secrets
-
       ./restic-server.nix
     ];
 
diff --git a/hosts/clerie-backup/secrets/default.nix b/hosts/clerie-backup/secrets/default.nix
deleted file mode 100644
index b3f7ab5..0000000
--- a/hosts/clerie-backup/secrets/default.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-{ ... }:
-
-{
-  age.secrets.restic-server-cyan-htpasswd.file = ./restic-server-cyan-htpasswd.age;
-}
diff --git a/lib/flake-helper.nix b/lib/flake-helper.nix
index d96c15d..b47b36a 100644
--- a/lib/flake-helper.nix
+++ b/lib/flake-helper.nix
@@ -31,6 +31,14 @@ rec {
       agenix.nixosModules.default
       solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
       (../hosts + "/${name}/configuration.nix")
+      # Automatically load secrets from the hosts secrets directory
+      ({ lib, ... }: let
+        secretsPath = ../hosts + "/${name}/secrets";
+      in {
+        age.secrets = lib.mapAttrs' (filename: _: lib.nameValuePair (lib.removeSuffix ".age" filename) {
+          file = secretsPath + "/${filename}";
+        }) (lib.filterAttrs (name: type: (type == "regular") && (lib.hasSuffix ".age" name) ) (if builtins.pathExists secretsPath then builtins.readDir secretsPath else {}));
+      })
     ];
   };