clerie/nixfiles
1
0
Fork 0
Code

lib/flake-helper.nix: Automatically load secrets from hosts secrets directory

Browse Source
This commit is contained in:
clerie 2023-05-01 12:09:47 +02:00
parent 09b043c26c
commit d2472c79ee
3 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/clerie-backup/configuration.nix
View File

@ -6,8 +6,6 @@
./hardware-configuration.nix ./hardware-configuration.nix
../../configuration/proxmox-vm ../../configuration/proxmox-vm
./secrets
./restic-server.nix ./restic-server.nix
]; ];

5
hosts/clerie-backup/secrets/default.nix
View File

@ -1,5 +0,0 @@
{ ... }:
{
age.secrets.restic-server-cyan-htpasswd.file = ./restic-server-cyan-htpasswd.age;
}

8
lib/flake-helper.nix
View File

@ -31,6 +31,14 @@ rec {
agenix.nixosModules.default agenix.nixosModules.default
solid-xmpp-alarm.nixosModules.solid-xmpp-alarm solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
(../hosts + "/${name}/configuration.nix") (../hosts + "/${name}/configuration.nix")
# Automatically load secrets from the hosts secrets directory
({ lib, ... }: let
secretsPath = ../hosts + "/${name}/secrets";
in {
age.secrets = lib.mapAttrs' (filename: _: lib.nameValuePair (lib.removeSuffix ".age" filename) {
file = secretsPath + "/${filename}";
}) (lib.filterAttrs (name: type: (type == "regular") && (lib.hasSuffix ".age" name) ) (if builtins.pathExists secretsPath then builtins.readDir secretsPath else {}));
})
]; ];
}; };