ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

secrets: register agenix secrets automatically

Browse source
This commit is contained in:
Bruno BELANYI 2021-09-24 18:37:36 +02:00
parent 8664781da7
commit 98034a5410
1 changed files with 20 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
secrets/default.nix
View file

@ -1,4 +1,4 @@
{ inputs, lib, ... }: { inputs, lib, options, ... }:
with lib; with lib;
let let
@ -30,6 +30,25 @@ throwOnCanary {
valueType; valueType;
}; };
config.age = {
secrets =
let
toName = removeSuffix ".age";
toSecret = name: _: {
file = ./. + "/${name}";
owner = mkDefault "root";
};
convertSecrets = n: v: nameValuePair (toName n) (toSecret n v);
secrets = import ./secrets.nix;
in
lib.mapAttrs' convertSecrets secrets;
sshKeyPaths = options.age.sshKeyPaths.default ++ [
# FIXME: hard-coded path, could be inexistent
"/home/ambroisie/.ssh/id_ed25519"
];
};
config.my.secrets = { config.my.secrets = {
acme.key = fileContents ./acme/key.env; acme.key = fileContents ./acme/key.env;