home: secrets: clean-up 'default.nix'

This commit is contained in:
Bruno BELANYI 2021-06-12 20:35:28 +02:00
parent a4cce8a561
commit ecae28a72f

View file

@ -2,13 +2,17 @@
with lib;
let
canaryHash = builtins.hashFile "sha256" ./canary;
expectedHash =
"9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
throwOnCanary =
let
canaryHash = builtins.hashFile "sha256" ./canary;
expectedHash =
"9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
in
if canaryHash != expectedHash
then throw "Secrets are not readable. Have you run `git-crypt unlock`?"
else id;
in
if canaryHash != expectedHash then
abort "Secrets are not readable. Have you run `git-crypt unlock`?"
else {
throwOnCanary {
options.my.secrets = mkOption {
type = types.attrs;
};