home: secrets: clean-up 'default.nix'

secrets: clean-up 'default.nix'
flake: filter 'packages' on system
2021-06-12 20:35:28 +02:00 · 2021-06-12 20:35:06 +02:00 · 2021-06-12 19:56:17 +02:00 · 2021-06-12 19:30:25 +02:00
4 changed files with 30 additions and 16 deletions
--- a/flake.nix
+++ b/flake.nix
@ -135,7 +135,13 @@
          inherit (self.checks.${system}.pre-commit) shellHook;
        };
        packages =
          let
            packages = import ./pkgs { inherit pkgs; };
            isSystem = pkg: builtins.elem system pkg.meta.platforms;
            finalPackages = lib.flip lib.filterAttrs packages (_: isSystem);
          in
          finalPackages;
      }) // {
      overlay = self.overlays.pkgs;
--- a/home/secrets/default.nix
+++ b/home/secrets/default.nix
@ -2,13 +2,17 @@
 with lib;
 let
  throwOnCanary =
    let
      canaryHash = builtins.hashFile "sha256" ./canary;
      expectedHash =
        "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
    in
    if canaryHash != expectedHash
    then throw "Secrets are not readable. Have you run `git-crypt unlock`?"
    else id;
 in
-if canaryHash != expectedHash then
+throwOnCanary {
  abort "Secrets are not readable. Have you run `git-crypt unlock`?"
 else {
  options.my.secrets = mkOption {
    type = types.attrs;
  };
--- a/pkgs/bw-pass/default.nix
+++ b/pkgs/bw-pass/default.nix
@ -39,7 +39,7 @@ stdenvNoCC.mkDerivation rec {
    description = "A simple script to query a password from bitwarden";
    homepage = "https://gitea.belanyi.fr/ambroisie/nix-config";
    license = with licenses; [ mit ];
-    platforms = platforms.unix;
+    platforms = platforms.linux;
    maintainers = with maintainers; [ ambroisie ];
  };
 }
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -1,14 +1,18 @@
-{ lib, pkgs, ... }:
+{ lib, ... }:
 with lib;
 let
  throwOnCanary =
    let
      canaryHash = builtins.hashFile "sha256" ./canary;
      expectedHash =
        "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
    in
    if canaryHash != expectedHash
    then throw "Secrets are not readable. Have you run `git-crypt unlock`?"
    else id;
 in
-if canaryHash != expectedHash then
+throwOnCanary {
  abort "Secrets are not readable. Have you run `git-crypt unlock`?"
 else {
  options.my.secrets = mkOption {
    type = types.attrs;
  };
@ -50,6 +54,6 @@ else {
      root.hashedPassword = fileContents ./users/root/password.txt;
    };
-    wireguard = pkgs.callPackage ./wireguard { };
+    wireguard = import ./wireguard { inherit lib; };
  };
 }
Author	SHA1	Message	Date
Bruno BELANYI	3a471433ed	home: secrets: clean-up 'default.nix' All checks were successful continuous-integration/drone/push Build is passing Details	2021-06-12 20:35:28 +02:00
Bruno BELANYI	f8325cc9c7	secrets: clean-up 'default.nix'	2021-06-12 20:35:06 +02:00
Bruno BELANYI	cd1173d2f6	flake: filter 'packages' on system	2021-06-12 19:56:17 +02:00
Bruno BELANYI	e319eaf09f	pkgs: bw-pass: fix 'meta.platforms' This makes use of 'keyutils' which only works on Linux.	2021-06-12 19:30:25 +02:00