Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

secrets: refactor to get files from secrets.nix

Browse source
This commit is contained in:
Infinidoge 2024-02-07 11:21:47 -05:00
parent f7f9b65d1e
commit 9cadcc1326
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 3 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

9
secrets/default.nix
View file

@ -1,14 +1,11 @@
{ lib, self, config, ... }:
with lib;
let
inherit (lib) filterAttrs nameValuePair hasSuffix removeSuffix mapAttrs mapAttrs' hasAttr mkIf mkMerge optionalAttrs;
inherit (lib.our) mkOpt;
inherit (lib.types) bool attrsOf path;
folder = ./.;
toFile = name: "${folder}/${name}";
filterSecrets = key: value: value == "regular" && hasSuffix ".age" key;
filtered = (filterAttrs filterSecrets (builtins.readDir folder));
secrets = mapAttrs' (n: v: nameValuePair (removeSuffix ".age" n) { file = toFile n; }) filtered;
mkSecret = name: nameValuePair (removeSuffix ".age" name) { file = "${./.}/${name}"; };
secrets = listToAttrs (map mkSecret (attrNames (import ./secrets.nix)));
withOwner = name: secret: secret // { owner = name; group = name; };
in