Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(secrets): allow disabling automatic secret loading

Browse source
This commit is contained in:
Infinidoge 2022-04-27 21:08:45 -04:00
parent d33e95fb82
commit c22dfbcefd
3 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
secrets/default.nix
View file

@ -1,4 +1,4 @@
{ lib, self, ... }: { lib, self, config, ... }:
let let
folder = ./.; folder = ./.;
toFile = name: "${folder}/${name}"; toFile = name: "${folder}/${name}";
@ -7,5 +7,7 @@ let
secrets = lib.mapAttrs' (n: v: lib.nameValuePair (lib.removeSuffix ".age" n) { file = toFile n; }) filtered; secrets = lib.mapAttrs' (n: v: lib.nameValuePair (lib.removeSuffix ".age" n) { file = toFile n; }) filtered;
in in
{ {
age.secrets = secrets; options.modules.secrets.enable = lib.mkOpt lib.types.bool true;
config.age.secrets = lib.mkIf config.modules.secrets.enable secrets;
} }

2
users/infinidoge/default.nix
View file

@ -92,7 +92,7 @@ in
user = { user = {
name = "infinidoge"; name = "infinidoge";
uid = 1000; uid = 1000;
passwordFile = config.secrets.infinidoge-password; passwordFile = lib.mkIf config.modules.secrets.enable config.secrets.infinidoge-password;
description = "Infinidoge, primary user of the system"; description = "Infinidoge, primary user of the system";
group = "users"; group = "users";
isNormalUser = true; isNormalUser = true;

2
users/root/default.nix
View file

@ -1,5 +1,5 @@
{ lib, config, self, ... }: { { lib, config, self, ... }: {
users.users.root.passwordFile = config.secrets.root-password; users.users.root.passwordFile = lib.mkIf config.modules.secrets.enable config.secrets.root-password;
home-manager.users.root = { suites, profiles, ... }: { home-manager.users.root = { suites, profiles, ... }: {
imports = lib.lists.flatten [ imports = lib.lists.flatten [