about summary refs log tree commit diff
path: root/nix/lib/sec.nix
diff options
context:
space:
mode:
authorEmile <git@emile.space>2024-03-09 22:56:01 +0100
committerEmile <git@emile.space>2024-03-09 22:56:01 +0100
commit55ee036fd7ebed24097c8da1ca8a0b0829264670 (patch)
tree9c600d75a4f59f8ec253c5caadc1f77b2cecb0da /nix/lib/sec.nix
big bang
Diffstat (limited to 'nix/lib/sec.nix')
-rw-r--r--nix/lib/sec.nix25
1 files changed, 25 insertions, 0 deletions
diff --git a/nix/lib/sec.nix b/nix/lib/sec.nix
new file mode 100644
index 0000000..5469f3d
--- /dev/null
+++ b/nix/lib/sec.nix
@@ -0,0 +1,25 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+let
+a = name:
+	let
+		secretsPath = ../hosts + "/${name}/secrets";
+	in {
+		age.secrets = pkgs.lib.mapAttrs'
+			(filename: _:
+				pkgs.lib.nameValuePair (pkgs.lib.removeSuffix ".age" filename)
+				{
+					file = secretsPath + "/${filename}";
+				}
+			)
+			(pkgs.lib.filterAttrs
+				(name: type:
+					(type == "regular") &&
+					(pkgs.lib.hasSuffix ".age" name) )
+				(if builtins.pathExists secretsPath
+				 then builtins.readDir secretsPath
+				 else {} )
+			);
+	};
+in
+{ b = a "corrino"; }