about summary refs log tree commit diff
path: root/nix/lib/sec.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nix/lib/sec.nix')
-rw-r--r--nix/lib/sec.nix25
1 files changed, 25 insertions, 0 deletions
diff --git a/nix/lib/sec.nix b/nix/lib/sec.nix
new file mode 100644
index 0000000..5469f3d
--- /dev/null
+++ b/nix/lib/sec.nix
@@ -0,0 +1,25 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+let
+a = name:
+	let
+		secretsPath = ../hosts + "/${name}/secrets";
+	in {
+		age.secrets = pkgs.lib.mapAttrs'
+			(filename: _:
+				pkgs.lib.nameValuePair (pkgs.lib.removeSuffix ".age" filename)
+				{
+					file = secretsPath + "/${filename}";
+				}
+			)
+			(pkgs.lib.filterAttrs
+				(name: type:
+					(type == "regular") &&
+					(pkgs.lib.hasSuffix ".age" name) )
+				(if builtins.pathExists secretsPath
+				 then builtins.readDir secretsPath
+				 else {} )
+			);
+	};
+in
+{ b = a "corrino"; }