diff options
Diffstat (limited to 'nix/lib/sec.nix')
-rw-r--r-- | nix/lib/sec.nix | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/nix/lib/sec.nix b/nix/lib/sec.nix new file mode 100644 index 0000000..5469f3d --- /dev/null +++ b/nix/lib/sec.nix @@ -0,0 +1,25 @@ +{ pkgs ? import <nixpkgs> {} }: + +let +a = name: + let + secretsPath = ../hosts + "/${name}/secrets"; + in { + age.secrets = pkgs.lib.mapAttrs' + (filename: _: + pkgs.lib.nameValuePair (pkgs.lib.removeSuffix ".age" filename) + { + file = secretsPath + "/${filename}"; + } + ) + (pkgs.lib.filterAttrs + (name: type: + (type == "regular") && + (pkgs.lib.hasSuffix ".age" name) ) + (if builtins.pathExists secretsPath + then builtins.readDir secretsPath + else {} ) + ); + }; +in +{ b = a "corrino"; } |