From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/lib/sec.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 nix/lib/sec.nix (limited to 'nix/lib/sec.nix') diff --git a/nix/lib/sec.nix b/nix/lib/sec.nix new file mode 100644 index 0000000..5469f3d --- /dev/null +++ b/nix/lib/sec.nix @@ -0,0 +1,25 @@ +{ pkgs ? import {} }: + +let +a = name: + let + secretsPath = ../hosts + "/${name}/secrets"; + in { + age.secrets = pkgs.lib.mapAttrs' + (filename: _: + pkgs.lib.nameValuePair (pkgs.lib.removeSuffix ".age" filename) + { + file = secretsPath + "/${filename}"; + } + ) + (pkgs.lib.filterAttrs + (name: type: + (type == "regular") && + (pkgs.lib.hasSuffix ".age" name) ) + (if builtins.pathExists secretsPath + then builtins.readDir secretsPath + else {} ) + ); + }; +in +{ b = a "corrino"; } -- cgit 1.4.1