nix/lib/sec.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

{ pkgs ? import <nixpkgs> {} }:

let
a = name:
	let
		secretsPath = ../hosts + "/${name}/secrets";
	in {
		age.secrets = pkgs.lib.mapAttrs'
			(filename: _:
				pkgs.lib.nameValuePair (pkgs.lib.removeSuffix ".age" filename)
				{
					file = secretsPath + "/${filename}";
				}
			)
			(pkgs.lib.filterAttrs
				(name: type:
					(type == "regular") &&
					(pkgs.lib.hasSuffix ".age" name) )
				(if builtins.pathExists secretsPath
				 then builtins.readDir secretsPath
				 else {} )
			);
	};
in
{ b = a "corrino"; }