DavHau/clan-core
1
0
Fork 0
forked from clan/clan-core
Code Pull Requests Activity

Merge pull request 'sops: fix secret path generation' (#1168) from docs into main

Browse Source
This commit is contained in:
clan-bot 2024-04-12 11:19:56 +00:00
commit 2e6e9b175e
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nixosModules/clanCore/facts/secret/sops.nix
View File

@ -45,7 +45,9 @@ in
config = lib.mkIf (config.clanCore.facts.secretStore == "sops") {
# Before we generate a secret we cannot know the path yet, so we need to set it to an empty string
clanCore.facts.secretPathFunction =
secret: config.sops.secrets.${secret.config.name}.path or "/no-such-path";
secret:
config.sops.secrets.${"${config.clanCore.machineName}-${secret.config.name}"}.path
or "/no-such-path";
clanCore.facts.secretModule = "clan_cli.facts.secret_modules.sops";
clanCore.facts.secretUploadDirectory = lib.mkDefault "/var/lib/sops-nix";
sops.secrets = builtins.mapAttrs (name: _: {

1
nixosModules/clanCore/metadata.nix
View File

@ -36,6 +36,7 @@
};
machineName = lib.mkOption {
type = lib.types.str;
default = "nixos";
description = ''
the name of the machine
'';