clan-core/nixosModules/core/secrets/default.nix

{ config, lib, ... }:
{
  options.clan.core.secrets = lib.mkOption {
    type = lib.types.attrsOf
      (lib.types.submodule (secret: {
        options = {
          name = lib.mkOption {
            type = lib.types.str;
            default = secret.config._module.args.name;
            description = ''
              namespace of the secret
            '';
          };
          generator = lib.mkOption {
            type = lib.types.nullOr lib.types.str;
            description = ''
              script to generate the secret.
              can be set to null. then the user has to provide the secret via the clan cli
            '';
          };
          secrets = lib.mkOption {
            type = lib.types.attrsOf (lib.types.submodule (secret: {
              options = {
                name = lib.mkOption {
                  type = lib.types.str;
                  description = ''
                    name of the secret
                  '';
                  default = secret.config._module.args.name;
                };
              };
            }));
            description = ''
              path where the secret is located in the filesystem
            '';
          };
          facts = lib.mkOption {
            type = lib.types.attrsOf (lib.types.submodule (fact: {
              options = {
                name = lib.mkOption {
                  type = lib.types.str;
                  description = ''
                    name of the fact
                  '';
                  default = fact.config._module.args.name;
                };
                path = lib.mkOption {
                  type = lib.types.str;
                  description = ''
                    path to a fact which is generated by the generator
                  '';
                  default = "${config.clan.core.clanDir}/facts/${config.clan.core.machineName}/${fact.config._module.args.name}";
                };
                value = lib.mkOption {
                  default = builtins.readFile fact.config.path;
                };
              };
            }));
          };
        };
      }));
  };
  imports = [
    ./sops.nix # for now we have only one implementation, thats why we import it here and not in clanModules
  ];
}
move clanCore into nixosModules, add secrets generate command 2023-08-28 09:09:05 +00:00			`{ config, lib, ... }:`
			`{`
rename clanCore to clan.core 2023-08-30 12:46:01 +00:00			`options.clan.core.secrets = lib.mkOption {`
move clanCore into nixosModules, add secrets generate command 2023-08-28 09:09:05 +00:00			`type = lib.types.attrsOf`
			`(lib.types.submodule (secret: {`
			`options = {`
			`name = lib.mkOption {`
			`type = lib.types.str;`
			`default = secret.config._module.args.name;`
			`description = ''`
			`namespace of the secret`
			`'';`
			`};`
			`generator = lib.mkOption {`
			`type = lib.types.nullOr lib.types.str;`
			`description = ''`
			`script to generate the secret.`
			`can be set to null. then the user has to provide the secret via the clan cli`
			`'';`
			`};`
			`secrets = lib.mkOption {`
			`type = lib.types.attrsOf (lib.types.submodule (secret: {`
			`options = {`
			`name = lib.mkOption {`
			`type = lib.types.str;`
			`description = ''`
			`name of the secret`
			`'';`
			`default = secret.config._module.args.name;`
			`};`
			`};`
			`}));`
			`description = ''`
			`path where the secret is located in the filesystem`
			`'';`
			`};`
			`facts = lib.mkOption {`
			`type = lib.types.attrsOf (lib.types.submodule (fact: {`
			`options = {`
			`name = lib.mkOption {`
			`type = lib.types.str;`
			`description = ''`
			`name of the fact`
			`'';`
			`default = fact.config._module.args.name;`
			`};`
			`path = lib.mkOption {`
			`type = lib.types.str;`
			`description = ''`
			`path to a fact which is generated by the generator`
			`'';`
rename clanCore to clan.core 2023-08-30 12:46:01 +00:00			`default = "${config.clan.core.clanDir}/facts/${config.clan.core.machineName}/${fact.config._module.args.name}";`
move clanCore into nixosModules, add secrets generate command 2023-08-28 09:09:05 +00:00			`};`
			`value = lib.mkOption {`
			`default = builtins.readFile fact.config.path;`
			`};`
			`};`
			`}));`
			`};`
			`};`
			`}));`
			`};`
			`imports = [`
			`./sops.nix # for now we have only one implementation, thats why we import it here and not in clanModules`
			`];`
			`}`