clanCore secrets: add secretStore option

2023-09-06 16:08:36 +02:00 · 2023-09-06 16:08:36 +02:00 · 3f6fa0eeca
commit 3f6fa0eeca
parent a043368ed6
2 changed files with 8 additions and 1 deletions
--- a/nixosModules/clanCore/secrets/default.nix
+++ b/nixosModules/clanCore/secrets/default.nix
@ -1,5 +1,12 @@
 { config, lib, ... }:
 {
+  options.clanCore.secretStore = lib.mkOption {
+    type = lib.types.enum [ "sops" "password-store" "custom" ];
+    default = "sops";
+    description = ''
+      method to store secrets
+    '';
+  };
  options.clanCore.secrets = lib.mkOption {
    type = lib.types.attrsOf
      (lib.types.submodule (secret: {
--- a/nixosModules/clanCore/secrets/sops.nix
+++ b/nixosModules/clanCore/secrets/sops.nix
@ -21,7 +21,7 @@ let
  secrets = filterDir containsMachineOrGroups secretsDir;
 in
 {
-  config = {
+  config = lib.mkIf (config.clanCore.secretStore == "sops") {
    system.clan.generateSecrets = pkgs.writeScript "generate-secrets" ''
      #!/bin/sh
      set -efu