outputs: pass secretsData directly
This commit is contained in:
parent
b1a4b4de96
commit
4cfd580447
|
@ -62,19 +62,7 @@
|
||||||
description = ''
|
description = ''
|
||||||
secret data as json for the generator
|
secret data as json for the generator
|
||||||
'';
|
'';
|
||||||
default = pkgs.writers.writeJSON "secrets.json" (lib.mapAttrs
|
default = pkgs.writers.writeJSON "secrets.json" config.clanCore.secrets;
|
||||||
(_name: secret: {
|
|
||||||
secrets = lib.mapAttrsToList
|
|
||||||
(name: secret: {
|
|
||||||
inherit name;
|
|
||||||
} // lib.optionalAttrs (secret ? groups) {
|
|
||||||
inherit (secret) groups;
|
|
||||||
})
|
|
||||||
secret.secrets;
|
|
||||||
facts = lib.mapAttrs (_: secret: secret.path) secret.facts;
|
|
||||||
generator = secret.generator.finalScript;
|
|
||||||
})
|
|
||||||
config.clanCore.secrets);
|
|
||||||
};
|
};
|
||||||
vm.create = lib.mkOption {
|
vm.create = lib.mkOption {
|
||||||
type = lib.types.path;
|
type = lib.types.path;
|
||||||
|
|
|
@ -58,7 +58,7 @@ def generate_service_secrets(
|
||||||
"--unshare-user",
|
"--unshare-user",
|
||||||
"--uid", "1000",
|
"--uid", "1000",
|
||||||
"--",
|
"--",
|
||||||
"bash", "-c", machine.secrets_data[service]["generator"]
|
"bash", "-c", machine.secrets_data[service]["generator"]["finalScript"]
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
# fmt: on
|
# fmt: on
|
||||||
|
|
Loading…
Reference in New Issue
Block a user