interactive_secrets #885
@ -62,19 +62,7 @@
|
|||||||
description = ''
|
description = ''
|
||||||
secret data as json for the generator
|
secret data as json for the generator
|
||||||
'';
|
'';
|
||||||
default = pkgs.writers.writeJSON "secrets.json" (lib.mapAttrs
|
default = pkgs.writers.writeJSON "secrets.json" config.clanCore.secrets;
|
||||||
(_name: secret: {
|
|
||||||
secrets = lib.mapAttrsToList
|
|
||||||
(name: secret: {
|
|
||||||
inherit name;
|
|
||||||
} // lib.optionalAttrs (secret ? groups) {
|
|
||||||
inherit (secret) groups;
|
|
||||||
})
|
|
||||||
secret.secrets;
|
|
||||||
facts = lib.mapAttrs (_: secret: secret.path) secret.facts;
|
|
||||||
generator = secret.generator.finalScript;
|
|
||||||
})
|
|
||||||
config.clanCore.secrets);
|
|
||||||
};
|
};
|
||||||
vm.create = lib.mkOption {
|
vm.create = lib.mkOption {
|
||||||
type = lib.types.path;
|
type = lib.types.path;
|
||||||
|
@ -58,7 +58,7 @@ def generate_service_secrets(
|
|||||||
"--unshare-user",
|
"--unshare-user",
|
||||||
"--uid", "1000",
|
"--uid", "1000",
|
||||||
"--",
|
"--",
|
||||||
"bash", "-c", machine.secrets_data[service]["generator"]
|
"bash", "-c", machine.secrets_data[service]["generator"]["finalScript"]
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
# fmt: on
|
# fmt: on
|
||||||
|
Loading…
Reference in New Issue
Block a user