colin
/
nix-files
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

secrets: fix build when host has no secrets

This commit is contained in:
Colin 2023-09-02 01:34:32 +00:00
parent d33b6eec59
commit dcaba0f0ee
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/common/secrets.nix
View File

@ -28,21 +28,26 @@
{ config, lib, sane-lib, ... }:
let
inherit (lib.strings) hasSuffix removeSuffix;
secretsForHost = host: let
extraAttrsForPath = path: lib.optionalAttrs (sane-lib.path.isChild "guest" path && builtins.hasAttr "guest" config.users.users) {
owner = "guest";
};
secretsInSrc = (
if builtins.pathExists ../../secrets/${host} then
sane-lib.enumerateFilePaths ../../secrets/${host}
else
[]
);
in sane-lib.joinAttrsets (
map
(path: lib.optionalAttrs (hasSuffix ".bin" path) (sane-lib.nameValueToAttrs {
name = removeSuffix ".bin" path;
(path: lib.optionalAttrs (lib.hasSuffix ".bin" path) (sane-lib.nameValueToAttrs {
name = lib.removeSuffix ".bin" path;
value = {
sopsFile = ../../secrets/${host}/${path};
format = "binary";
} // (extraAttrsForPath path);
}))
(sane-lib.enumerateFilePaths ../../secrets/${host})
secretsInSrc
);
in
{