colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

secrets: fix build when host has no secrets

Browse Source
This commit is contained in:
Colin
2023-09-02 01:34:32 +00:00
parent d33b6eec59
commit dcaba0f0ee
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/common/secrets.nix
View File

@@ -28,21 +28,26 @@
{ config, lib, sane-lib, ... }: { config, lib, sane-lib, ... }:
let let
inherit (lib.strings) hasSuffix removeSuffix;
secretsForHost = host: let secretsForHost = host: let
extraAttrsForPath = path: lib.optionalAttrs (sane-lib.path.isChild "guest" path && builtins.hasAttr "guest" config.users.users) { extraAttrsForPath = path: lib.optionalAttrs (sane-lib.path.isChild "guest" path && builtins.hasAttr "guest" config.users.users) {
owner = "guest"; owner = "guest";
}; };
secretsInSrc = (
if builtins.pathExists ../../secrets/${host} then
sane-lib.enumerateFilePaths ../../secrets/${host}
else
[]
);
in sane-lib.joinAttrsets ( in sane-lib.joinAttrsets (
map map
(path: lib.optionalAttrs (hasSuffix ".bin" path) (sane-lib.nameValueToAttrs { (path: lib.optionalAttrs (lib.hasSuffix ".bin" path) (sane-lib.nameValueToAttrs {
name = removeSuffix ".bin" path; name = lib.removeSuffix ".bin" path;
value = { value = {
sopsFile = ../../secrets/${host}/${path}; sopsFile = ../../secrets/${host}/${path};
format = "binary"; format = "binary";
} // (extraAttrsForPath path); } // (extraAttrsForPath path);
})) }))
(sane-lib.enumerateFilePaths ../../secrets/${host}) secretsInSrc
); );
in in
{ {