yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add option to set defaultGroups for secrets

Browse Source
This commit is contained in:
Jörg Thalheim
2024-02-16 17:03:14 +01:00
parent 052f040017
commit 023b9f4257
13 changed files with 84 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nixosModules/clanCore/secrets/default.nix
View File

@@ -108,6 +108,14 @@
'';
default = "${config'.clanCore.secretsDirectory}/${config'.clanCore.secretsPrefix}${config.name}";
};
} // lib.optionalAttrs (config'.clanCore.secretStore == "sops") {
groups = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = config'.clanCore.sops.defaultGroups;
description = ''
Groups to decrypt the secret for. By default we always use the user's key.
'';
};
};
}));
description = ''