vars: move owner/group to a sops namespace

we want to allow users to use this feature but do not want to use this option in our own module because it's not supported by password store.
2024-10-30 12:15:04 +01:00
parent 532a3d1009
commit 0842b05687
3 changed files with 24 additions and 10 deletions
--- a/nixosModules/clanCore/vars/interface.nix
+++ b/nixosModules/clanCore/vars/interface.nix
@@ -67,7 +67,17 @@ in
              '';
              type = attrsOf (
                submodule (file: {
-                  imports = [ config.settings.fileModule ];
+                  imports = [
                    config.settings.fileModule
                    (lib.mkRenamedOptionModule [ "owner" ] [
                      "sops"
                      "owner"
                    ])
                    (lib.mkRenamedOptionModule [ "group" ] [
                      "sops"
                      "group"
                    ])
                  ];
                  options = options {
                    name = {
                      type = lib.types.str;
@@ -119,14 +129,18 @@ in
                      '';
                      type = str;
                    };
-                    owner = {
+
-                      description = "The user name or id that will own the secret file. This option is currently only implemented for sops";
+                    sops = {
-                      default = "root";
+                      owner = {
-                    };
+                        description = "The user name or id that will own the secret file. This option is currently only implemented for sops";
-                    group = {
+                        default = "root";
-                      description = "The group name or id that will own the secret file. This option is currently only implemented for sops";
+                      };
-                      default = "root";
+                      group = {
                        description = "The group name or id that will own the secret file. This option is currently only implemented for sops";
                        default = "root";
                      };
                    };
                    value =
                      {
                        description = ''
--- a/nixosModules/clanCore/vars/secret/sops/default.nix
+++ b/nixosModules/clanCore/vars/secret/sops/default.nix
@@ -40,7 +40,7 @@ in
      flip map vars (secret: {
        name = "vars/${secret.generator}/${secret.name}";
        value = {
-          inherit (secret) owner group;
+          inherit (secret.sops) owner group;
          sopsFile = secretPath secret;
          format = "binary";
        };
--- a/nixosModules/clanCore/vars/secret/sops/funcs.nix
+++ b/nixosModules/clanCore/vars/secret/sops/funcs.nix
@@ -25,7 +25,7 @@ in
              name = fname;
              generator = gen_name;
              inherit (generator) share;
-              inherit (file) owner group;
+              inherit (file) sops;
            }
          )
        )