vms: use vm fact/secret-store
This commit is contained in:
lassulus
@@ -1,7 +1,7 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
options.clanCore.secretStore = lib.mkOption {
|
||||
type = lib.types.enum [ "sops" "password-store" "custom" ];
|
||||
type = lib.types.enum [ "sops" "password-store" "vm" "custom" ];
|
||||
default = "sops";
|
||||
description = ''
|
||||
method to store secrets
|
||||
@@ -150,5 +150,6 @@
|
||||
imports = [
|
||||
./sops.nix
|
||||
./password-store.nix
|
||||
./vm.nix
|
||||
];
|
||||
}
|
||||
|
||||
10
nixosModules/clanCore/secrets/vm.nix
Normal file
10
nixosModules/clanCore/secrets/vm.nix
Normal file
@@ -0,0 +1,10 @@
|
||||
{ config, lib, ... }:
|
||||
{
|
||||
config = lib.mkIf (config.clanCore.secretStore == "vm") {
|
||||
clanCore.secretsDirectory = "/etc/secrets";
|
||||
clanCore.secretsUploadDirectory = "/etc/secrets";
|
||||
system.clan.secretsModule = "clan_cli.secrets.modules.vm";
|
||||
system.clan.factsModule = "clan_cli.facts.modules.vm";
|
||||
};
|
||||
}
|
||||
|
||||
@@ -190,7 +190,7 @@ in
|
||||
|
||||
environment.systemPackages = [ config.clanCore.clanPkgs.zerotier-members ];
|
||||
})
|
||||
(lib.mkIf (config.clanCore.secretsUploadDirectory != null && !cfg.controller.enable && cfg.networkId != null) {
|
||||
(lib.mkIf (!cfg.controller.enable && cfg.networkId != null) {
|
||||
clanCore.secrets.zerotier = {
|
||||
facts.zerotier-ip = { };
|
||||
facts.zerotier-meshname = { };
|
||||
|
||||
Reference in New Issue
Block a user