vars: allow setting files as needed for activation

2024-12-18 15:09:20 +01:00
parent 695ec0b71c
commit 70ff7fcc2f
9 changed files with 50 additions and 16 deletions
--- a/pkgs/clan-cli/clan_cli/vars/secret_modules/password_store.py
+++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/password_store.py
@@ -160,11 +160,20 @@ class SecretStore(StoreBase):
            for generator in self.machine.vars_generators:
                dir_exists = False
                for file in generator.files:
+                    if file.needed_for == "activation":
+                        (output_dir / generator.name / file.name).parent.mkdir(
+                            parents=True,
+                            exist_ok=True,
+                        )
+                        (output_dir / generator.name / file.name).write_bytes(
+                            self.get(generator, file.name)
+                        )
+                        continue
                    if not file.deploy:
                        continue
                    if not file.secret:
                        continue
-                    if not dir_exists and not file.needed_for_users:
+                    if not dir_exists and file.needed_for == "services":
                        tar_dir = tarfile.TarInfo(name=generator.name)
                        tar_dir.type = tarfile.DIRTYPE
                        tar_dir.mode = 0o511
@@ -176,7 +185,7 @@ class SecretStore(StoreBase):
                    tar_file.mode = file.mode
                    tar_file.uname = file.owner
                    tar_file.gname = file.group
-                    if file.needed_for_users:
+                    if file.needed_for == "users":
                        user_tar.addfile(tarinfo=tar_file, fileobj=io.BytesIO(content))
                    else:
                        tar.addfile(tarinfo=tar_file, fileobj=io.BytesIO(content))
--- a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
+++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
@@ -173,6 +173,16 @@ class SecretStore(StoreBase):
            sops_secrets_folder(self.machine.flake_dir) / key_name,
        )
        (output_dir / "key.txt").write_text(key)
+        for generator in self.machine.vars_generators:
+            for file in generator.files:
+                if file.needed_for == "activation":
+                    (output_dir / generator.name / file.name).parent.mkdir(
+                        parents=True,
+                        exist_ok=True,
+                    )
+                    (output_dir / generator.name / file.name).write_bytes(
+                        self.get(generator, file.name)
+                    )

    def upload(self) -> None:
        with TemporaryDirectory(prefix="sops-upload-") as tempdir:
--- a/pkgs/clan-cli/clan_cli/vars/var.py
+++ b/pkgs/clan-cli/clan_cli/vars/var.py
@@ -17,7 +17,7 @@ class Var:
    owner: str = "root"
    group: str = "root"
    mode: int = 0o400
-    needed_for_users: bool = False
+    needed_for: str = "services"

    # TODO: those shouldn't be set here
    _store: "StoreBase | None" = None
@@ -78,5 +78,5 @@ class Var:
            owner=data.get("owner", "root"),
            group=data.get("group", "root"),
            mode=int(data.get("mode", "400"), 8),
-            needed_for_users=data.get("neededForUsers", False),
+            needed_for=data.get("neededFor", "services"),
        )