refactor secrets & facts -> secret_facts & public_facts

2024-03-23 05:05:31 +01:00
parent 6638d7a5cf
commit 8d34c51df2
26 changed files with 116 additions and 154 deletions
--- a/nixosModules/clanCore/outputs.nix
+++ b/nixosModules/clanCore/outputs.nix
@@ -50,18 +50,19 @@
            the directory on the deployment server where secrets are uploaded
          '';
        };
-        factsModule = lib.mkOption {
+        publicFactsModule = lib.mkOption {
          type = lib.types.str;
          description = ''
            the python import path to the facts module
          '';
-          default = "clan_cli.facts.modules.in_repo";
+          default = "clan_cli.facts.public_modules.in_repo";
        };
-        secretsModule = lib.mkOption {
+        secretFactsModule = lib.mkOption {
          type = lib.types.str;
          description = ''
            the python import path to the secrets module
          '';
+          default = "clan_cli.facts.secret_modules.sops";
        };
        secretsData = lib.mkOption {
          type = lib.types.path;
@@ -91,7 +92,7 @@
  # optimization for faster secret generate/upload and machines update
  config = {
    system.clan.deployment.data = {
-      inherit (config.system.clan) factsModule secretsModule secretsData;
+      inherit (config.system.clan) publicFactsModule secretFactsModule secretsData;
      inherit (config.clan.networking) targetHost buildHost;
      inherit (config.clan.deployment) requireExplicitUpdate;
      inherit (config.clanCore) secretsUploadDirectory;
--- a/nixosModules/clanCore/secrets/password-store.nix
+++ b/nixosModules/clanCore/secrets/password-store.nix
@@ -10,6 +10,6 @@
  config = lib.mkIf (config.clanCore.secretStore == "password-store") {
    clanCore.secretsDirectory = config.clan.password-store.targetDirectory;
    clanCore.secretsUploadDirectory = config.clan.password-store.targetDirectory;
-    system.clan.secretsModule = "clan_cli.secrets.modules.password_store";
+    system.clan.secretFactsModule = "clan_cli.facts.secret_modules.password_store";
  };
 }
--- a/nixosModules/clanCore/secrets/sops.nix
+++ b/nixosModules/clanCore/secrets/sops.nix
@@ -44,7 +44,7 @@ in
  config = lib.mkIf (config.clanCore.secretStore == "sops") {
    clanCore.secretsDirectory = "/run/secrets";
    clanCore.secretsPrefix = config.clanCore.machineName + "-";
-    system.clan.secretsModule = "clan_cli.secrets.modules.sops";
+    system.clan.secretFactsModule = "clan_cli.facts.secret_modules.sops";
    sops.secrets = builtins.mapAttrs (name: _: {
      sopsFile = config.clanCore.clanDir + "/sops/secrets/${name}/secret";
      format = "binary";
--- a/nixosModules/clanCore/secrets/vm.nix
+++ b/nixosModules/clanCore/secrets/vm.nix
@@ -3,7 +3,7 @@
  config = lib.mkIf (config.clanCore.secretStore == "vm") {
    clanCore.secretsDirectory = "/etc/secrets";
    clanCore.secretsUploadDirectory = "/etc/secrets";
-    system.clan.secretsModule = "clan_cli.secrets.modules.vm";
-    system.clan.factsModule = "clan_cli.facts.modules.vm";
+    system.clan.secretFactsModule = "clan_cli.facts.secret_modules.vm";
+    system.clan.publicFactsModule = "clan_cli.facts.public_modules.vm";
  };
 }