yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

vars: global metadata paths for all store backends

Browse Source 
This also changes the paths where sops stores teh secret -> all sops secrets will have to be re-generated
This commit is contained in:
DavHau
2024-09-03 16:29:10 +02:00
parent 027e704534
commit 8efcd65bed
10 changed files with 102 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
nixosModules/clanCore/vars/secret/sops/default.nix
View File

@@ -18,14 +18,19 @@ let
metaData = sopsFile: if pathExists (metaFile sopsFile) then importJSON (metaFile sopsFile) else { };
toDeploy = secret: (metaData secret.sopsFile).deploy or true;
isSopsSecret =
secret:
let
meta = metaData secret.sopsFile;
in
meta.store or null == "sops" && meta.deployed or true && meta.secret or true;
varsDirMachines = config.clan.core.clanDir + "/sops/vars/per-machine/${machineName}";
varsDirShared = config.clan.core.clanDir + "/sops/vars/shared";
varsDirMachines = config.clan.core.clanDir + "/vars/per-machine/${machineName}";
varsDirShared = config.clan.core.clanDir + "/vars/shared";
vars' = (listVars varsDirMachines) ++ (listVars varsDirShared);
vars = lib.filter (secret: toDeploy secret) vars';
vars = lib.filter isSopsSecret vars';
in
{
config.clan.core.vars.settings = lib.mkIf (config.clan.core.vars.settings.secretStore == "sops") {