yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

vars: don't use sops.secrets.*.restartUnits on macOS

Browse Source
This commit is contained in:
Michael Hoang
2025-06-10 13:27:02 +07:00
parent 931f0b00d0
commit e8ebd887d0
3 changed files with 34 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
clanModules/root-password/roles/default.nix
View File

@@ -1,4 +1,5 @@
{ {
_class,
pkgs, pkgs,
config, config,
lib, lib,
@@ -10,10 +11,13 @@
config.clan.core.vars.generators.root-password.files.password-hash.path; config.clan.core.vars.generators.root-password.files.password-hash.path;
clan.core.vars.generators.root-password = { clan.core.vars.generators.root-password = {
files.password-hash = { files.password-hash =
neededFor = "users"; {
}; neededFor = "users";
files.password-hash.restartUnits = lib.optional (config.services.userborn.enable) "userborn.service"; }
// (lib.optionalAttrs (_class == "nixos") {
restartUnits = lib.optional (config.services.userborn.enable) "userborn.service";
});
files.password = { files.password = {
deploy = false; deploy = false;
}; };

10
clanModules/user-password/roles/default.nix
View File

@@ -1,4 +1,5 @@
{ {
_class,
pkgs, pkgs,
config, config,
lib, lib,
@@ -30,8 +31,13 @@ in
}; };
clan.core.vars.generators.user-password = { clan.core.vars.generators.user-password = {
files.user-password-hash.neededFor = "users"; files.user-password-hash =
files.user-password-hash.restartUnits = lib.optional (config.services.userborn.enable) "userborn.service"; {
neededFor = "users";
}
// (lib.optionalAttrs (_class == "nixos") {
restartUnits = lib.optional (config.services.userborn.enable) "userborn.service";
});
prompts.user-password.type = "hidden"; prompts.user-password.type = "hidden";
prompts.user-password.persist = true; prompts.user-password.persist = true;

32
nixosModules/clanCore/vars/secret/sops/default.nix
View File

@@ -1,4 +1,5 @@
{ {
_class,
config, config,
lib, lib,
pkgs, pkgs,
@@ -42,20 +43,23 @@ in
secrets = lib.listToAttrs ( secrets = lib.listToAttrs (
map (secret: { map (secret: {
name = "vars/${secret.generator}/${secret.name}"; name = "vars/${secret.generator}/${secret.name}";
value = { value =
inherit (secret) {
owner inherit (secret)
group owner
mode group
neededForUsers mode
restartUnits neededForUsers
; ;
sopsFile = builtins.path { sopsFile = builtins.path {
name = "${secret.generator}_${secret.name}"; name = "${secret.generator}_${secret.name}";
path = secretPath secret; path = secretPath secret;
}; };
format = "binary"; format = "binary";
}; }
// (lib.optionalAttrs (_class == "nixos") {
inherit (secret) restartUnits;
});
}) (builtins.filter (x: builtins.pathExists (secretPath x)) vars) }) (builtins.filter (x: builtins.pathExists (secretPath x)) vars)
); );