yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Files
aad40326261e472593983d43e8a06f03956ae012
clan-core/nixosModules/clanCore/vars/default.nix
DavHau 501ade7de7 vars: implement migration 
Migrating generated files from the facts subsystem to the vars subsystem is now possible.

HowTo:
1. declare `clan.core.vars.generators.<generator>.migrateFact = my_service` where `my_service` refers to a service from `clan.core.facts.services`
2. run `clan vers generate your_machine` or `clan machines update your_machine`

Vars will only be migrated for a generator if:
1. The facts service specified via `migrateFact` does exist
2. None of the vars to generate exist yet
3. All public var names exist in the public facts store
4. All secret var names exist in the secret fact store

If the migration is deemed possible, the generator script will not be executed. Instead the files from the public or secret facts store are read and stored into the corresponding vars store
2024-09-19 17:57:03 +02:00

62 lines
1.6 KiB
Nix
Raw Blame History

{
lib,
config,
pkgs,
...
}:
let
inherit (lib.types) submoduleWith;
submodule =
module:
submoduleWith {
specialArgs.pkgs = pkgs;
modules = [ module ];
};
in
{
imports = [
./public/in_repo.nix
# ./public/vm.nix
./secret/password-store.nix
./secret/sops
# ./secret/vm.nix
];
options.clan.core.vars = lib.mkOption {
visible = false;
description = ''
Generated Variables
Define generators that prompt for or generate variables like facts and secrets to store, deploy, and rotate them easily.
For example, generators can be used to:
- prompt the user for input, like passwords or host names
- generate secrets like private keys automatically when they are needed
- output multiple values like private and public keys simultaneously
'';
type = submodule { imports = [ ./interface.nix ]; };
};
config.system.clan.deployment.data = {
vars = {
generators = lib.flip lib.mapAttrs config.clan.core.vars.generators (
_name: generator: {
inherit (generator)
dependencies
finalScript
migrateFact
prompts
share
;
files = lib.flip lib.mapAttrs generator.files (
_name: file: {
inherit (file) deploy secret;
}
);
}
);
inherit (config.clan.core.vars.settings) secretUploadDirectory secretModule publicModule;
};
inherit (config.clan.core.networking) targetHost buildHost;
inherit (config.clan.core.deployment) requireExplicitUpdate;
};
}
Reference in New Issue View Git Blame Copy Permalink