From 32adec6df6717715b1a89406006535b42f54bae6 Mon Sep 17 00:00:00 2001 From: ibizaman Date: Sat, 23 Nov 2024 00:12:31 +0100 Subject: [PATCH] have actual implementation for sops secrets --- CHANGELOG.md | 27 ++++++++++++++++++++++++++- VERSION | 2 +- modules/blocks/sops.nix | 15 ++++++++++++--- 3 files changed, 39 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 73e3bee..abc1220 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,6 @@ -# Upcoming Release + + +# v0.2.2 (unreleased) + +## User Facing Backwards Compatible Changes + +- Fix: add implementation for `sops.nix` module. + +## Other Changes + +- Use VERSION when rendering manual too. + +# v0.2.1 + +## User Facing Backwards Compatible Changes + +- Add `sops.nix` module to `nixosModules.default`. + +## Other Changes + +- Auto-tagging of git repo when VERSION file gets updated. +- Add VERSION file to track version. + # v0.2.0 ## New Features diff --git a/VERSION b/VERSION index 7dff5b8..f477849 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.2.1 \ No newline at end of file +0.2.2 \ No newline at end of file diff --git a/modules/blocks/sops.nix b/modules/blocks/sops.nix index 4f9f26a..34960d4 100644 --- a/modules/blocks/sops.nix +++ b/modules/blocks/sops.nix @@ -1,9 +1,11 @@ -{ lib, pkgs, ... }: +{ config, lib, pkgs, ... }: let - inherit (lib) mkOption; + inherit (lib) mapAttrs mkOption; inherit (lib.types) attrsOf anything submodule; contracts = pkgs.callPackage ../contracts {}; + + cfg = config.shb.sops; in { options.shb.sops = { @@ -22,7 +24,8 @@ in are managed by the [shb.sops.secret..request](#blocks-sops-options-shb.sops.secret._name_.request) option. ''; - type = anything; + type = attrsOf anything; + default = {}; }; resultCfg = { @@ -33,4 +36,10 @@ in })); }; }; + + config = { + sops.secrets = let + mkSecret = n: secretCfg: secretCfg.request // secretCfg.settings; + in mapAttrs mkSecret cfg.secret; + }; }