crans
/
nixos
mirror of https://gitlab.crans.org/nounous/nixos
19
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correction secrets.nix

merge-requests/22/head
pigeonmoelleux 2025-06-25 17:37:21 +02:00
parent 6081457da2
commit 02ab2c3aec
No known key found for this signature in database
GPG Key ID: B3BE02E379E6E8E2
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
secrets.nix
View File

@ -62,7 +62,7 @@ let
# Secrets # Secrets
commonSecrets = (listFilesRelative ./secrets/common) ++ [ commonSecrets = (listFilesRelative ./secrets/common) ++ [
"./secrets/restic/client_env" "./secrets/restic/client_env.age"
]; ];
acmeSecrets = listFilesRelative ./secrets/acme; acmeSecrets = listFilesRelative ./secrets/acme;
@ -74,21 +74,21 @@ in
# Secrets pour ACME # Secrets pour ACME
// (genAttrs acmeSecrets acme) // (genAttrs acmeSecrets acme)
# Secrets pour restic # Secrets pour restic
// builtins.foldl' ( // attrsets.foldlAttrs (
acc: name: outacc: host: key:
acc
// (
let let
key = hosts.${name}; secrets = listFilesRelative (path.append ./secrets/restic host);
in in
genAttrs outacc
[ // builtins.foldl' (
"./secrets/restic/${name}/base-repo" acc: secret:
"./secrets/restic/${name}/base-password" acc
] // {
[ key ] "${secret}".publicKeys = [ key ] ++ nounous;
) }
) { } (lists.remove "thot" hostnames) ) { } secrets
) { } (lib.filterAttrs (host: _: host != "thot" && host != "cephiroth") hosts)
# Secrets spécifiques à chaque VM
// attrsets.foldlAttrs ( // attrsets.foldlAttrs (
outacc: host: key: outacc: host: key:
let let