From f545e30831ec7e65179b1b2a2f1dd47b65a01c3a Mon Sep 17 00:00:00 2001
From: derped <derped@ophanim.de>
Date: Sat, 30 Nov 2024 21:11:05 +0100
Subject: [PATCH] fn: add docstring to sopsHelper

---
 fn.nix | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/fn.nix b/fn.nix
index fb3c65c..19a962e 100644
--- a/fn.nix
+++ b/fn.nix
@@ -151,6 +151,50 @@ rec {
   # But at least it now (hopefully) checks ONLY dependencies (and all of them at that).
   depsBrokenRec =
     p: (meetsConDo (p: ifelse (depsBroken p) true (depsBrokenRec (deps p))) (p: true) (deps p));
+
+  /**
+    Helper function to generate secret definitions for sops-nix.
+
+    # Type
+    ```
+    sopsHelper :: ()
+    ```
+    # Arguments
+    # Examples
+    ```nix
+    sopsHelper (name: "services/nextcloud/${name}")
+      [ "adminPass" "dbPass" ]
+      { owner = "nextcloud"; group = "nextcloud"; }
+    =>  {
+          "services/nextcloud/adminPass" = {
+            group = "nextcloud";
+            owner = "nextcloud";
+          };
+          "services/nextcloud/dbPass" = {
+            group = "nextcloud";
+            owner = "nextcloud";
+          };
+        }
+
+    sopsHelper (user: "users/${user}/publicKey")
+      [ "alice" "bob" "eve" ]
+      (user: { path = "/etc/ssh/authorized_keys.d/${user}"; mode = "444"; })
+    =>  {
+          "users/alice/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/alice";
+          };
+          "users/bob/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/bob";
+          };
+          "users/eve/publicKey" = {
+            mode = "444";
+            path = "/etc/ssh/authorized_keys.d/eve";
+          };
+        }
+    ```
+  */
   sopsHelper =
     template: names: options:
     let