derped/nixos
1
0
Fork 0
Code Releases Activity

fn: add docstring to sopsHelper

Browse source
This commit is contained in:
Kevin Baensch 2024-11-30 21:11:05 +01:00
parent 1812effbd7
commit f545e30831
Signed by: derped
GPG key ID: C0F1D326C7626543
1 changed files with 44 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
fn.nix
View file

@ -151,6 +151,50 @@ rec {
# But at least it now (hopefully) checks ONLY dependencies (and all of them at that).
depsBrokenRec =
p: (meetsConDo (p: ifelse (depsBroken p) true (depsBrokenRec (deps p))) (p: true) (deps p));
/**
Helper function to generate secret definitions for sops-nix.
# Type
```
sopsHelper :: ()
```
# Arguments
# Examples
```nix
sopsHelper (name: "services/nextcloud/${name}")
[ "adminPass" "dbPass" ]
{ owner = "nextcloud"; group = "nextcloud"; }
=> {
"services/nextcloud/adminPass" = {
group = "nextcloud";
owner = "nextcloud";
};
"services/nextcloud/dbPass" = {
group = "nextcloud";
owner = "nextcloud";
};
}
sopsHelper (user: "users/${user}/publicKey")
[ "alice" "bob" "eve" ]
(user: { path = "/etc/ssh/authorized_keys.d/${user}"; mode = "444"; })
=> {
"users/alice/publicKey" = {
mode = "444";
path = "/etc/ssh/authorized_keys.d/alice";
};
"users/bob/publicKey" = {
mode = "444";
path = "/etc/ssh/authorized_keys.d/bob";
};
"users/eve/publicKey" = {
mode = "444";
path = "/etc/ssh/authorized_keys.d/eve";
};
}
```
*/
sopsHelper =
template: names: options:
let