swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2026-04-14 13:19:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: support vars in pii

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-12-22 14:15:12 +01:00 committed by Leon Schwarzäugl
parent 91157e2cca
commit 1502faf345
3 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
SwarselSystems.org
View file

@ -2784,7 +2784,7 @@ This is my main server that I run at home. It handles most tasks that require bi
:CUSTOM_ID: h:8ad68406-4a75-45ba-97ad-4c310b921124 :CUSTOM_ID: h:8ad68406-4a75-45ba-97ad-4c310b921124
:END: :END:
#+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/winters/default.nix #+begin_src nix-ts :tangle hosts/nixos/x86_64-linux/winters/default.nix
{ self, lib, minimal, ... }: { self, lib, minimal, globals, ... }:
{ {
imports = [ imports = [
@ -6440,7 +6440,7 @@ This is also exposed to home-manager configurations, in case this ever breaks, I
#+begin_src nix-ts :tangle modules/nixos/common/pii.nix #+begin_src nix-ts :tangle modules/nixos/common/pii.nix
# largely based on https://github.com/oddlama/nix-config/blob/main/modules/secrets.nix # largely based on https://github.com/oddlama/nix-config/blob/main/modules/secrets.nix
{ config, inputs, lib, ... }: { config, inputs, lib, nodes, ... }:
let let
# If the given expression is a bare set, it will be wrapped in a function, # If the given expression is a bare set, it will be wrapped in a function,
# so that the imported file can always be applied to the inputs, similar to # so that the imported file can always be applied to the inputs, similar to
@ -6494,7 +6494,7 @@ This is also exposed to home-manager configurations, in case this ever breaks, I
secrets = lib.mkOption { secrets = lib.mkOption {
readOnly = true; readOnly = true;
default = lib.mapAttrs (_: x: importEncrypted x inputs) config.repo.secretFiles; default = lib.mapAttrs (_: x: importEncrypted x { inherit lib nodes inputs; }) config.repo.secretFiles;
type = lib.types.unspecified; type = lib.types.unspecified;
description = "Exposes the loaded repo secrets. This option is read-only."; description = "Exposes the loaded repo secrets. This option is read-only.";
}; };

4
modules/nixos/common/pii.nix
View file

@ -1,5 +1,5 @@
# largely based on https://github.com/oddlama/nix-config/blob/main/modules/secrets.nix # largely based on https://github.com/oddlama/nix-config/blob/main/modules/secrets.nix
{ config, inputs, lib, ... }: { config, inputs, lib, nodes, ... }:
let let
# If the given expression is a bare set, it will be wrapped in a function, # If the given expression is a bare set, it will be wrapped in a function,
# so that the imported file can always be applied to the inputs, similar to # so that the imported file can always be applied to the inputs, similar to
@ -53,7 +53,7 @@ in
secrets = lib.mkOption { secrets = lib.mkOption {
readOnly = true; readOnly = true;
default = lib.mapAttrs (_: x: importEncrypted x inputs) config.repo.secretFiles; default = lib.mapAttrs (_: x: importEncrypted x { inherit lib nodes inputs; }) config.repo.secretFiles;
type = lib.types.unspecified; type = lib.types.unspecified;
description = "Exposes the loaded repo secrets. This option is read-only."; description = "Exposes the loaded repo secrets. This option is read-only.";
}; };

6
secrets/repo/globals.nix.enc
View file

File diff suppressed because one or more lines are too long