aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/secrets/default.nix9
1 files changed, 7 insertions, 2 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix
index 20dbfd2..296f5fc 100644
--- a/modules/secrets/default.nix
+++ b/modules/secrets/default.nix
@@ -9,12 +9,17 @@ in {
config.age = {
secrets = let
+ toName = lib.removeSuffix ".age";
userExists = u: builtins.hasAttr u config.users.users;
# Only set the user if it exists, to avoid warnings
userIfExists = u: if userExists u then u else "root";
+ toSecret = name:
+ { owner ? "root", ... }: {
+ file = "${secretsDir}/${name}";
+ owner = lib.mkDefault (userIfExists owner);
+ };
in if pathExists secretsFile then
- mapAttrs' (n: _:
- nameValuePair (removeSuffix ".age" n) { file = "${secretsDir}/${n}"; })
+ mapAttrs' (n: v: nameValuePair (toName n) (toSecret n v))
(import secretsFile)
else
{ };
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 07:20:29 +0000