git.delta.rocks / jrsonnet / refs/commits / 38d1791fce60

difftreelog

refactor! remove secret.path

Yaroslav Bolyukin2022-09-02parent: #3fd8433.patch.diff
in: trunk
BREAKING CHANGE: all .path usages should be switched to .secretPath

1 file changed

modifiednixos/secrets.nixdiffbeforeafterboth
6  sysConfig = config;6  sysConfig = config;
7  secretType = types.submodule ({ config, ... }: {7  secretType = types.submodule ({ config, ... }: {
8    config = rec {8    config = rec {
9      path = warn "use .stableSecretPath instead of .path (at config.secrets.${config._module.args.name})" stableSecretPath;
10      stableSecretPath = mkOptionDefault "/run/secrets/secret-stable-${config._module.args.name}";9      stableSecretPath = mkOptionDefault "/run/secrets/secret-stable-${config._module.args.name}";
11      secretPath = mkOptionDefault "/run/secrets/secret-${config.secretHash}-${config._module.args.name}";10      secretPath = mkOptionDefault "/run/secrets/secret-${config.secretHash}-${config._module.args.name}";
12      secretHash = mkOptionDefault (if config.secret != null then (builtins.hashString "sha1" config.secret) else "<missingno>");11      secretHash = mkOptionDefault (if config.secret != null then (builtins.hashString "sha1" config.secret) else "<missingno>");
51        description = "Hash of .public field";50        description = "Hash of .public field";
52      };51      };
5352
54      path = mkOption {
55        type = types.str;
56        description = "Path to the decrypted secret";
57      };
58      stableSecretPath = mkOption {53      stableSecretPath = mkOption {
59        type = types.str;54        type = types.str;
60        description = """55        description = ''
61          Use this, if target process supports re-reading of secret from disk,56          Use this, if target process supports re-reading of secret from disk,
62          and doesn't needs to be restarted when secret is updated in file57          and doesn't needs to be restarted when secret is updated in file
63        """;58        '';
64      };59      };
65      secretPath = mkOption {60      secretPath = mkOption {
66        type = types.str;61        type = types.str;
6964
70      stablePublicPath = mkOption {65      stablePublicPath = mkOption {
71        type = types.str;66        type = types.str;
72        description = """67        description = ''
73          Use this, if target process supports re-reading of secret from disk,68          Use this, if target process supports re-reading of secret from disk,
74          and doesn't needs to be restarted when secret is updated in file69          and doesn't needs to be restarted when secret is updated in file
75        """;70        '';
76      };71      };
77      publicPath = mkOption {72      publicPath = mkOption {
78        type = types.str;73        type = types.str;