git.delta.rocks / jrsonnet / refs/commits / cf283066e9aa

difftreelog

feat optional private secret part

Yaroslav Bolyukin2021-11-20parent: #62fbb3d.patch.diff
in: trunk

2 files changed

modifiedmodules/fleet/secrets.nixdiffbeforeafterboth
25        default = null;25        default = null;
26      };26      };
27      secret = mkOption {27      secret = mkOption {
28        type = str;28        type = nullOr str;
29        description = "Encrypted secret data";29        description = "Encrypted secret data";
30        default = null;
30      };31      };
31    };32    };
32  };33  };
modifiedmodules/nixos/secrets.nixdiffbeforeafterboth
3  sysConfig = config;6  sysConfig = config;
4  secretType = types.submodule ({ config, ... }: {7  secretType = types.submodule ({ config, ... }: {
5    config = {8    config = {
6      path = mkOptionDefault (if config.secret == null then (error "secret is not set") else "/run/secrets/${config._module.args.name}");9      path = mkOptionDefault "/run/secrets/${config._module.args.name}";
7      publicPath = mkOptionDefault (pkgs.writeText "pub-${config._module.args.name}" config.public);10      publicPath = mkOptionDefault (pkgs.writeText "pub-${config._module.args.name}" config.public);
8    };11    };
9    options = {12    options = {
3538
36      path = mkOption {39      path = mkOption {
37        type = types.str;40        type = types.str;
38        readOnly = true;
39        description = "Path to the decrypted secret";41        description = "Path to the decrypted secret";
40      };42      };
41      publicPath = mkOption {43      publicPath = mkOption {
42        type = types.package;44        type = types.package;
43        readOnly = true;
44        description = "Path to the public part of secret";45        description = "Path to the public part of secret";
45      };46      };
46    };47    };