soraefir
20 lines
617 B
Nix
20 lines
617 B
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
listNames = config.syscfg.server.db;
|
|
containerNames = lib.concatMap (app: app.requires.secrets) (builtins.attrValues config.syscfg.server.loadedContainers);
|
|
allApps = lib.unique (listNames ++ containerNames);
|
|
needsServerSops = config.syscfg.server.loadedContainers != {} || allApps != [];
|
|
in{
|
|
config = lib.mkIf needsServerSops {
|
|
sops.secrets = {
|
|
CUSTOM = {
|
|
mode = "0444";
|
|
sopsFile = ./server.yaml;
|
|
};
|
|
} // (lib.genAttrs (map (name: lib.toUpper name) allApps) (name: {
|
|
mode = "0444";
|
|
sopsFile = ./server.yaml;
|
|
}));
|
|
};
|
|
}
|