diff options
Diffstat (limited to 'modules/nixos/server/secrets.nix')
| -rw-r--r-- | modules/nixos/server/secrets.nix | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/modules/nixos/server/secrets.nix b/modules/nixos/server/secrets.nix index 1d572bd..0f38995 100644 --- a/modules/nixos/server/secrets.nix +++ b/modules/nixos/server/secrets.nix @@ -1,10 +1,21 @@ -{secretsDir, ...}: { - age = { - identityPaths = ["/etc/age/key"]; +{ + config, + lib, + secretsDir, + ... +}: let + cfg = config.server.secrets; +in { + options.server.secrets.enable = lib.mkEnableOption "secrets management"; - secrets = { - rootPassword.file = secretsDir + "/rootPassword.age"; - userPassword.file = secretsDir + "/userPassword.age"; + config = lib.mkIf cfg.enable { + age = { + identityPaths = ["/etc/age/key"]; + + secrets = { + rootPassword.file = secretsDir + "/rootPassword.age"; + userPassword.file = secretsDir + "/userPassword.age"; + }; }; }; } |