diff options
Diffstat (limited to 'modules/nixos/traits/hercules.nix')
| -rw-r--r-- | modules/nixos/traits/hercules.nix | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/modules/nixos/traits/hercules.nix b/modules/nixos/traits/hercules.nix deleted file mode 100644 index 14e8c12..0000000 --- a/modules/nixos/traits/hercules.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - lib, - unstable, - secretsDir, - ... -}: let - cfg = config.traits.hercules-ci; -in { - options.traits.hercules-ci = { - enable = lib.mkEnableOption "hercules-ci"; - manageSecrets = - lib.mkEnableOption "automatic secrets management" - // { - default = config.traits.secrets.enable; - }; - }; - - config = lib.mkIf cfg.enable ( - lib.mkMerge [ - { - services.hercules-ci-agent = { - enable = true; - package = unstable.hercules-ci-agent; - }; - } - - (let - secretNames = [ - "binaryCaches" - "clusterJoinToken" - "secretsJson" - ]; - in - lib.mkIf cfg.manageSecrets { - age.secrets = lib.genAttrs secretNames ( - file: { - file = "${secretsDir}/${file}.age"; - mode = "400"; - owner = "hercules-ci-agent"; - group = "hercules-ci-agent"; - } - ); - - services.hercules-ci-agent = { - settings = lib.mapAttrs' (name: lib.nameValuePair (name + "Path")) ( - lib.genAttrs secretNames (name: config.age.secrets.${name}.path) - ); - }; - }) - ] - ); -} |