From e8a112be9a0bf067c8acb3a26cfd183c2f57c513 Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 10 Dec 2023 07:54:17 -0500 Subject: systems+modules: add secretsDir specialArg --- systems/atlas/attic.nix | 15 +++++++++------ systems/atlas/default.nix | 3 ++- systems/atlas/miniflux.nix | 9 ++++++--- systems/common.nix | 10 ++++------ systems/default.nix | 5 ++++- 5 files changed, 25 insertions(+), 17 deletions(-) (limited to 'systems') diff --git a/systems/atlas/attic.nix b/systems/atlas/attic.nix index d6e15eb..fe4e67c 100644 --- a/systems/atlas/attic.nix +++ b/systems/atlas/attic.nix @@ -1,8 +1,9 @@ -{config, ...}: let - kb = 1024; -in { - age.secrets.atticCreds.file = - ../../secrets/${config.networking.hostName}/atticCreds.age; +{ + config, + secretsDir, + ... +}: { + age.secrets.atticCreds.file = secretsDir + "/atticCreds.age"; services.atticd = { enable = true; @@ -14,7 +15,9 @@ in { compression.type = "zstd"; - chunking = { + chunking = let + kb = 1024; + in { nar-size-threshold = 64 * kb; min-size = 16 * kb; avg-size = 64 * kb; diff --git a/systems/atlas/default.nix b/systems/atlas/default.nix index 247e134..7b0955a 100644 --- a/systems/atlas/default.nix +++ b/systems/atlas/default.nix @@ -1,6 +1,7 @@ { config, pkgs, + secretsDir, ... }: { imports = [ @@ -18,7 +19,7 @@ hermetic = false; }; - age.secrets.teawiebot.file = ../../secrets/atlas/teawieBot.age; + age.secrets.teawiebot.file = secretsDir + "/teawieBot.age"; boot = { loader.systemd-boot.enable = true; diff --git a/systems/atlas/miniflux.nix b/systems/atlas/miniflux.nix index d25b588..73ed2c6 100644 --- a/systems/atlas/miniflux.nix +++ b/systems/atlas/miniflux.nix @@ -1,6 +1,9 @@ -{config, ...}: { - age.secrets .miniflux.file = - ../../secrets/${config.networking.hostName}/miniflux.age; +{ + config, + secretsDir, + ... +}: { + age.secrets .miniflux.file = secretsDir + "/miniflux.age"; services.miniflux = { enable = true; diff --git a/systems/common.nix b/systems/common.nix index 77d04c0..b4dc782 100644 --- a/systems/common.nix +++ b/systems/common.nix @@ -26,14 +26,12 @@ in { hmSetup - ({config, ...}: { + ({secretsDir, ...}: { age = { identityPaths = ["/etc/age/key"]; - secrets = let - baseDir = ../secrets/${config.networking.hostName}; - in { - rootPassword.file = "${baseDir}/rootPassword.age"; - sethPassword.file = "${baseDir}/sethPassword.age"; + secrets = { + rootPassword.file = secretsDir + "/rootPassword.age"; + sethPassword.file = secretsDir + "/sethPassword.age"; }; }; diff --git a/systems/default.nix b/systems/default.nix index e44b096..2f8c277 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -14,7 +14,10 @@ (builtins.removeAttrs args ["builder"]) // { modules = args.modules ++ [./${name}]; - specialArgs = {inherit inputs self;}; + specialArgs = { + inherit inputs self; + secretsDir = ../secrets/${name}; + }; } ); -- cgit v1.2.3