secrets/toSecrets.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

hosts:
let
  optional = attrset: val: if attrset ? ${val} then [ attrset.${val} ] else [ ];

  mkPubkeys = host: optional host "pubkey" ++ optional host "owner";

  op =
    acc: host:
    acc
    // (builtins.listToAttrs (
      map (file: {
        name = "${host}/${file}";
        value = {
          publicKeys = mkPubkeys hosts.${host};
        };
      }) hosts.${host}.files
    ));
in
builtins.foldl' op { } (builtins.attrNames hosts)