secrets/toSecrets.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

hosts: let
  optional = attrset: val:
    if attrset ? ${val}
    then [attrset.${val}]
    else [];

  mkPubkeys = host: optional host "pubkey" ++ optional host "owner";

  op = acc: host:
    acc
    // (
      builtins.listToAttrs (
        map (
          file: {
            name = "${host}/${file}";
            value = {
              publicKeys = mkPubkeys hosts.${host};
            };
          }
        )
        hosts.${host}.files
      )
    );
in
  builtins.foldl' op {} (builtins.attrNames hosts)