soopy.moe / gensokyo
nixos config
fork atom

feat: refactor genSecrets function to utils

* moved the genSecrets helper function from akkoma to global utils
* added smart namespace detection

Cassie Cheung 46af5888 a2541fa5

options
unified split
Changed files
+12 -4
global
utils.nix
systems
koumakan
services
fediverse
akkoma.nix
+9 -2
global/utils.nix 
···

       
1

       
 

       
# see /docs/utils.md for a usage guide


     

       
2

       
 

       
{


     

       
3

       
-

       
  # inputs,


     

       
4

       
 

       
  # system,


     

       
5

       
 

       
  ...


     

       
6

       
-

       
}: rec {


     

       

       

       
     

       

       

       
     

       
7

       
 

       
  mkVhost = {...} @ opts:


     

       
8

       
 

       
    {


     

       
9

       
 

       
      # ideally mkOverride/mkDefault would be used, but i have 0 idea how it works.


     
···

       
25

       
 

       
        proxyWebsockets = websockets;


     

       
26

       
 

       
      };


     

       
27

       
 

       
    };


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
28

       
 

       
}


     
···

       
1

       
 

       
# see /docs/utils.md for a usage guide


     

       
2

       
 

       
{


     

       
3

       
+

       
  inputs,


     

       
4

       
 

       
  # system,


     

       
5

       
 

       
  ...


     

       
6

       
+

       
}: let


     

       
7

       
+

       
  lib = inputs.nixpkgs.lib;


     

       
8

       
+

       
in rec {


     

       
9

       
 

       
  mkVhost = {...} @ opts:


     

       
10

       
 

       
    {


     

       
11

       
 

       
      # ideally mkOverride/mkDefault would be used, but i have 0 idea how it works.


     
···

       
27

       
 

       
        proxyWebsockets = websockets;


     

       
28

       
 

       
      };


     

       
29

       
 

       
    };


     

       
30

       
+

       



     

       
31

       
+

       
  genSecrets = namespace: files: value:


     

       
32

       
+

       
    lib.genAttrs (


     

       
33

       
+

       
      map (x: namespace + lib.optionalString (lib.stringLength namespace != 0) "/" + x) files


     

       
34

       
+

       
    ) (_: value);


     

       
35

       
 

       
}
+3 -2
systems/koumakan/services/fediverse/akkoma.nix 
···

       
7

       
 

       
}: let


     

       
8

       
 

       
  mkRaw = (pkgs.formats.elixirConf {}).lib.mkRaw;


     

       
9

       
 

       
  # I don't know what i did but i made this abomination


     

       
10

       
-

       
  genSecrets = namespace: files: value: lib.genAttrs (map (x: namespace + x) files) (_: value);


     

       
11

       
 

       
  mkSecret = file:


     

       
12

       
 

       
    if !lib.elem file secrets


     

       
13

       
 

       
    then throw "Provided secret file ${file} is not in the list of defined secrets."


     
···

       
32

       
 

       
  ];


     

       
33

       
 

       
in {


     

       
34

       
 

       
  # secrets definition


     

       
35

       
-

       
  sops.secrets = genSecrets "akkoma/" secrets {};


     

       
36

       
 

       



     

       
37

       
 

       
  services.akkoma = {


     

       
38

       
 

       
    enable = true;


     
···

       
42

       
 

       
    # frontends = {


     

       
43

       
 

       
    #   swagger


     

       
44

       
 

       
    # };


     

       

       

       
     

       

       

       
     

       
45

       
 

       
    dist.cookie = mkSecret "dist/cookie";


     

       
46

       
 

       
    config = {


     

       
47

       
 

       
      ":joken".":default_signer" = mkSecret "joken_default_signer";


     
···

       
7

       
 

       
}: let


     

       
8

       
 

       
  mkRaw = (pkgs.formats.elixirConf {}).lib.mkRaw;


     

       
9

       
 

       
  # I don't know what i did but i made this abomination


     

       

       

       
     

       
10

       
 

       
  mkSecret = file:


     

       
11

       
 

       
    if !lib.elem file secrets


     

       
12

       
 

       
    then throw "Provided secret file ${file} is not in the list of defined secrets."


     
···

       
31

       
 

       
  ];


     

       
32

       
 

       
in {


     

       
33

       
 

       
  # secrets definition


     

       
34

       
+

       
  sops.secrets = _utils.genSecrets "akkoma" secrets {};


     

       
35

       
 

       



     

       
36

       
 

       
  services.akkoma = {


     

       
37

       
 

       
    enable = true;


     
···

       
41

       
 

       
    # frontends = {


     

       
42

       
 

       
    #   swagger


     

       
43

       
 

       
    # };


     

       
44

       
+

       



     

       
45

       
+

       
    # TODO: Issue #5


     

       
46

       
 

       
    dist.cookie = mkSecret "dist/cookie";


     

       
47

       
 

       
    config = {


     

       
48

       
 

       
      ":joken".":default_signer" = mkSecret "joken_default_signer";