Implement initial containers module

2022-03-26 14:20:30 +00:00
parent 5ef6684df4
commit 67114c1336
16 changed files with 372 additions and 73 deletions
--- a/nixos/modules/secrets.nix
+++ b/nixos/modules/secrets.nix
@@ -8,6 +8,7 @@ let
 in
 {
  options.my.secrets = with lib.types; {
+    vmKeyPath = mkOpt' str "/tmp/xchg/dev.key" "Path to dev key when in a dev VM.";
    key = mkOpt' (nullOr str) null "Public key that secrets for this system should be encrypted for.";
    files = mkOpt' (attrsOf unspecified) { } "Secrets to decrypt with agenix.";
  };
@@ -19,7 +20,7 @@ in
      } // opts) cfg.files;
    }
    (mkIf config.my.build.isDevVM {
-      age.identityPaths = [ "/tmp/xchg/dev.key" ];
+      age.identityPaths = [ cfg.vmKeyPath ];
    })
  ];
 }