14 lines
442 B
Nix
14 lines
442 B
Nix
{ lib, ... }:
|
|
|
|
let
|
|
secretData = import ../intermediate/secrets.nix;
|
|
in
|
|
{
|
|
sops = {
|
|
age.keyFile = "/var/lib/sops-nix/key.txt";
|
|
secrets = secretData.byName;
|
|
};
|
|
|
|
warnings = lib.optional (secretData.missing != [])
|
|
"Some SOPS source files are missing or not yet encrypted; no runtime secrets will be provisioned for: ${builtins.concatStringsSep ", " (map (item: builtins.concatStringsSep "_" item.path) secretData.missing)}";
|
|
}
|