+

milieuim · Sep 16, 2024 · 7af1f67 · 7af1f67
1 parent 6333a3c
commit 7af1f67
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 42 deletions.
diff --git a/apps/renc.nix b/apps/renc.nix
@@ -0,0 +1,27 @@
+{
+  nodes,
+  userFlake',
+  pkgs,
+  system,
+  ...
+}:
+let
+  inherit (pkgs) writeShellScriptBin;
+  inherit (pkgs.lib) concatStringsSep traceVal;
+  inherit (builtins) attrValues;
+
+  vaultixs = map (n: n.config.vaultix) (attrValues nodes);
+  bin = pkgs.lib.getExe userFlake'.packages.${system}.default;
+
+in
+writeShellScriptBin "renc" (
+  concatStringsSep "\n" (
+    map (
+      n:
+      let
+        a = (pkgs.formats.toml { }).generate "secretsMetadata" n;
+      in
+      "${bin} ${a} renc"
+    ) vaultixs
+  )
+)
diff --git a/flake-module.nix b/flake-module.nix
@@ -12,35 +12,32 @@ let
     types
     ;
 
-  allApps = [
-    "edit"
-    "renc"
-  ];
 in
 {
   options = {
-    # flake = flake-parts-lib.mkSubmoduleOptions {
-    #   agenix-rekey = mkOption {
-    #     type = types.lazyAttrsOf (types.lazyAttrsOf types.package);
-    #     default = lib.mapAttrs (
-    #       _system: config':
-    #       lib.genAttrs allApps (
-    #         app:
-    #         import ./apps/${app}.nix {
-    #           inherit (config'.agenix-rekey) nodes pkgs;
-    #           agePackage = _: config'.agenix-rekey.agePackage;
-    #           userFlake = self;
-    #         }
-    #       )
-    #     ) config.allSystems;
-    #     defaultText = "Automatically filled by agenix-rekey";
-    #     readOnly = true;
-    #     description = ''
-    #       The agenix-rekey apps specific to your flake. Used by the `agenix` wrapper script,
-    #       and can be run manually using `nix run .#agenix-rekey.$system.<app>`.
-    #     '';
-    #   };
-    # };
+    flake = flake-parts-lib.mkSubmoduleOptions {
+      vaultix = mkOption {
+        type = types.lazyAttrsOf (types.lazyAttrsOf types.package);
+        default = lib.mapAttrs (
+          system: config':
+          lib.genAttrs
+            [
+              "renc"
+              # "edit"
+            ]
+            (
+              app:
+              import ./apps/${app}.nix {
+                inherit (config'.vaultix) nodes pkgs;
+                userFlake' = self;
+                inherit system;
+              }
+            )
+        ) config.allSystems;
+        readOnly = true;
+        description = '''';
+      };
+    };
 
     perSystem = flake-parts-lib.mkPerSystemOption (
       {
@@ -57,20 +54,19 @@ in
             default = self.nixosConfigurations;
             defaultText = lib.literalExpression "self.nixosConfigurations";
           };
-          # package = mkOption {
-          #   type = types.package;
-          #   default = config.agenix-rekey.pkgs.callPackage ./nix/package.nix {
-          #     inherit allApps;
-          #   };
-          #   defaultText = "<agenix script derivation from agenix-rekey>";
-          #   readOnly = true;
-          #   description = ''
-          #     The agenix-rekey wrapper script `agenix`.
-          #     We recommend adding this to your devshell so you can execute it easily.
-          #     By using the package provided here, you can skip adding the overlay to your pkgs.
-          #     Alternatively you can also pass it to your flake outputs (apps or packages).
-          #   '';
-          # };
+          pkgs = mkOption {
+            type = types.unspecified;
+            description = "The package set to use when defining agenix-rekey scripts.";
+            default = pkgs;
+            defaultText = lib.literalExpression "pkgs # (module argument)";
+          };
+          package = mkOption {
+            type = types.package;
+            default = config.vaultix.pkgs.callPackage self.packages.${pkgs.system}.default;
+            # defaultText = "<agenix script derivation from agenix-rekey>";
+            readOnly = true;
+            description = '''';
+          };
         };
       }
     );

diff --git a/flake.nix b/flake.nix
@@ -16,7 +16,7 @@
   };
 
   outputs =
-    inputs@{ flake-parts, ... }:
+    inputs@{ flake-parts, self, ... }:
     flake-parts.lib.mkFlake { inherit inputs; } {
       imports = with inputs; [
         pre-commit-hooks.flakeModule
@@ -46,6 +46,14 @@
             ];
           };
 
+          vaultix = {
+            nodes = self.nixosConfigurations;
+          };
+          apps.default = {
+            type = "app";
+            program = pkgs.lib.getExe self'.packages.default;
+          };
+
           packages.default =
             let
               toolchain = pkgs.rust-bin.nightly.latest.minimal;
@@ -60,7 +68,10 @@
                 buildPackage
                 ;
             in
-            (buildPackage { src = ./.; });
+            (buildPackage {
+              src = ./.;
+              meta.mainProgram = "vaultix";
+            });
 
           formatter = pkgs.nixfmt-rfc-style;
 
@@ -80,12 +91,14 @@
               nixfmt-rfc-style.enable = true;
             };
           };
+
         };
       flake = {
         overlays.default = final: prev: {
           vaultix = inputs.self.packages.${prev.system}.default;
         };
         nixosModules.default = ./module;
+
       };
     };
 }