diff --git a/apps/renc.nix b/apps/renc.nix new file mode 100644 index 0000000..e9bb708 --- /dev/null +++ b/apps/renc.nix @@ -0,0 +1,27 @@ +{ + nodes, + userFlake', + pkgs, + system, + ... +}: +let + inherit (pkgs) writeShellScriptBin; + inherit (pkgs.lib) concatStringsSep traceVal; + inherit (builtins) attrValues; + + vaultixs = map (n: n.config.vaultix) (attrValues nodes); + bin = pkgs.lib.getExe userFlake'.packages.${system}.default; + +in +writeShellScriptBin "renc" ( + concatStringsSep "\n" ( + map ( + n: + let + a = (pkgs.formats.toml { }).generate "secretsMetadata" n; + in + "${bin} ${a} renc" + ) vaultixs + ) +) diff --git a/flake-module.nix b/flake-module.nix index 987afad..a0b6816 100644 --- a/flake-module.nix +++ b/flake-module.nix @@ -12,35 +12,32 @@ let types ; - allApps = [ - "edit" - "renc" - ]; in { options = { - # flake = flake-parts-lib.mkSubmoduleOptions { - # agenix-rekey = mkOption { - # type = types.lazyAttrsOf (types.lazyAttrsOf types.package); - # default = lib.mapAttrs ( - # _system: config': - # lib.genAttrs allApps ( - # app: - # import ./apps/${app}.nix { - # inherit (config'.agenix-rekey) nodes pkgs; - # agePackage = _: config'.agenix-rekey.agePackage; - # userFlake = self; - # } - # ) - # ) config.allSystems; - # defaultText = "Automatically filled by agenix-rekey"; - # readOnly = true; - # description = '' - # The agenix-rekey apps specific to your flake. Used by the `agenix` wrapper script, - # and can be run manually using `nix run .#agenix-rekey.$system.`. - # ''; - # }; - # }; + flake = flake-parts-lib.mkSubmoduleOptions { + vaultix = mkOption { + type = types.lazyAttrsOf (types.lazyAttrsOf types.package); + default = lib.mapAttrs ( + system: config': + lib.genAttrs + [ + "renc" + # "edit" + ] + ( + app: + import ./apps/${app}.nix { + inherit (config'.vaultix) nodes pkgs; + userFlake' = self; + inherit system; + } + ) + ) config.allSystems; + readOnly = true; + description = ''''; + }; + }; perSystem = flake-parts-lib.mkPerSystemOption ( { @@ -57,20 +54,19 @@ in default = self.nixosConfigurations; defaultText = lib.literalExpression "self.nixosConfigurations"; }; - # package = mkOption { - # type = types.package; - # default = config.agenix-rekey.pkgs.callPackage ./nix/package.nix { - # inherit allApps; - # }; - # defaultText = ""; - # readOnly = true; - # description = '' - # The agenix-rekey wrapper script `agenix`. - # We recommend adding this to your devshell so you can execute it easily. - # By using the package provided here, you can skip adding the overlay to your pkgs. - # Alternatively you can also pass it to your flake outputs (apps or packages). - # ''; - # }; + pkgs = mkOption { + type = types.unspecified; + description = "The package set to use when defining agenix-rekey scripts."; + default = pkgs; + defaultText = lib.literalExpression "pkgs # (module argument)"; + }; + package = mkOption { + type = types.package; + default = config.vaultix.pkgs.callPackage self.packages.${pkgs.system}.default; + # defaultText = ""; + readOnly = true; + description = ''''; + }; }; } ); diff --git a/flake.nix b/flake.nix index ff19274..7c844c6 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,7 @@ }; outputs = - inputs@{ flake-parts, ... }: + inputs@{ flake-parts, self, ... }: flake-parts.lib.mkFlake { inherit inputs; } { imports = with inputs; [ pre-commit-hooks.flakeModule @@ -46,6 +46,14 @@ ]; }; + vaultix = { + nodes = self.nixosConfigurations; + }; + apps.default = { + type = "app"; + program = pkgs.lib.getExe self'.packages.default; + }; + packages.default = let toolchain = pkgs.rust-bin.nightly.latest.minimal; @@ -60,7 +68,10 @@ buildPackage ; in - (buildPackage { src = ./.; }); + (buildPackage { + src = ./.; + meta.mainProgram = "vaultix"; + }); formatter = pkgs.nixfmt-rfc-style; @@ -80,12 +91,14 @@ nixfmt-rfc-style.enable = true; }; }; + }; flake = { overlays.default = final: prev: { vaultix = inputs.self.packages.${prev.system}.default; }; nixosModules.default = ./module; + }; }; }