52 lines
1.1 KiB
Nix
52 lines
1.1 KiB
Nix
|
{ lib, name, ... }:
|
||
|
|
|
||
|
|
let
|
||
|
|
serviceName = name;
|
||
|
|
in
|
||
|
|
|
||
|
|
{
|
||
|
|
options.secrets = lib.mkOption {
|
||
|
|
type = lib.types.lazyAttrsOf (lib.types.submodule ({ config, name, ... }: {
|
||
|
|
options = {
|
||
|
|
shared = lib.mkOption {
|
||
|
|
type = lib.types.bool;
|
||
|
|
default = true;
|
||
|
|
description = "Whether this secret should be the same on all nodes.";
|
||
|
|
};
|
||
|
|
|
||
|
|
nodes = lib.mkOption {
|
||
|
|
type = with lib.types; listOf str;
|
||
|
|
default = [ ];
|
||
|
|
};
|
||
|
|
|
||
|
|
generate = lib.mkOption {
|
||
|
|
type = with lib.types; nullOr (functionTo str);
|
||
|
|
description = "Command used to generate this secret.";
|
||
|
|
default = null;
|
||
|
|
};
|
||
|
|
|
||
|
|
path = lib.mkOption {
|
||
|
|
type = lib.types.path;
|
||
|
|
default = "/run/agenix/cluster-${serviceName}-${name}";
|
||
|
|
};
|
||
|
|
|
||
|
|
mode = lib.mkOption {
|
||
|
|
type = lib.types.str;
|
||
|
|
default = "0400";
|
||
|
|
};
|
||
|
|
|
||
|
|
owner = lib.mkOption {
|
||
|
|
type = lib.types.str;
|
||
|
|
default = "root";
|
||
|
|
};
|
||
|
|
|
||
|
|
group = lib.mkOption {
|
||
|
|
type = lib.types.str;
|
||
|
|
default = "root";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
}));
|
||
|
|
default = {};
|
||
|
|
};
|
||
|
|
}
|