cluster/catalog: support snakeoil secrets

This commit is contained in:
Max Headroom 2024-07-23 02:45:29 +02:00
parent 69a6e1a577
commit 989a13226c

View file

@ -46,6 +46,7 @@ in
}; };
}) // (if secretConfig.shared then let }) // (if secretConfig.shared then let
secretFile = "${svcName}-${secretName}.age"; secretFile = "${svcName}-${secretName}.age";
snakeoilFile = "${svcName}-${secretName}-snakeoil.txt";
in { in {
editSecret = { editSecret = {
description = "Edit this secret"; description = "Edit this secret";
@ -54,7 +55,14 @@ in
agenix -e '${secretFile}' agenix -e '${secretFile}'
''; '';
}; };
} else lib.mapAttrs' (name: lib.nameValuePair "editSecretInstance-${name}") (lib.genAttrs secretConfig.nodes (node: let editSnakeoil = {
description = "Edit this secret's snakeoil";
command = ''
$EDITOR "$PRJ_ROOT/cluster/secrets"/'${snakeoilFile}'
'';
};
} else lib.mkMerge [
(lib.mapAttrs' (name: lib.nameValuePair "editSecretInstance-${name}") (lib.genAttrs secretConfig.nodes (node: let
secretFile = "${svcName}-${secretName}-${node}.age"; secretFile = "${svcName}-${secretName}-${node}.age";
in { in {
description = "Edit this secret for '${node}'"; description = "Edit this secret for '${node}'";
@ -62,7 +70,16 @@ in
${setupCommands secretFile [ node ]} ${setupCommands secretFile [ node ]}
agenix -e '${secretFile}' agenix -e '${secretFile}'
''; '';
}))); })))
(lib.mapAttrs' (name: lib.nameValuePair "editSnakeoilInstance-${name}") (lib.genAttrs secretConfig.nodes (node: let
snakeoilFile = "${svcName}-${secretName}-${node}-snakeoil.txt";
in {
description = "Edit this secret's snakeoil for '${node}'";
command = ''
$EDITOR "$PRJ_ROOT/cluster/secrets"/'${snakeoilFile}'
'';
})))
]);
}; };
}) svcConfig.secrets)) }) svcConfig.secrets))
lib.concatLists lib.concatLists