mirrors/sops-nix
mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2025-03-05 08:07:16 +00:00
Code Activity

Merge pull request #73 from Mic92/cross

Browse source 
fix cross compilation
This commit is contained in:
Jörg Thalheim 2021-02-01 08:08:35 +00:00 committed by GitHub
commit 31511bf445
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/sops/default.nix
View file

@ -5,7 +5,6 @@ with lib;
let
cfg = config.sops;
users = config.users.users;
sops-install-secrets = (pkgs.callPackage ../.. {}).sops-install-secrets;
secretType = types.submodule ({ config, ... }: {
options = {
name = mkOption {
@ -81,7 +80,9 @@ let
inherit (cfg) gnupgHome sshKeyPaths;
});
checkedManifest = pkgs.runCommandNoCC "checked-manifest.json" {
checkedManifest = let
sops-install-secrets = (pkgs.buildPackages.callPackage ../.. {}).sops-install-secrets;
in pkgs.runCommandNoCC "checked-manifest.json" {
nativeBuildInputs = [ sops-install-secrets ];
} ''
sops-install-secrets -check-mode=${if cfg.validateSopsFiles then "sopsfile" else "manifest"} ${manifest}
@ -155,7 +156,9 @@ in {
message = "${sopsFile} is not in the nix store. Either add it to the nix store or set `sops.validateSopsFiles` to false";
}) (builtins.attrNames cfg.secrets);
system.activationScripts.setup-secrets = stringAfter [ "users" "groups" ] ''
system.activationScripts.setup-secrets = let
sops-install-secrets = (pkgs.callPackage ../.. {}).sops-install-secrets;
in stringAfter [ "users" "groups" ] ''
echo setting up secrets...
${optionalString (cfg.gnupgHome != null) "SOPS_GPG_EXEC=${pkgs.gnupg}/bin/gpg"} ${sops-install-secrets}/bin/sops-install-secrets ${checkedManifest}
'';