made nix-secrets input comment-out-able.

2024-06-12 14:40:04 -05:00 · 2024-06-12 14:40:04 -05:00 · 6147ddb903
commit 6147ddb903
parent f27b5ac056
10 changed files with 51 additions and 27 deletions
--- a/configs/nixos/secrets.nix
+++ b/configs/nixos/secrets.nix
@ -5,17 +5,20 @@
  pkgs,
  ...
 }: let
-  secretsDirectory = builtins.toString inputs.nix-secrets;
+  secretsDirectory = builtins.toString (inputs.nix-secrets or "");
 in {
  imports = [
    inputs.sops-nix.nixosModules.sops
  ];
-  sops = {
-    validateSopsFiles = false;
-    age = {
-      sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
-      keyFile = "/var/lib/sops-nix/key.txt";
-      generateKey = true;
+  config = lib.mkIf (inputs ? nix-secrets) {
+    sops = {
+      defaultSopsFile = "${secretsDirectory}/common.yaml";
+      validateSopsFiles = false;
+      age = {
+        sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+        keyFile = "/var/lib/sops-nix/key.txt";
+        generateKey = true;
+      };
    };
  };
 }