nyx/modules/flake/lib/secrets.nix

{inputs}: let
  inherit (inputs) self;

  /*
  *
  Create secrets for use with `agenix`.

  # Arguments

  - [file] the age file to use for the secret
  - [owner] the owner of the secret, this defaults to "root"
  - [group] the group of the secret, this defaults to "root"
  - [mode] the permissions of the secret, this defaults to "400"

  # Type

  ```
  mkSecret :: (String -> String -> String -> String) -> AttrSet
  ```

  # Example

  ```nix
  mkSecret { file = "./my-secret.age"; }
  => {
    file = "./my-secret.age";
    owner = "root";
    group = "root";
    mode = "400";
  }
  ```
  */
  mkSecret = {
    file,
    owner ? "root",
    group ? "root",
    mode ? "400",
    ...
  }: {
    file = "${self}/secrets/${file}.age";
    inherit owner group mode;
  };

  /*
  *
  A light wrapper around mkSecret that allows you to specify the output path

  # Arguments

  - [file] the age file to use for the secret
  - [owner] the owner of the secret, this defaults to "root"
  - [group] the group of the secret, this defaults to "root"
  - [mode] the permissions of the secret, this defaults to "400"
  - [path] the path to output the secret to

  # Type

  ```
  mkSecretWithPath :: (String -> String -> String -> String -> String) -> AttrSet
  ```

  # Example

  ```nix
  mkSecret { file = "./my-secret.age"; path = "/etc/my-secret"; }
  => {
    file = "./my-secret.age";
    path = "/etc/my-secret";
    owner = "root";
    group = "root";
    mode = "400";
  }
  ```
  */
  mkSecretWithPath = {
    file,
    path,
    owner ? "root",
    group ? "root",
    mode ? "400",
    ...
  }:
    mkSecret {
      inherit
        file
        owner
        group
        mode
        ;
    }
    // {
      inherit path;
    };
in {
  inherit mkSecret mkSecretWithPath;
}
Style: formatting 2025-01-27 14:03:42 +02:00			`{inputs}: let`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00			`inherit (inputs) self;`

Style: formatting 2025-01-27 14:03:42 +02:00			`/*`
			`*`
			Create secrets for use with `agenix`.
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Arguments`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`- [file] the age file to use for the secret`
			`- [owner] the owner of the secret, this defaults to "root"`
			`- [group] the group of the secret, this defaults to "root"`
			`- [mode] the permissions of the secret, this defaults to "400"`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Type`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			```
			`mkSecret :: (String -> String -> String -> String) -> AttrSet`
			```
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Example`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			```nix
			`mkSecret { file = "./my-secret.age"; }`
			`=> {`
			`file = "./my-secret.age";`
			`owner = "root";`
			`group = "root";`
			`mode = "400";`
			`}`
			```
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00			`*/`
Style: formatting 2025-01-27 14:03:42 +02:00			`mkSecret = {`
			`file,`
			`owner ? "root",`
			`group ? "root",`
			`mode ? "400",`
			`...`
			`}: {`
			`file = "${self}/secrets/${file}.age";`
			`inherit owner group mode;`
			`};`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`/*`
			`*`
			`A light wrapper around mkSecret that allows you to specify the output path`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Arguments`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`- [file] the age file to use for the secret`
			`- [owner] the owner of the secret, this defaults to "root"`
			`- [group] the group of the secret, this defaults to "root"`
			`- [mode] the permissions of the secret, this defaults to "400"`
			`- [path] the path to output the secret to`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Type`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			```
			`mkSecretWithPath :: (String -> String -> String -> String -> String) -> AttrSet`
			```
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			`# Example`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00
Style: formatting 2025-01-27 14:03:42 +02:00			```nix
			`mkSecret { file = "./my-secret.age"; path = "/etc/my-secret"; }`
			`=> {`
			`file = "./my-secret.age";`
			`path = "/etc/my-secret";`
			`owner = "root";`
			`group = "root";`
			`mode = "400";`
			`}`
			```
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00			`*/`
Style: formatting 2025-01-27 14:03:42 +02:00			`mkSecretWithPath = {`
			`file,`
			`path,`
			`owner ? "root",`
			`group ? "root",`
			`mode ? "400",`
			`...`
			`}:`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00			`mkSecret {`
			`inherit`
			`file`
			`owner`
			`group`
			`mode`
			`;`
			`}`
			`// {`
			`inherit path;`
			`};`
Style: formatting 2025-01-27 14:03:42 +02:00			`in {`
a lot of shit also baibai home manager, hello hjem 2025-01-26 20:11:01 +02:00			`inherit mkSecret mkSecretWithPath;`
			`}`