From 915c07e4c534d1ffb9b4b8d5318a08d7717f8907 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 11 Aug 2023 17:56:32 +0200
Subject: [PATCH] generate nixos options documentation

---
 default.nix |  7 ++++++-
 doc.nix     | 30 ++++++++++++++++++++++++++++++
 flake.nix   |  2 ++
 3 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 doc.nix

diff --git a/default.nix b/default.nix
index 4f42df5..40114ce 100644
--- a/default.nix
+++ b/default.nix
@@ -1,5 +1,6 @@
 { pkgs ? import <nixpkgs> {}
-, vendorHash ? "sha256-6oK/+aOQdW+Tes1zUE65RGizeB86Wgn1hl+2lVI4YbM="
+, vendorHash ? "sha256-MKvLOkEIMh2J3cUgP9pXsMARWO00r3/Splt1oLc7TCo="
+, sops-nix-flake ? null
 }: let
   sops-install-secrets = pkgs.callPackage ./pkgs/sops-install-secrets {
     inherit vendorHash;
@@ -23,6 +24,10 @@ in rec {
     inherit vendorHash;
   };
   unit-tests = pkgs.callPackage ./pkgs/unit-tests.nix {};
+
+  sops-nixos-doc = pkgs.callPackage ./doc.nix {
+    inherit sops-nix-flake;
+  };
 } // (pkgs.lib.optionalAttrs pkgs.stdenv.isLinux {
   lint = pkgs.callPackage ./pkgs/lint.nix {
     inherit sops-install-secrets;
diff --git a/doc.nix b/doc.nix
new file mode 100644
index 0000000..e33e763
--- /dev/null
+++ b/doc.nix
@@ -0,0 +1,30 @@
+{ nixosOptionsDoc, runCommand, fetchurl, pandoc, nixos, sops-nix-flake ? null }:
+
+let
+  eval = nixos [ ./modules/sops/default.nix ];
+  options = nixosOptionsDoc {
+    options = eval.options.sops;
+  };
+  rev = if sops-nix-flake != null then sops-nix-flake.rev or "master" else "master";
+  
+  md = (runCommand "options.md" { } ''
+    cat >$out <<EOF
+    # Sops-nix options
+
+    EOF
+    cat ${options.optionsCommonMark} >>$out
+    sed -i -e 's!\[/nix/store/.*/modules/sops/\(.*\).*![sops-nix](https://github.com/Mic92/sops-nix/blob/${rev}/modules/sops/\1)!' "$out"
+  '').overrideAttrs (_o: {
+    # Work around https://github.com/hercules-ci/hercules-ci-agent/issues/168
+    allowSubstitutes = true;
+  });
+  css = fetchurl {
+    url = "https://gist.githubusercontent.com/killercup/5917178/raw/40840de5352083adb2693dc742e9f75dbb18650f/pandoc.css";
+    sha256 = "sha256-SzSvxBIrylxBF6B/mOImLlZ+GvCfpWNLzGFViLyOeTk=";
+  };
+in
+runCommand "sops.html" { nativeBuildInputs = [ pandoc ]; } ''
+  mkdir $out
+  cp ${css} $out/pandoc.css
+  pandoc --css="pandoc.css" ${md} --to=html5 -s -f markdown+smart --metadata pagetitle="Sops options" -o $out/index.html
+''
diff --git a/flake.nix b/flake.nix
index b038c2d..c6dc336 100644
--- a/flake.nix
+++ b/flake.nix
@@ -35,12 +35,14 @@
     packages = forAllSystems (system:
       import ./default.nix {
         pkgs = import nixpkgs {inherit system;};
+        sops-nix-flake = self;
       });
     checks = nixpkgs.lib.genAttrs ["x86_64-linux" "aarch64-linux"]
       (system: let
         tests = self.packages.${system}.sops-install-secrets.tests;
         packages-stable = import ./default.nix {
           pkgs = import nixpkgs-stable {inherit system;};
+          sops-nix-flake = self;
         };
         tests-stable = packages-stable.sops-install-secrets.tests;
       in tests //