pkg/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2026-05-13 16:38:45 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Support userborn

Browse source
This commit is contained in:
r-vdp 2024-08-31 18:59:45 +02:00 committed by mergify[bot]
parent 5db5921e40
commit d9d781523a
4 changed files with 39 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/sops/secrets-for-users/default.nix
View file

@ -14,9 +14,11 @@ let
symlinkPath = "/run/secrets-for-users";
};
sysusersEnabled = options.systemd ? sysusers && config.systemd.sysusers.enable;
useSystemdActivation = sysusersEnabled ||
(options.services ? userborn && config.services.userborn.enable);
in
{
systemd.services.sops-install-secrets-for-users = lib.mkIf (secretsForUsers != { } && sysusersEnabled) {
systemd.services.sops-install-secrets-for-users = lib.mkIf (secretsForUsers != { } && useSystemdActivation) {
wantedBy = [ "systemd-sysusers.service" ];
before = [ "systemd-sysusers.service" ];
environment = cfg.environment;
@ -29,7 +31,7 @@ in
};
};
system.activationScripts = lib.mkIf (secretsForUsers != { } && !sysusersEnabled) {
system.activationScripts = lib.mkIf (secretsForUsers != { } && !useSystemdActivation) {
setupSecretsForUsers = lib.stringAfter ([ "specialfs" ] ++ lib.optional cfg.age.generateKey "generate-age-key") ''
[ -e /run/current-system ] || echo setting up secrets for users...
${withEnvironment "${cfg.package}/bin/sops-install-secrets -ignore-passwd ${manifestForUsers}"}