A layer on top of the NixOS module system to make some tasks simpler.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

keys.nix 943B

12345678910111213141516171819202122232425262728293031323334353637383940414243
  1. # Functions for working with NixOps keys.
  2. { lib, ... }:
  3. with lib;
  4. let
  5. # Where NixOps stores keys:
  6. keyDirectory = "/run/keys/";
  7. # Generate a service name:
  8. mkServiceName = path:
  9. replaceStrings ["/"] ["-"]
  10. (removePrefix keyDirectory path + "-key.service");
  11. funcs = rec {
  12. /* Test to see if a file path is a NixOps managed key.
  13. Example:
  14. isKeyFile "/run/keys/foo"
  15. => true
  16. isKeyFile "/etc/passwd"
  17. => false
  18. */
  19. isKeyFile = path:
  20. if path == null
  21. then false
  22. else hasPrefix keyDirectory path;
  23. /* Returns an array containing a systemd service name that can be
  24. used to add a 'wants' or 'after' entry for a NixOps key.
  25. Example:
  26. keyService "/run/keys/foo"
  27. => ["foo.service"]
  28. keyService "/etc/passwd"
  29. => []
  30. */
  31. keyService = path: optional (isKeyFile path) (mkServiceName path);
  32. };
  33. in funcs