Services, refactor, clean up, service to automatic

Move service to automatic since it has a separate purpose. Refactor the default.nix code to include service.nix files so it is easier to extend code.
2024-11-28 23:48:40 -08:00 · 2024-11-28 23:48:40 -08:00 · 525f68172b
commit 525f68172b
parent dfb064e92b
14 changed files with 29 additions and 52 deletions
--- a/nixosModules/services/sops-nix/service.nix
+++ b/nixosModules/services/sops-nix/service.nix
@ -0,0 +1,35 @@
+{ inputs, config, pkgs, lib, ... }:
+
+{
+  options.sops-nix = let
+    externalPath = lib.mkOptionType {
+      name = "externalPath";
+      check = x: !lib.path.hasStorePathPrefix (/. + x);
+      merge = lib.mergeEqualOption;
+    };
+  in {
+    enable = lib.mkEnableOption "Enables nix-sops for secret management";
+    keyFile = lib.mkOption {
+      description = "A key file to unlock your secrets file";
+      type = lib.types.nullOr externalPath;
+    };
+    sopsFile = lib.mkOption {
+      description = "The path to your secrets file";
+      type = lib.types.path;
+    };
+    secrets = lib.mkOption { default = {}; };
+  };
+
+  imports =  [ inputs.sops-nix.nixosModules.sops ];
+
+  config = lib.mkIf config.sops-nix.enable {
+    sops = {
+      defaultSopsFile = config.sops-nix.sopsFile;
+      age.keyFile = config.sops-nix.keyFile;
+      secrets = config.sops-nix.secrets;
+    };
+    environment.systemPackages = with pkgs; [
+      sops
+    ];
+  };
+}