From 92a34559eebb73cd71e9aa8e11565f1a8f2cb437 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 15 Dec 2017 03:29:00 +0100
Subject: [PATCH 1/3] populate: 2.0.0 -> 2.1.0
---
krebs/5pkgs/simple/populate/default.nix | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/krebs/5pkgs/simple/populate/default.nix b/krebs/5pkgs/simple/populate/default.nix
index 0880b1d38..62e3ab216 100644
--- a/krebs/5pkgs/simple/populate/default.nix
+++ b/krebs/5pkgs/simple/populate/default.nix
@@ -1,24 +1,27 @@
-{ coreutils, fetchgit, git, gnused, jq, openssh, rsync, stdenv, ... }:
+{ coreutils, fetchgit, findutils, git, gnused, jq, openssh, pass, rsync, stdenv
+}:
let
PATH = stdenv.lib.makeBinPath [
coreutils
+ findutils
git
gnused
jq
openssh
+ pass
rsync
];
in
stdenv.mkDerivation rec {
name = "populate";
- version = "2.0.0";
+ version = "2.1.0";
src = fetchgit {
url = http://cgit.ni.krebsco.de/populate;
rev = "refs/tags/v${version}";
- sha256 = "01cvrg3m2ypg59in1qlr3rd8yzpf002k6pzjls2qb68jwkyf0h2n";
+ sha256 = "0cr50y6h6nps0qgpmi01h0z9wzpv2704y5zgx2salk1grkmvcfmh";
};
phases = [
From 51a30f41cff12fcddc7b3f488fa497d19a748570 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 15 Dec 2017 03:33:43 +0100
Subject: [PATCH 2/3] types.source: add pass type
---
lib/types.nix | 22 +++++++++++++++++++++-
1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/lib/types.nix b/lib/types.nix
index c3b14d807..b85794925 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -231,7 +231,12 @@ rec {
source = submodule ({ config, ... }: {
options = {
type = let
- types = ["file" "git" "symlink"];
+ types = [
+ "file"
+ "git"
+ "pass"
+ "symlink"
+ ];
in mkOption {
type = enum types;
default = let
@@ -255,6 +260,10 @@ rec {
type = nullOr git-source;
default = null;
};
+ pass = mkOption {
+ type = nullOr pass-source;
+ default = null;
+ };
symlink = let
symlink-target = (symlink-source.getSubOptions "FIXME").target.type;
in mkOption {
@@ -287,6 +296,17 @@ rec {
};
};
+ pass-source = submodule {
+ options = {
+ dir = mkOption {
+ type = absolute-pathname;
+ };
+ name = mkOption {
+ type = pathname; # TODO relative-pathname
+ };
+ };
+ };
+
symlink-source = submodule {
options = {
target = mkOption {
From 7f10d9526c3418197e198578eb5c4d8e7eadfc2e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 15 Dec 2017 03:36:30 +0100
Subject: [PATCH 3/3] krebs secrets: use brain
---
krebs/source.nix | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/krebs/source.nix b/krebs/source.nix
index 73e216900..8fbdce284 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -7,9 +7,12 @@ host@{ name, secure ? false }: let
in
evalSource (toString _file) {
nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
- secrets.file = getAttr builder {
- buildbot = toString <stockholm/krebs/6tests/data/secrets>;
- krebs = "${getEnv "HOME"}/secrets/krebs/${host.name}";
+ secrets = getAttr builder {
+ buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
+ krebs.pass = {
+ dir = "${getEnv "HOME"}/brain";
+ name = "krebs-secrets/${name}";
+ };
};
stockholm.file = toString <stockholm>;
nixpkgs.git = {