mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 04:19:19 -08:00
17 lines
419 B
Nix
17 lines
419 B
Nix
{ config, meta, lib, pkgs, ... }:
|
|
|
|
{
|
|
imports = lib.optional (meta ? trusted) meta.trusted.secrets;
|
|
|
|
secrets = {
|
|
root = "/var/lib/kat/secrets";
|
|
persistentRoot = "/var/lib/kat/secrets";
|
|
external = true;
|
|
};
|
|
|
|
kw.secrets.command =
|
|
let
|
|
bitw = pkgs.writeShellScriptBin "bitw" ''${pkgs.rbw-bitw}/bin/bitw -p gpg://${config.kw.secrets.repo.bitw.source} "$@"'';
|
|
in
|
|
"${bitw}/bin/bitw get";
|
|
}
|