From 4887e06117d49b607688e4e4cde5df9ff0c2ed5e Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Sat, 28 Feb 2026 00:13:51 +0100 Subject: [PATCH] sops: Rename `secrets` option to `secretsData` --- modules/home/programs/git.nix | 4 ++-- modules/home/sops.nix | 6 +++--- modules/nixos/networking/underlay.nix | 2 +- modules/nixos/services/syncthing.nix | 2 +- modules/nixos/sops.nix | 6 +++--- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/modules/home/programs/git.nix b/modules/home/programs/git.nix index a2488f7..671075b 100644 --- a/modules/home/programs/git.nix +++ b/modules/home/programs/git.nix @@ -4,7 +4,7 @@ config = lib.mkIf config.custom.programs.git.enable { sops.secrets = - config.custom.sops.secrets.ssh-key + config.custom.sops.secretsData.ssh-key |> lib.mapAttrs' ( name: _: lib.nameValuePair "ssh-key/${name}" { path = "${config.home.homeDirectory}/.ssh/${name}"; } ); @@ -42,7 +42,7 @@ lazygit.enable = true; ssh.matchBlocks = - config.custom.sops.secrets.ssh-key + config.custom.sops.secretsData.ssh-key |> lib.mapAttrs (name: _: { identityFile = config.sops.secrets."ssh-key/${name}".path; }); }; }; diff --git a/modules/home/sops.nix b/modules/home/sops.nix index 16b6ff9..ff3cf3b 100644 --- a/modules/home/sops.nix +++ b/modules/home/sops.nix @@ -25,7 +25,7 @@ in type = self.lib.types.existingPath; default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/secrets.json"; }; - secrets = lib.mkOption { + secretsData = lib.mkOption { type = lib.types.anything; default = cfg.secretsFile |> lib.readFile |> lib.strings.fromJSON; }; @@ -42,12 +42,12 @@ in config.sops.secrets |> lib.attrNames |> lib.map (secretPath: { - assertion = cfg.secrets |> lib.hasAttrByPath (secretPath |> lib.splitString "/"); + assertion = cfg.secretsData |> lib.hasAttrByPath (secretPath |> lib.splitString "/"); message = "Sops secret `${secretPath}` is used in a module but not defined in secrets.json"; }) ) ++ ( - lib.removeAttrs cfg.secrets [ "sops" ] + lib.removeAttrs cfg.secretsData [ "sops" ] |> lib.mapAttrsToListRecursive (path: _: path |> lib.concatStringsSep "/") |> lib.map (secretPath: { assertion = config.sops.secrets |> lib.hasAttr secretPath; diff --git a/modules/nixos/networking/underlay.nix b/modules/nixos/networking/underlay.nix index 125cc75..20f9efa 100644 --- a/modules/nixos/networking/underlay.nix +++ b/modules/nixos/networking/underlay.nix @@ -33,7 +33,7 @@ in enable = lib.mkEnableOption ""; networks = lib.mkOption { type = lib.types.listOf lib.types.nonEmptyStr; - default = config.custom.sops.secrets.iwd |> lib.attrNames; + default = config.custom.sops.secretsData.iwd |> lib.attrNames; }; }; }; diff --git a/modules/nixos/services/syncthing.nix b/modules/nixos/services/syncthing.nix index 44bd538..73fe5f7 100644 --- a/modules/nixos/services/syncthing.nix +++ b/modules/nixos/services/syncthing.nix @@ -11,7 +11,7 @@ let inherit (config.services.syncthing) dataDir; - useSopsSecrets = config.custom.sops.secrets |> lib.hasAttr "syncthing"; + useSopsSecrets = config.custom.sops.secretsData |> lib.hasAttr "syncthing"; in { options.custom.services.syncthing = { diff --git a/modules/nixos/sops.nix b/modules/nixos/sops.nix index 6ade5bc..1dd2c27 100644 --- a/modules/nixos/sops.nix +++ b/modules/nixos/sops.nix @@ -21,7 +21,7 @@ in type = self.lib.types.existingPath; default = "${self}/hosts/${config.networking.hostName}/secrets.json"; }; - secrets = lib.mkOption { + secretsData = lib.mkOption { type = lib.types.anything; default = cfg.secretsFile |> lib.readFile |> lib.strings.fromJSON; }; @@ -40,12 +40,12 @@ in config.sops.secrets |> lib.attrNames |> lib.map (secretPath: { - assertion = cfg.secrets |> lib.hasAttrByPath (secretPath |> lib.splitString "/"); + assertion = cfg.secretsData |> lib.hasAttrByPath (secretPath |> lib.splitString "/"); message = "Sops secret `${secretPath}` is used in a module but not defined in secrets.json"; }) ) ++ ( - lib.removeAttrs cfg.secrets [ "sops" ] + lib.removeAttrs cfg.secretsData [ "sops" ] |> lib.mapAttrsToListRecursive (path: _: path |> lib.concatStringsSep "/") |> lib.map (secretPath: { assertion = config.sops.secrets |> lib.hasAttr secretPath;