SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-22 21:19:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

lib: Add existingPath type to validate path existence at eval time

Browse source
This commit is contained in:
SebastianStork 2026-02-26 00:32:25 +01:00
parent bcf3650d2e
commit d83843e5e1
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
5 changed files with 10 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
flake-parts/lib.nix
View file

@ -15,5 +15,9 @@
name: "${name} should only be exposed on private networks; access control isn't yet configured"; name: "${name} should only be exposed on private networks; access control isn't yet configured";
relativePath = path: path |> toString |> lib.removePrefix "${self}/"; relativePath = path: path |> toString |> lib.removePrefix "${self}/";
types.existingPath = (lib.types.addCheck lib.types.path lib.pathExists) // {
description = "path that exists";
};
}; };
} }

2
modules/home/programs/ssh.nix
View file

@ -9,7 +9,7 @@
options.custom.programs.ssh = { options.custom.programs.ssh = {
enable = lib.mkEnableOption ""; enable = lib.mkEnableOption "";
publicKeyFile = lib.mkOption { publicKeyFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/keys/ssh.pub"; default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/keys/ssh.pub";
}; };
}; };

2
modules/home/sops.nix
View file

@ -22,7 +22,7 @@ in
|> lib.trim; |> lib.trim;
}; };
secretsFile = lib.mkOption { secretsFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/secrets.json"; default = "${self}/users/${config.home.username}/@${osConfig.networking.hostName}/secrets.json";
}; };
secrets = lib.mkOption { secrets = lib.mkOption {

6
modules/system/services/nebula/default.nix
View file

@ -28,15 +28,15 @@ in
}; };
caCertificateFile = lib.mkOption { caCertificateFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = ./ca.crt; default = ./ca.crt;
}; };
publicKeyFile = lib.mkOption { publicKeyFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = "${self}/hosts/${netCfg.hostName}/keys/nebula.pub"; default = "${self}/hosts/${netCfg.hostName}/keys/nebula.pub";
}; };
certificateFile = lib.mkOption { certificateFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = "${self}/hosts/${netCfg.hostName}/keys/nebula.crt"; default = "${self}/hosts/${netCfg.hostName}/keys/nebula.crt";
}; };
privateKeyFile = lib.mkOption { privateKeyFile = lib.mkOption {

2
modules/system/sops.nix
View file

@ -18,7 +18,7 @@ in
default = "${self}/hosts/${config.networking.hostName}/keys/age.pub" |> lib.readFile |> lib.trim; default = "${self}/hosts/${config.networking.hostName}/keys/age.pub" |> lib.readFile |> lib.trim;
}; };
secretsFile = lib.mkOption { secretsFile = lib.mkOption {
type = lib.types.path; type = self.lib.types.existingPath;
default = "${self}/hosts/${config.networking.hostName}/secrets.json"; default = "${self}/hosts/${config.networking.hostName}/secrets.json";
}; };
secrets = lib.mkOption { secrets = lib.mkOption {