main
zimbatm 2 years ago
parent f1df228d66
commit 974032c41a
No known key found for this signature in database
GPG Key ID: 71BAF6D40C1D63D7

@ -25,10 +25,10 @@
packages.default = pkgs.callPackage ./default.nix {};
devShells.default = pkgs.callPackage ./shell.nix {};
checks = let
nixosTests = (pkgs.callPackages ./nix/checks/nixos-test.nix {
nixosTests = pkgs.callPackages ./nix/checks/nixos-test.nix {
makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
inherit (self.nixosModules) vaultAgent systemdVaultd;
});
};
in {
treefmt = pkgs.callPackage ./nix/checks/treefmt.nix {};
inherit (nixosTests) unittests vault-agent systemd-vaultd;

@ -1,6 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
environment.systemPackages = [pkgs.vault];
services.vault = {
enable = true;

@ -1,9 +1,11 @@
{ config, lib, pkgs, ... }:
let
systemd-vaultd = pkgs.callPackage ../../default.nix {};
in
{
config,
lib,
pkgs,
...
}: let
systemd-vaultd = pkgs.callPackage ../../default.nix {};
in {
systemd.sockets.systemd-vaultd = {
description = "systemd-vaultd socket";
wantedBy = ["sockets.target"];

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
let
{
config,
lib,
pkgs,
...
}: let
cfg = config.services.vault;
settingsFormat = pkgs.formats.json {};
@ -54,8 +58,7 @@ let
};
};
};
in
{
in {
options.services.vault.agents = lib.mkOption {
default = {};
description = "Instances of vault agent";
@ -69,7 +72,8 @@ in
});
};
config = {
systemd.services = lib.mapAttrs' (name: instanceCfg: lib.nameValuePair "vault-agent-${name}" ({
systemd.services = lib.mapAttrs' (name: instanceCfg:
lib.nameValuePair "vault-agent-${name}" {
after = ["network.target"];
wantedBy = ["multi-user.target"];
# Needs getent in PATH
@ -78,6 +82,7 @@ in
Restart = "on-failure";
ExecStart = "${pkgs.vault}/bin/vault agent -config=${settingsFormat.generate "agent.json" instanceCfg.settings}";
};
})) cfg.agents;
})
cfg.agents;
};
}

Loading…
Cancel
Save