Skip to content

lib.secrets

lib.secrets:

`lib.secrets.mkSecret`

Helper to define secrets for use with sops-nix.

Arguments

[file] Name of the YAML file containing the secret
[owner] File owner (default: “root”)
[group] File group (default: null)
[mode] File permissions (default: “400”)

Type

mkSecret :: (String -> String -> String -> String) -> AttrSet

Example

mkSecret { file = "meow"; }
=> {
  file = "${self}/secrets/services/meow.yaml";
  owner = "root";
  group = "root";
  mode = "400";
}