default = "/var/secrets";
description = "Location where to put the keys";
};
+ # Read-only variables
+ fullPaths = lib.mkOption {
+ type = lib.types.attrsOf lib.types.path;
+ default = builtins.listToAttrs
+ (map (v: { name = v.dest; value = "${config.secrets.location}/${v.dest}"; }) config.secrets.keys);
+ readOnly = true;
+ description = "set of full paths to secrets";
+ };
};
+
config = let
location = config.secrets.location;
keys = config.secrets.keys;