From 8db8e666707a0e51af9353c76c5863e1a5482ed5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Thu, 25 Apr 2019 09:26:26 +0200
Subject: Move tools to new secrets location

---
 nixops/modules/secrets/default.nix | 13 -------------
 1 file changed, 13 deletions(-)

(limited to 'nixops/modules/secrets/default.nix')

diff --git a/nixops/modules/secrets/default.nix b/nixops/modules/secrets/default.nix
index 7096e48..8500088 100644
--- a/nixops/modules/secrets/default.nix
+++ b/nixops/modules/secrets/default.nix
@@ -8,20 +8,8 @@
     };
   };
   config = let
-    oldkeys = lib.attrsets.filterAttrs (n: v: n != "secrets.tar") config.deployment.keys;
     keys = config.mySecrets.keys;
     empty = pkgs.runCommand "empty" { preferLocalBuild = true; } "mkdir -p $out && touch $out/done";
-    dumpOldKey = k: v: let
-      dest = if v.destDir == "/run/keys"
-        then k
-        else (builtins.replaceStrings ["/run/keys/"] [""] v.destDir) + "/" + k;
-      in ''
-        mkdir -p secrets/$(dirname ${dest})
-        echo -n ${lib.strings.escapeShellArg v.text} > secrets/${dest}
-        cat >> mods <<EOF
-        ${v.user or "root"} ${v.group or "root"} ${v.permissions or "0600"} secrets/${dest}
-        EOF
-        '';
     dumpKey = v: ''
         mkdir -p secrets/$(dirname ${v.dest})
         echo -n ${lib.strings.escapeShellArg v.text} > secrets/${v.dest}
@@ -32,7 +20,6 @@
     secrets = pkgs.runCommand "secrets.tar" {} ''
       touch mods
       tar --format=ustar --mtime='1970-01-01' -P --transform="s@${empty}@secrets@" -cf $out ${empty}/done
-      ${builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList dumpOldKey oldkeys)}
       ${builtins.concatStringsSep "\n" (map dumpKey keys)}
       cat mods | while read u g p k; do
       tar --format=ustar --mtime='1970-01-01' --owner="$u" --group="$g" --mode="$p" --append -f $out "$k"
-- 
cgit v1.2.3