torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

homelab: add deploy.enable option with assertion
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m6s
Details
Run nix flake check / flake-check (pull_request) Successful in 2m7s
Details

Browse Source 
- Add homelab.deploy.enable option (requires vault.enable)
- Create shared homelab-deploy Vault policy for all hosts
- Enable homelab.deploy on all vault-enabled hosts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Torjus Håkestad
2026-02-07 06:47:12 +01:00
parent 7933127d77
commit c214f8543c
12 changed files with 41 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
system/homelab-deploy.nix
View File

@@ -1,11 +1,10 @@
{ config, lib, ... }:
let
cfg = config.vault;
hostCfg = config.homelab.host;
in
{
config = lib.mkIf cfg.enable {
config = lib.mkIf config.homelab.deploy.enable {
# Fetch listener NKey from Vault
vault.secrets.homelab-deploy-nkey = {
secretPath = "shared/homelab-deploy/listener-nkey";