56 lines
1.6 KiB
Nix
56 lines
1.6 KiB
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.khscodes.vault;
|
|
in
|
|
{
|
|
options.khscodes.vault = {
|
|
output = {
|
|
approle_auth_backend_role = lib.mkOption {
|
|
type = lib.types.attrsOf (
|
|
lib.khscodes.mkSubmodule {
|
|
options = {
|
|
role_name = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "The name of the role. Can be used instead of hardcoding the role, to create a dependency in OpenTofu";
|
|
};
|
|
};
|
|
description = "vault_approle_auth_backend_role output";
|
|
}
|
|
);
|
|
};
|
|
mount = lib.mkOption {
|
|
type = lib.types.attrsOf (
|
|
lib.khscodes.mkSubmodule {
|
|
options = {
|
|
path = lib.mkOption {
|
|
type = lib.types.str;
|
|
description = "The path of the mount, this is here mainly to set up dependencies";
|
|
};
|
|
};
|
|
description = "vault_mount output";
|
|
}
|
|
);
|
|
};
|
|
};
|
|
};
|
|
config = {
|
|
khscodes.vault.output.approle_auth_backend_role = lib.mapAttrs (
|
|
name: value:
|
|
let
|
|
sanitizedName = lib.khscodes.sanitize-terraform-name name;
|
|
in
|
|
{
|
|
role_name = "\${ vault_approle_auth_backend_role.${sanitizedName}.role_name }";
|
|
}
|
|
) cfg.approle_auth_backend_role;
|
|
khscodes.vault.output.mount = lib.mapAttrs (
|
|
name: value:
|
|
let
|
|
sanitizedName = lib.khscodes.sanitize-terraform-name name;
|
|
in
|
|
{
|
|
path = "\${ vault_mount.${sanitizedName}.path }";
|
|
}
|
|
) cfg.mount;
|
|
};
|
|
}
|