systemd module: use LoadCredentials from config.systemd.services

author: lassulus <lassulus@lassul.us> 2021-12-23 23:42:59 +0100
committer: lassulus <lassulus@lassul.us> 2021-12-23 23:59:22 +0100
commit: 2be08e3c528546de8e4a17d360153c2f59b07183 (patch)
tree: 6d5e085629d1b75020f3d2e2ece45f2fbf68e529 /krebs/3modules/systemd.nix
parent: 29b796f5216a6743f6c0230b23048fada0d6c2ef (diff)
1 files changed, 22 insertions, 42 deletions
diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix
index 6b0fe9672..0ce44391e 100644
--- a/krebs/3modules/systemd.nix
+++ b/krebs/3modules/systemd.nix
@@ -18,50 +18,30 @@
             null
           ];
         };
-        serviceConfig.LoadCredential = lib.mkOption {
-          apply = lib.toList;
-          type =
-            lib.types.either lib.types.str (lib.types.listOf lib.types.str);
-        };
       };
     });
   };
 
-  body.config.systemd =
-    lib.mkMerge
-      (lib.flatten
-        (lib.mapAttrsToList (serviceName: cfg: let
-          paths =
-            lib.filter
-              lib.types.absolute-pathname.check
-              (map
-                (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ])
-                cfg.serviceConfig.LoadCredential);
-        in
-          lib.singleton {
-            services.${serviceName} = {
-              serviceConfig = {
-                LoadCredential = cfg.serviceConfig.LoadCredential;
-              };
-            };
-          }
-          ++
-          lib.optionals (cfg.ifCredentialsChange != null) (map (path: let
-            triggerName = "trigger-${lib.systemd.encodeName path}";
-          in {
-            paths.${triggerName} = {
-              wantedBy = ["multi-user.target"];
-              pathConfig.PathChanged = path;
-            };
-            services.${triggerName} = {
-              serviceConfig = {
-                Type = "oneshot";
-                ExecStart = lib.singleton (toString [
-                  "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange}"
-                  (lib.shell.escape serviceName)
-                ]);
-              };
-            };
-          }) paths)
-        ) config.krebs.systemd.services));
+  body.config = {
+    systemd.paths = lib.mapAttrs' (serviceName: _:
+      lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
+        wantedBy = [ "multi-user.target" ];
+        pathConfig.PathChanged =
+          lib.filter
+            lib.types.absolute-pathname.check
+            (map
+              (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ])
+              config.systemd.services.${serviceName}.serviceConfig.LoadCredential);
+      }
+    ) config.krebs.systemd.services;
+
+    systemd.services = lib.mapAttrs' (serviceName: cfg:
+      lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
+        serviceConfig = {
+          Type = "oneshot";
+          ExecStart = "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange} ${lib.shell.escape serviceName}";
+        };
+      }
+    ) config.krebs.systemd.services;
+  };
 }
author	lassulus <lassulus@lassul.us>	2021-12-23 23:42:59 +0100
committer	lassulus <lassulus@lassul.us>	2021-12-23 23:59:22 +0100
commit	2be08e3c528546de8e4a17d360153c2f59b07183 (patch)
tree	6d5e085629d1b75020f3d2e2ece45f2fbf68e529 /krebs/3modules/systemd.nix
parent	29b796f5216a6743f6c0230b23048fada0d6c2ef (diff)