From 2be08e3c528546de8e4a17d360153c2f59b07183 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 23 Dec 2021 23:42:59 +0100
Subject: systemd module: use LoadCredentials from config.systemd.services

---
 krebs/3modules/systemd.nix | 64 ++++++++++++++++------------------------------
 1 file changed, 22 insertions(+), 42 deletions(-)

(limited to 'krebs/3modules/systemd.nix')

diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix
index 6b0fe967..0ce44391 100644
--- a/krebs/3modules/systemd.nix
+++ b/krebs/3modules/systemd.nix
@@ -18,50 +18,30 @@
             null
           ];
         };
-        serviceConfig.LoadCredential = lib.mkOption {
-          apply = lib.toList;
-          type =
-            lib.types.either lib.types.str (lib.types.listOf lib.types.str);
-        };
       };
     });
   };
 
-  body.config.systemd =
-    lib.mkMerge
-      (lib.flatten
-        (lib.mapAttrsToList (serviceName: cfg: let
-          paths =
-            lib.filter
-              lib.types.absolute-pathname.check
-              (map
-                (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ])
-                cfg.serviceConfig.LoadCredential);
-        in
-          lib.singleton {
-            services.${serviceName} = {
-              serviceConfig = {
-                LoadCredential = cfg.serviceConfig.LoadCredential;
-              };
-            };
-          }
-          ++
-          lib.optionals (cfg.ifCredentialsChange != null) (map (path: let
-            triggerName = "trigger-${lib.systemd.encodeName path}";
-          in {
-            paths.${triggerName} = {
-              wantedBy = ["multi-user.target"];
-              pathConfig.PathChanged = path;
-            };
-            services.${triggerName} = {
-              serviceConfig = {
-                Type = "oneshot";
-                ExecStart = lib.singleton (toString [
-                  "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange}"
-                  (lib.shell.escape serviceName)
-                ]);
-              };
-            };
-          }) paths)
-        ) config.krebs.systemd.services));
+  body.config = {
+    systemd.paths = lib.mapAttrs' (serviceName: _:
+      lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
+        wantedBy = [ "multi-user.target" ];
+        pathConfig.PathChanged =
+          lib.filter
+            lib.types.absolute-pathname.check
+            (map
+              (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ])
+              config.systemd.services.${serviceName}.serviceConfig.LoadCredential);
+      }
+    ) config.krebs.systemd.services;
+
+    systemd.services = lib.mapAttrs' (serviceName: cfg:
+      lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
+        serviceConfig = {
+          Type = "oneshot";
+          ExecStart = "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange} ${lib.shell.escape serviceName}";
+        };
+      }
+    ) config.krebs.systemd.services;
+  };
 }
-- 
cgit v1.2.3