Generic secrets for pgp keys.

2025-12-21 19:43:43 -05:00
parent c005f4faee
commit 6642cedadf
4 changed files with 133 additions and 1 deletions
--- a/nix/kubernetes/keys/scope.nix
+++ b/nix/kubernetes/keys/scope.nix
@@ -129,6 +129,23 @@ makeScope newScope (
          };
        }
    );
+    k8s-secrets-generic = (
+      builtins.mapAttrs
+        (
+          secret_name: secret_config:
+          (callPackage ./package/k8s-secret-generic/package.nix (
+            additional_vars // { inherit secret_name; } // secret_config
+          ))
+        )
+        {
+          "sops-gpg" = {
+            secret_namespace = "flux-system";
+            secret_values = {
+              "sops.asc" = (builtins.readFile "${self.pgp-keys.flux_gpg}/flux_gpg_private_key.asc");
+            };
+          };
+        }
+    );
    client-configs = (
      builtins.mapAttrs
        (