From 3f6fa0eeca368e510f0f295b7ca18365efe2b158 Mon Sep 17 00:00:00 2001
From: lassulus <git@lassul.us>
Date: Wed, 6 Sep 2023 16:08:36 +0200
Subject: [PATCH] clanCore secrets: add secretStore option

---
 nixosModules/clanCore/secrets/default.nix | 7 +++++++
 nixosModules/clanCore/secrets/sops.nix    | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/nixosModules/clanCore/secrets/default.nix b/nixosModules/clanCore/secrets/default.nix
index 48fef29..fa961dd 100644
--- a/nixosModules/clanCore/secrets/default.nix
+++ b/nixosModules/clanCore/secrets/default.nix
@@ -1,5 +1,12 @@
 { config, lib, ... }:
 {
+  options.clanCore.secretStore = lib.mkOption {
+    type = lib.types.enum [ "sops" "password-store" "custom" ];
+    default = "sops";
+    description = ''
+      method to store secrets
+    '';
+  };
   options.clanCore.secrets = lib.mkOption {
     type = lib.types.attrsOf
       (lib.types.submodule (secret: {
diff --git a/nixosModules/clanCore/secrets/sops.nix b/nixosModules/clanCore/secrets/sops.nix
index ab97722..2371489 100644
--- a/nixosModules/clanCore/secrets/sops.nix
+++ b/nixosModules/clanCore/secrets/sops.nix
@@ -21,7 +21,7 @@ let
   secrets = filterDir containsMachineOrGroups secretsDir;
 in
 {
-  config = {
+  config = lib.mkIf (config.clanCore.secretStore == "sops") {
     system.clan.generateSecrets = pkgs.writeScript "generate-secrets" ''
       #!/bin/sh
       set -efu