Commit 1f1ba4164306

Vincent Demeester <vincent@sbr.pm>
2020-06-01 18:54:49
systems/hokkaido: better secret management…
… no more need to detect if "in CI". Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent e29499a
Changed files (2)
modules
profiles
mail.nixos.nix
systems
hokkaido.nix
modules/profiles/mail.nixos.nix
@@ -3,6 +3,8 @@
 with lib;
 let
   cfg = config.profiles.mail;
+  secretPath = ../../secrets/machines.nix;
+  secretCondition = (builtins.pathExists secretPath);
 in
 {
   options = {
@@ -14,7 +16,7 @@ in
       };
     };
   };
-  config = mkIf cfg.enable {
+  config = mkIf (cfg.enable && secretCondition) {
     environment.etc."msmtprc".source = ../../assets/msmtprc;
     environment.systemPackages = with pkgs; [ msmtp ];
   };
systems/hokkaido.nix
@@ -1,8 +1,5 @@
 { lib, pkgs, ... }:
-let
-  inCi = builtins.pathExists /home/build;
-  enableHome = !inCi;
-in
+
 {
   imports = [
     # hardware
@@ -38,7 +35,6 @@ in
     ssh.enable = true;
     dev.enable = true;
     users.enable = false;
-    mail.enable = enableHome;
     yubikey.enable = true;
   };