awscli: add module
This commit is contained in:
parent
4f02e35f9d
commit
f1b7775d23
|
@ -1237,6 +1237,13 @@ in
|
||||||
A new module is available: 'programs.bacon'.
|
A new module is available: 'programs.bacon'.
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
time = "2023-09-30T07:47:23+00:00";
|
||||||
|
message = ''
|
||||||
|
A new module is available: 'programs.awscli'.
|
||||||
|
'';
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -57,6 +57,7 @@ let
|
||||||
./programs/atuin.nix
|
./programs/atuin.nix
|
||||||
./programs/autojump.nix
|
./programs/autojump.nix
|
||||||
./programs/autorandr.nix
|
./programs/autorandr.nix
|
||||||
|
./programs/awscli.nix
|
||||||
./programs/bash.nix
|
./programs/bash.nix
|
||||||
./programs/bashmount.nix
|
./programs/bashmount.nix
|
||||||
./programs/bat.nix
|
./programs/bat.nix
|
||||||
|
|
67
modules/programs/awscli.nix
Normal file
67
modules/programs/awscli.nix
Normal file
|
@ -0,0 +1,67 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.programs.awscli;
|
||||||
|
iniFormat = pkgs.formats.ini { };
|
||||||
|
|
||||||
|
in {
|
||||||
|
meta.maintainers = [ lib.maintainers.anthonyroussel ];
|
||||||
|
|
||||||
|
options.programs.awscli = {
|
||||||
|
enable = lib.mkEnableOption "AWS CLI tool";
|
||||||
|
|
||||||
|
package = lib.mkOption {
|
||||||
|
type = lib.types.package;
|
||||||
|
default = pkgs.awscli2;
|
||||||
|
defaultText = lib.literalExpression "pkgs.awscli2";
|
||||||
|
description = "Package providing {command}`aws`.";
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = lib.mkOption {
|
||||||
|
type = lib.types.submodule { freeformType = iniFormat.type; };
|
||||||
|
default = { };
|
||||||
|
example = lib.literalExpression ''
|
||||||
|
{
|
||||||
|
"default" = {
|
||||||
|
region = "eu-west-3";
|
||||||
|
output = "json";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
'';
|
||||||
|
description = "Configuration written to {file}`$HOME/.aws/config`.";
|
||||||
|
};
|
||||||
|
|
||||||
|
credentials = lib.mkOption {
|
||||||
|
type = lib.types.submodule { freeformType = iniFormat.type; };
|
||||||
|
default = { };
|
||||||
|
example = lib.literalExpression ''
|
||||||
|
{
|
||||||
|
"default" = {
|
||||||
|
"credential_process" = "${pkgs.pass}/bin/pass show aws";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
'';
|
||||||
|
description = ''
|
||||||
|
Configuration written to {file}`$HOME/.aws/credentials`.
|
||||||
|
|
||||||
|
For security reasons, never store cleartext passwords here.
|
||||||
|
We recommend that you use `credential_process` option to retrieve
|
||||||
|
the IAM credentials from your favorite password manager during runtime,
|
||||||
|
or use AWS IAM Identity Center to get short-term credentials.
|
||||||
|
|
||||||
|
See <https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-authentication.html>.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
home.packages = [ cfg.package ];
|
||||||
|
|
||||||
|
home.file."${config.home.homeDirectory}/.aws/config".source =
|
||||||
|
iniFormat.generate "aws-config-${config.home.username}" cfg.settings;
|
||||||
|
|
||||||
|
home.file."${config.home.homeDirectory}/.aws/credentials".source =
|
||||||
|
iniFormat.generate "aws-credentials-${config.home.username}"
|
||||||
|
cfg.credentials;
|
||||||
|
};
|
||||||
|
}
|
|
@ -170,6 +170,7 @@ import nmt {
|
||||||
./modules/misc/xsession
|
./modules/misc/xsession
|
||||||
./modules/programs/abook
|
./modules/programs/abook
|
||||||
./modules/programs/autorandr
|
./modules/programs/autorandr
|
||||||
|
./modules/programs/awscli
|
||||||
./modules/programs/beets # One test relies on services.mpd
|
./modules/programs/beets # One test relies on services.mpd
|
||||||
./modules/programs/borgmatic
|
./modules/programs/borgmatic
|
||||||
./modules/programs/boxxy
|
./modules/programs/boxxy
|
||||||
|
|
3
tests/modules/programs/awscli/aws-config.conf
Normal file
3
tests/modules/programs/awscli/aws-config.conf
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
[default]
|
||||||
|
output=json
|
||||||
|
region=eu-west-3
|
2
tests/modules/programs/awscli/aws-credentials.conf
Normal file
2
tests/modules/programs/awscli/aws-credentials.conf
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
[iam]
|
||||||
|
credential_process=pass show aws
|
28
tests/modules/programs/awscli/awscli.nix
Normal file
28
tests/modules/programs/awscli/awscli.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
programs = {
|
||||||
|
awscli = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
default = {
|
||||||
|
output = "json";
|
||||||
|
region = "eu-west-3";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
credentials = { iam = { credential_process = "pass show aws"; }; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
test.stubs.awscli2 = { };
|
||||||
|
|
||||||
|
nmt.script = ''
|
||||||
|
assertFileExists home-files/.aws/config
|
||||||
|
assertFileContent home-files/.aws/config \
|
||||||
|
${./aws-config.conf}
|
||||||
|
|
||||||
|
assertFileExists home-files/.aws/credentials
|
||||||
|
assertFileContent home-files/.aws/credentials \
|
||||||
|
${./aws-credentials.conf}
|
||||||
|
'';
|
||||||
|
}
|
1
tests/modules/programs/awscli/default.nix
Normal file
1
tests/modules/programs/awscli/default.nix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
{ awscli = ./awscli.nix; }
|
Loading…
Reference in a new issue