nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-11-08 19:46:05 +01:00
Code Activity
home-manager/modules/programs/awscli.nix
Austin Horstman cba2f9ce95 treewide: reformat nixfmt-rfc-style 
Reformat repository using new nixfmt-rfc-style.
2025-04-08 08:50:05 -07:00

72 lines
2 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.awscli;
iniFormat = pkgs.formats.ini { };
in
{
meta.maintainers = [ lib.maintainers.anthonyroussel ];
options.programs.awscli = {
enable = lib.mkEnableOption "AWS CLI tool";
package = lib.mkPackageOption pkgs "aws" {
default = "awscli2";
nullable = true;
};
settings = lib.mkOption {
type = lib.types.submodule { freeformType = iniFormat.type; };
default = { };
example = lib.literalExpression ''
{
"default" = {
region = "eu-west-3";
output = "json";
};
};
'';
description = "Configuration written to {file}`$HOME/.aws/config`.";
};
credentials = lib.mkOption {
type = lib.types.submodule { freeformType = iniFormat.type; };
default = { };
example = lib.literalExpression ''
{
"default" = {
"credential_process" = "${pkgs.pass}/bin/pass show aws";
};
};
'';
description = ''
Configuration written to {file}`$HOME/.aws/credentials`.
For security reasons, never store cleartext passwords here.
We recommend that you use `credential_process` option to retrieve
the IAM credentials from your favorite password manager during runtime,
or use AWS IAM Identity Center to get short-term credentials.
See <https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-authentication.html>.
'';
};
};
config = lib.mkIf cfg.enable {
home.packages = lib.mkIf (cfg.package != null) [ cfg.package ];
home.file."${config.home.homeDirectory}/.aws/config" = lib.mkIf (cfg.settings != { }) {
source = iniFormat.generate "aws-config-${config.home.username}" cfg.settings;
};
home.file."${config.home.homeDirectory}/.aws/credentials" = lib.mkIf (cfg.credentials != { }) {
source = iniFormat.generate "aws-credentials-${config.home.username}" cfg.credentials;
};
};
}
View git blame Copy permalink