This repository contains a Nix flake
with a single function: lib.mkPluginDirectory.
This function takes in the following parameter attribute set:
{
pkgs :: nixpkgs;
plugins :: [ plugin set (see below) ];
}
A plugin set is defined as:
{
binary :: derivation;
[ type :: "secret" | "auth" | "database"; ]
[ pname :: string; ]
[ version :: string; ]
}
mkPluginDirectory will return a derivation
with a libexec/vault-plugins directory containing all the listed plugins
as well as a bin/register-vault-plugins script
that will register all the plugins using the Vault CLI.
vault-plugin-directory.lib.mkPluginDirectory {
inherit pkgs;
plugins = [
{ binary = my-vault-secret-plugin; }
];
}