diff --git a/secrets b/secrets index c9f8ee0..abba5b2 100755 --- a/secrets +++ b/secrets @@ -28,10 +28,14 @@ [(group) string?] [(mode) string?])]))) -(define/contract (make-file file-config) - (-> (or/c string? file-contract) secret-file?) - (let* ([file-config (if (string? file-config) (hash 'source file-config) file-config)] - [source-path (string->path (dict-ref file-config 'source))] +(define/contract (make-file file-config source-basedir) + (-> (or/c string? file-contract) path-string? secret-file?) + (let* ([file-config (if (string? file-config) + (hash 'source file-config) + file-config)] + [source-path (simplify-path + (path->complete-path (dict-ref file-config 'source) + source-basedir))] [fs (file-size source-path)] [name (dict-ref file-config 'name (file-name-from-path source-path))] [owner (dict-ref file-config 'owner "root")] @@ -113,8 +117,9 @@ EOF (printf "~a\n" line) (read-loop input-port))))) -(define/contract (deploy-secrets config) - (-> config-contract void?) +(define/contract (deploy-secrets config + [source-basedir (current-directory)]) + (->* (config-contract) (path-string?) void?) (define (handle-stderr stderr phase-channel) (define p (current-error-port)) @@ -193,7 +198,9 @@ EOF (close-output-port stdin))]))) (let* ([basedir (dict-ref config 'basedir "/var/lib/secrets")] - [files (map make-file (dict-ref config 'files))] + [files (map + (curryr make-file source-basedir) + (dict-ref config 'files))] [host (dict-ref config 'host)]) (let-values ([(sp _ stdin stderr) (subprocess (current-output-port) #f #f @@ -216,6 +223,7 @@ EOF (void)) -(let* ([config (call-with-input-file "config.json" read-json)]) - (deploy-secrets config) +(let* ([config-file "test/config.json"] + [config (call-with-input-file config-file read-json)]) + (deploy-secrets config (path->complete-path (path-only config-file))) (displayln "Done."))