service -> services

modules/age.nix

@@ -95,11 +95,11 @@ let
         default = "";
         description = "A script to run when secret is updated.";
       };
-      service = mkOption {
+      services = mkOption {
-        type = types.str;
+        type = types.listOf types.str;
-        default = "";
+        default = [];
-        description = "The systemd service that uses this secret. Will be restarted when the secret changes.";
+        description = "The systemd services that uses this secret. Will be restarted when the secret changes.";
-        example = "wireguard-wg0";
+        example = "[ wireguard-wg0 ]";
       };
       symlink = mkEnableOption "symlinking secrets to their destination" // { default = true; };
     };
@@ -213,18 +213,15 @@ in
       ];
     };
 
-    # services that watch for file changes and exectue the configured action
     systemd.services = lib.mkMerge
       (lib.mapAttrsToList
-        (name: {action, service, file, path, mode, owner, group, ...}:
+        (name: {action, services, file, path, mode, owner, group, ...}:
           let
             fileHash = builtins.hashFile "sha256" file;
             restartTriggers = [ fileHash path mode owner group ];
           in
             lib.mkMerge [
-              (lib.mkIf (service != "") {
+              (lib.genAttrs services (_: { inherit restartTriggers; }))
-                ${service} = { inherit restartTriggers; };
-              })
               (lib.mkIf (action != "") {
                 "agenix-${name}-action" = {
                   inherit restartTriggers;
@@ -246,7 +243,8 @@ in
                   wantedBy = [ "multi-user.target" ];
                 };
 
-              })]) cfg.secrets);
+              })
+            ]) cfg.secrets);
   };
 
 }