modules/shared/nix/age.nix at main · 42willow.github.io/flake

42willow.github.io / flake

my system configurations ^-^

flake / modules / shared / nix / age.nix

at main 1.2 kB view raw

 1{
 2  inputs,
 3  pkgs,
 4  config,
 5  ...
 6}: let
 7  inherit (inputs) self;
 8  inherit (config.settings.system) user;
 9
10  sshDir = user.home + "/.ssh";
11
12  # https://github.com/isabelroses/dotfiles/blob/0827bb1893b8072b65c66a6919f8abbe6df9a55a/modules/flake/lib/secrets.nix
13  mkSecret = {
14    file,
15    mode ? "400",
16    ...
17  }: {
18    inherit mode;
19    inherit (user) group;
20    owner = user.name;
21    file = "${self}/secrets/${file}.age";
22  };
23in {
24  imports = [
25    inputs.agenix.nixosModules.default
26  ];
27
28  environment.systemPackages = [
29    inputs.agenix.packages."${pkgs.system}".default
30  ];
31
32  age = {
33    identityPaths =
34      [
35        "/etc/ssh/ssh_host_ed25519_key"
36      ]
37      ++ (
38        if sshDir != null
39        then ["${sshDir}/id_ed25519"]
40        else []
41      );
42
43    secrets = {
44      gh = mkSecret {
45        file = "gh";
46      };
47      ghPub = mkSecret {
48        file = "gh-pub";
49      };
50      lastfm = mkSecret {
51        file = "lastfm";
52      };
53      restic = mkSecret {
54        file = "restic";
55      };
56      samba = mkSecret {
57        file = "samba";
58      };
59      wifi = mkSecret {
60        file = "wifi";
61      };
62    };
63  };
64}