diff options
| author | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
|---|---|---|
| committer | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
| commit | e6ed60548397627bf10f561f9438201dbba0a36e (patch) | |
| tree | f9a84c5957d2cc4fcd148065ee9365a0c851ae1c /modules/common/secrets.nix | |
| parent | 2024-04-18 (diff) | |
2024-04-21
Diffstat (limited to 'modules/common/secrets.nix')
| -rw-r--r-- | modules/common/secrets.nix | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/modules/common/secrets.nix b/modules/common/secrets.nix new file mode 100644 index 0000000..03a2eeb --- /dev/null +++ b/modules/common/secrets.nix @@ -0,0 +1,30 @@ +{ + config, + inputs, + lib, + pkgs, + this, + ... +}: +with lib; +{ + imports = [ + inputs.agenix.nixosModules.default + (mkAliasOptionModule [ "secrets" ] [ + "age" + "secrets" + ]) + ]; + + config = { + age.identityPaths = + if this.isHeadful then + [ "${config.my.home}/.ssh/id_${my.ssh.type}" ] + else + map (attr: attr.path) (filter (attr: attr.type == my.ssh.type) config.services.openssh.hostKeys); + + environment.systemPackages = with pkgs; [ agenix ]; + + nixpkgs.overlays = [ inputs.agenix.overlays.default ]; + }; +} |