2023-02-20

1 files changed, 2 insertions, 44 deletions

diff --git a/modules/nixos/common/secrets.nix b/modules/nixos/common/secrets.nix
index 2ee5753..9a82c44 100644
--- a/modules/nixos/common/secrets.nix
+++ b/modules/nixos/common/secrets.nix
@@ -1,45 +1,3 @@
-{
-  config,
-  inputs,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib; {
-  imports = [
-    inputs.agenix.nixosModules.default
-    (mkAliasOptionModule ["secrets"] ["age" "secrets"])
-  ];
-
-  config = {
-    age = {
-      identityPaths =
-        if this.isHeadful
-        then ["${config.my.home}/.ssh/id_${my.ssh.type}"]
-        else
-          map (attr: attr.path) (filter (attr: attr.type == my.ssh.type)
-            config.services.openssh.hostKeys);
-
-      # This can be used to auto-add all secrets, thus eliminating the need to
-      # specify path to each envrypted file. The drawback is that this will
-      # expose *all* secrets to all machines and try to decrypt them all even on
-      # machines where the secret will not be used.
-      #
-      # secrets =
-      #   let
-      #     secretsSourceDir = "${inputs.self}/age";
-      #   in
-      #   mapAttrs'
-      #     (name: _:
-      #       nameValuePair name {
-      #         file = "${secretsSourceDir}/${name}";
-      #         owner = mkDefault my.username;
-      #         group = mkDefault config.my.group;
-      #       })
-      #     (builtins.readDir secretsSourceDir);
-    };
-
-    environment.systemPackages = with pkgs; [agenix];
-  };
+{inputs, ...}: {
+  imports = [inputs.agenix.nixosModules.default];
 }