added sos-nix for home-manager.

2024-06-04 11:00:43 -05:00 · 2024-06-04 11:00:43 -05:00 · 8c552faa1b
commit 8c552faa1b
parent b04ab13d39
13 changed files with 73 additions and 20 deletions
--- a/configs/home-manager/email.nix
+++ b/configs/home-manager/email.nix
@ -28,7 +28,7 @@
    address = "gabevenberg@gmail.com";
    primary = true;
    flavor = "gmail.com";
-    passwordCommand = "cat ~/keys/plaintext/gmail";
+    passwordCommand = "cat ${config.sops.secrets.gmail-password.path}";
    realName = "Gabe Venberg";

    himalaya.enable = true;
--- a/configs/home-manager/secrets.nix
+++ b/configs/home-manager/secrets.nix
@ -0,0 +1,19 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  secretsDirectory = builtins.toString inputs.nix-secrets;
+in {
+  sops = {
+    defaultSopsFile = "${secretsDirectory}/common.yaml";
+    validateSopsFiles = false;
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"];
+      keyFile = "${config.home.homeDirectory}/.config/sops-nix/key.txt";
+      generateKey = true;
+    };
+  };
+}
--- a/configs/home-manager/sops.nix
+++ b/configs/home-manager/sops.nix
@ -11,12 +11,12 @@ in {
    inputs.sops-nix.homeManagerModules.sops
  ];

-  sops={
-    defaultSopsFile="${secretsPath}/secrets.yaml";
-    age={
-      sshKeyPaths=["${config.home.homeDirectory}/keys/age/master.txt"];
-      keyFile="/var/lib/sops-nix/key.txt";
-      generateKey=true;
+  sops = {
+    defaultSopsFile = "${secretsPath}/secrets.yaml";
+    age = {
+      sshKeyPaths = ["${config.home.homeDirectory}/keys/age/master.txt"];
+      keyFile = "/var/lib/sops-nix/key.txt";
+      generateKey = true;
    };
  };
 }
--- a/configs/home-manager/tiny-irc.nix
+++ b/configs/home-manager/tiny-irc.nix
@ -31,7 +31,7 @@
          ];
          sasl = {
            username = "toric";
-            pem = "${config.home.homeDirectory}/keys/certs/irc.pem";
+            pem = config.sops.secrets.irc-cert.path;
          };
        }
      ];