nix-config/modules/secrets/default.nix

27 lines
619 B
Nix
Raw Normal View History

{ inputs, lib, options, ... }:
2021-02-14 14:13:31 +01:00
2021-09-25 16:36:57 +02:00
{
2021-09-25 13:31:43 +02:00
imports = [
inputs.agenix.nixosModules.age
];
config.age = {
secrets =
let
2021-09-25 19:01:03 +02:00
toName = lib.removeSuffix ".age";
toSecret = name: _: {
file = ./. + "/${name}";
2021-09-25 19:01:03 +02:00
owner = lib.mkDefault "root";
};
2021-09-25 19:01:03 +02:00
convertSecrets = n: v: lib.nameValuePair (toName n) (toSecret n v);
secrets = import ./secrets.nix;
in
lib.mapAttrs' convertSecrets secrets;
sshKeyPaths = options.age.sshKeyPaths.default ++ [
# FIXME: hard-coded path, could be inexistent
"/home/ambroisie/.ssh/id_ed25519"
];
};
2021-02-14 14:13:31 +01:00
}