2023-04-13 18:48:37 +02:00
|
|
|
{ config, lib, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
config.age = {
|
|
|
|
secrets =
|
|
|
|
let
|
|
|
|
toName = lib.removeSuffix ".age";
|
|
|
|
userExists = u: builtins.hasAttr u config.users.users;
|
|
|
|
# Only set the user if it exists, to avoid warnings
|
|
|
|
userIfExists = u: if userExists u then u else "root";
|
|
|
|
toSecret = name: { owner ? "root", ... }: {
|
|
|
|
file = ./. + "/${name}";
|
|
|
|
owner = lib.mkDefault (userIfExists owner);
|
|
|
|
};
|
|
|
|
convertSecrets = n: v: lib.nameValuePair (toName n) (toSecret n v);
|
|
|
|
secrets = import ./secrets.nix;
|
|
|
|
in
|
|
|
|
lib.mapAttrs' convertSecrets secrets;
|
2023-04-13 19:23:22 +02:00
|
|
|
|
|
|
|
identityPaths = [
|
|
|
|
# Due to being a laptop, this host does not itself have any SSH keys
|
2023-04-16 20:51:00 +02:00
|
|
|
"/home/ambroisie/.ssh/agenix"
|
2023-04-13 19:23:22 +02:00
|
|
|
];
|
2023-04-13 18:48:37 +02:00
|
|
|
};
|
|
|
|
}
|