From f3e888dadc955d1bf28937acea03ea29b0552c03 Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Fri, 12 May 2023 11:03:46 +0000
Subject: [PATCH] home: add secrets

Now that my module has been merged upstream!

Not that I have anything to use it with for now...
---
 home/default.nix         |  1 +
 home/secrets/default.nix | 25 +++++++++++++++++++++++++
 home/secrets/secrets.nix | 10 ++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 home/secrets/default.nix
 create mode 100644 home/secrets/secrets.nix

diff --git a/home/default.nix b/home/default.nix
index 42d365b..8af9240 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -29,6 +29,7 @@
     ./packages
     ./pager
     ./power-alert
+    ./secrets
     ./ssh
     ./terminal
     ./tmux
diff --git a/home/secrets/default.nix b/home/secrets/default.nix
new file mode 100644
index 0000000..7c0c0a1
--- /dev/null
+++ b/home/secrets/default.nix
@@ -0,0 +1,25 @@
+{ config, inputs, lib, options, ... }:
+
+{
+  imports = [
+    inputs.agenix.homeManagerModules.age
+  ];
+
+  config.age = {
+    secrets =
+      let
+        toName = lib.removeSuffix ".age";
+        toSecret = name: { ... }: {
+          file = ./. + "/${name}";
+        };
+        convertSecrets = n: v: lib.nameValuePair (toName n) (toSecret n v);
+        secrets = import ./secrets.nix;
+      in
+      lib.mapAttrs' convertSecrets secrets;
+
+    # Add my usual agenix key to the defaults
+    identityPaths = options.age.identityPaths.default ++ [
+      "${config.home.homeDirectory}/.ssh/agenix"
+    ];
+  };
+}
diff --git a/home/secrets/secrets.nix b/home/secrets/secrets.nix
new file mode 100644
index 0000000..eb9745f
--- /dev/null
+++ b/home/secrets/secrets.nix
@@ -0,0 +1,10 @@
+# Common secrets
+let
+  keys = import ../../keys;
+
+  # deadnix: skip
+  all = keys.users;
+in
+{
+  # Add secrets here
+}