changes to sops and cleanup script works globally
This commit is contained in:
cnst
@@ -5,60 +5,34 @@
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
defaultConfig = {
|
||||
age = {sshKeyPaths = ["/home/cnst/.ssh/id_ed25519"];};
|
||||
defaultSopsFile = "${self}/secrets/cnst-secrets.yaml";
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/cnst-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/cnst-secrets.yaml";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
userSpecificConfig = lib.mkMerge [
|
||||
(lib.mkIf (config.home.username == "toothpick") {
|
||||
age = {sshKeyPaths = ["/home/toothpick/.ssh/id_ed25519"];};
|
||||
defaultSopsFile = "${self}/secrets/toothpick-secrets.yaml";
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/toothpick-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/toothpick-secrets.yaml";
|
||||
};
|
||||
};
|
||||
})
|
||||
(lib.mkIf (config.home.username == "adam") {
|
||||
age = {sshKeyPaths = ["/home/adam/.ssh/id_ed25519"];};
|
||||
defaultSopsFile = "${self}/secrets/adam-secrets.yaml";
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/adam-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/adam-secrets.yaml";
|
||||
};
|
||||
};
|
||||
})
|
||||
];
|
||||
inherit (lib) mkIf mkEnableOption;
|
||||
inherit (lib) mkIf mkEnableOption mkOption;
|
||||
cfg = config.modules.userd.sops;
|
||||
in {
|
||||
imports = [
|
||||
inputs.sops-nix.homeManagerModules.sops
|
||||
];
|
||||
|
||||
options = {
|
||||
modules.userd.sops.enable = mkEnableOption "Enables sops home environment";
|
||||
modules.userd.sops = {
|
||||
enable = mkEnableOption "Enables sops home environment";
|
||||
cnst = mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Apply cnst sops settings";
|
||||
};
|
||||
toothpick = mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Apply toothpick sops settings";
|
||||
};
|
||||
adam = mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Apply adam sops settings";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
sops = lib.mkMerge [
|
||||
{
|
||||
@@ -67,8 +41,45 @@ in {
|
||||
sshKeyPaths = [];
|
||||
};
|
||||
}
|
||||
defaultConfig
|
||||
userSpecificConfig
|
||||
(mkIf cfg.cnst {
|
||||
age = {sshKeyPaths = ["/home/cnst/.ssh/id_ed25519"];};
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/cnst-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/cnst-secrets.yaml";
|
||||
};
|
||||
};
|
||||
})
|
||||
(mkIf cfg.toothpick {
|
||||
age = {sshKeyPaths = ["/home/toothpick/.ssh/id_ed25519"];};
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/toothpick-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/toothpick-secrets.yaml";
|
||||
};
|
||||
};
|
||||
})
|
||||
(mkIf cfg.adam {
|
||||
age = {sshKeyPaths = ["/home/adam/.ssh/id_ed25519"];};
|
||||
secrets = {
|
||||
openai_api_key = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/adam-secrets.yaml";
|
||||
};
|
||||
ssh_user = {
|
||||
format = "yaml";
|
||||
sopsFile = "${self}/secrets/adam-secrets.yaml";
|
||||
};
|
||||
};
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user