sops changes, and things I cannot remember

2024-08-09 13:41:41 +02:00
parent dde8787238
commit fe5ce74c33
36 changed files with 895 additions and 217 deletions
--- a/home/opt/sops/default.nix
+++ b/home/opt/sops/default.nix
@@ -0,0 +1,68 @@
+{
+  inputs,
+  self,
+  lib,
+  config,
+  ...
+}: let
+  defaultConfig = {
+    age = {sshKeyPaths = ["/home/cnst/.ssh/id_ed25519"];};
+    defaultSopsFile = "${self}/secrets/cnst-secrets.yaml";
+    secrets = {
+      openai_api_key = {
+        format = "yaml";
+        sopsFile = "${self}/secrets/cnst-secrets.yaml";
+      };
+      ssh_user = {
+        format = "yaml";
+        sopsFile = "${self}/secrets/cnst-secrets.yaml";
+      };
+    };
+  };
+
+  userSpecificConfig = lib.mkMerge [
+    (lib.mkIf (config.home.username == "toothpick") {
+      age = {sshKeyPaths = ["/home/toothpick/.ssh/id_ed25519"];};
+      defaultSopsFile = "${self}/secrets/toothpick-secrets.yaml";
+      secrets = {
+        openai_api_key = {
+          format = "yaml";
+          sopsFile = "${self}/secrets/toothpick-secrets.yaml";
+        };
+        ssh_user = {
+          format = "yaml";
+          sopsFile = "${self}/secrets/toothpick-secrets.yaml";
+        };
+      };
+    })
+    (lib.mkIf (config.home.username == "adam") {
+      age = {sshKeyPaths = ["/home/adam/.ssh/id_ed25519"];};
+      defaultSopsFile = "${self}/secrets/adam-secrets.yaml";
+      secrets = {
+        openai_api_key = {
+          format = "yaml";
+          sopsFile = "${self}/secrets/adam-secrets.yaml";
+        };
+        ssh_user = {
+          format = "yaml";
+          sopsFile = "${self}/secrets/adam-secrets.yaml";
+        };
+      };
+    })
+  ];
+in {
+  imports = [
+    inputs.sops-nix.homeManagerModules.sops
+  ];
+
+  sops = lib.mkMerge [
+    {
+      gnupg = {
+        home = "~/.gnupg";
+        sshKeyPaths = [];
+      };
+    }
+    defaultConfig
+    userSpecificConfig
+  ];
+}