etwas/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-config/modules/utils/agenix.nix

46 lines
1.1 KiB
Nix
Raw Blame History

{ config, ... }:
{
# TODO: Get a token2 and set up https://github.com/oddlama/agenix-rekey
age = {
identityPaths = [ "/var/lib/persistent/host_id_ed25519" ];
secrets = {
access-tokens-github.file = ../../secrets/gh_argstr.age;
fbda-wg-privkey.file = ../../secrets/fbda_wg_priv_key.age;
fbda-wg-psk.file = ../../secrets/fbda_wg_psk.age;
obvps-id = {
file = ../../secrets/1bvps.age;
path = "/home/rhea/.ssh/id_1bvps";
owner = "rhea";
symlink = false;
};
gh_etwas = {
file = ../../secrets/gh_token.age;
path = "/home/rhea/.ssh/id_gh_etwas";
owner = "rhea";
symlink = false;
};
gcd_etwas = {
file = ../../secrets/gcd_etwas.age;
path = "/home/rhea/.ssh/id_gcd_etwas";
owner = "rhea";
symlink = false;
};
etwas_sign_key = {
file = ../../secrets/sign_etwas.age;
path = "/home/rhea/.ssh/etwas_sign_key";
owner = "rhea";
symlink = false;
};
};
};
nix.extraOptions = ''
!include ${config.age.secrets.access-tokens-github.path}
'';
}
Reference in a new issue View git blame Copy permalink