25 lines
793 B
Nix
25 lines
793 B
Nix
{ options, lib, inputs, pkgs, config, ... }:
|
|
|
|
with builtins;
|
|
with lib;
|
|
with lib._;
|
|
let
|
|
inherit (inputs) agenix;
|
|
secretsDir = "${toString ../hosts}/${config.networking.hostName}/secrets";
|
|
secretsFile = "${secretsDir}/secrets.nix";
|
|
in {
|
|
imports = [ agenix.nixosModules.age ];
|
|
environment.systemPackages = [ agenix.defaultPackage.x86_64-linux ];
|
|
|
|
age = {
|
|
secrets = mkMerge (map (x: {"x".file = "${secretsDir}/${x}";}) (attrNames (import secretsFile)));
|
|
identityPaths = options.age.identityPaths.default ++ (foldr (l: r: l ++ r) [] (map (user:
|
|
let
|
|
d = "/home/${user}/.ssh";
|
|
fs = map (f: d + "/" + f)
|
|
(filter (f: (f != "known_hosts") && (f != "*.old"))
|
|
(attrNames (readDir d)));
|
|
in fs) (attrNames config.defaultUsers)));
|
|
};
|
|
}
|