From 73b56555a6f400230ebb7957027d077d13c0cdd0 Mon Sep 17 00:00:00 2001 From: Simon Gardling Date: Tue, 24 Jun 2025 23:09:34 -0700 Subject: [PATCH] remove agenix --- etcnixos/common.nix | 3 - flake.lock | 63 ------------- flake.nix | 7 -- home-manager/home-mreow.nix | 17 +--- home-manager/no-gui.nix | 2 - home-manager/progs/borg.nix | 88 ++++++++++--------- home-manager/secrets/borg-laptop-password.age | 10 --- home-manager/secrets/secrets.nix | 16 ---- 8 files changed, 47 insertions(+), 159 deletions(-) delete mode 100644 home-manager/secrets/borg-laptop-password.age delete mode 100644 home-manager/secrets/secrets.nix diff --git a/etcnixos/common.nix b/etcnixos/common.nix index f5d9526..68c6176 100644 --- a/etcnixos/common.nix +++ b/etcnixos/common.nix @@ -16,7 +16,6 @@ ./steam.nix ./networking.nix - inputs.agenix.nixosModules.default inputs.nixos-hardware.nixosModules.common-pc-ssd inputs.chaotic.nixosModules.default inputs.disko.nixosModules.disko @@ -210,8 +209,6 @@ dmidecode - # (inputs.agenix.packages.${pkgs.system}.default.override { ageBin = "${pkgs.rage}/bin/rage"; }) - doas-sudo-shim glib diff --git a/flake.lock b/flake.lock index 2a0e781..8005e5e 100644 --- a/flake.lock +++ b/flake.lock @@ -1,30 +1,5 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": [ - "home-manager" - ], - "nixpkgs": [ - "nixpkgs" - ], - "systems": "systems" - }, - "locked": { - "lastModified": 1750173260, - "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, "chaotic": { "inputs": { "flake-schemas": "flake-schemas", @@ -67,28 +42,6 @@ "type": "github" } }, - "darwin": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744478979, - "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "43975d782b418ebf4969e9ccba82466728c2851b", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -418,7 +371,6 @@ }, "root": { "inputs": { - "agenix": "agenix", "chaotic": "chaotic", "disko": "disko", "emacs-overlay": "emacs-overlay", @@ -472,21 +424,6 @@ "type": "github" } }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "xwayland-satellite-stable": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 1324c5a..5fbaf1f 100644 --- a/flake.nix +++ b/flake.nix @@ -12,12 +12,6 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - agenix = { - url = "github:ryantm/agenix"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.home-manager.follows = "home-manager"; - }; - home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -64,7 +58,6 @@ nixpkgs, lanzaboote, nixos-hardware, - agenix, home-manager, ... }@inputs: diff --git a/home-manager/home-mreow.nix b/home-manager/home-mreow.nix index 234d746..67a7a0b 100644 --- a/home-manager/home-mreow.nix +++ b/home-manager/home-mreow.nix @@ -19,6 +19,8 @@ # notification daemon ./progs/dunst.nix + + ./progs/borg.nix ]; home.packages = with pkgs; [ @@ -40,21 +42,6 @@ Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; }; - age.secrets.borg-laptop-password = { - file = ./secrets/borg-laptop-password.age; - path = "${homeDirectory}/.secrets/borg_bak_pass"; - }; - - # backup utility - programs.borgmatic = { - enable = true; - package = pkgs.borgmatic; - backups = import ./progs/borg.nix { - borgPasswordFile = config.age.secrets.borg-laptop-password.path; - inherit homeDirectory; - }; - }; - programs.niri.settings.outputs = { "BOE 0x095F Unknown" = { scale = 1.5; diff --git a/home-manager/no-gui.nix b/home-manager/no-gui.nix index bac01d1..7b9418e 100644 --- a/home-manager/no-gui.nix +++ b/home-manager/no-gui.nix @@ -100,7 +100,6 @@ in imports = [ ./progs/fish.nix ./progs/helix.nix - inputs.agenix.homeManagerModules.age ( { ... }: { @@ -171,7 +170,6 @@ in clang gdb - age git-crypt imagemagick diff --git a/home-manager/progs/borg.nix b/home-manager/progs/borg.nix index 1d60f67..36291c1 100644 --- a/home-manager/progs/borg.nix +++ b/home-manager/progs/borg.nix @@ -1,51 +1,53 @@ -{ homeDirectory, borgPasswordFile }: +{ pkgs, homeDirectory, ... }: { + programs.borgmatic = { + enable = true; + package = pkgs.borgmatic; + backups = { - home = { - location = { - sourceDirectories = ( - map (f: "${homeDirectory}/${f}") [ - ".zen" - ".local/share/fish" - ".ssh" - "Documents" - "projects" - "Pictures" - "school" - ] - ++ (map (f: ".config/Signal/${f}") [ - "stickers.noindex" - "attachments.noindex" - "downloads.noindex" - "drafts.noindex" - "sql" - "IndexedDB" - "Local Storage" - "SharedStorage" - "config.json" - "ephemeral.json" - "Preferences" - ]) - ); + home = { + location = { + sourceDirectories = ( + map (f: "${homeDirectory}/${f}") [ + ".zen" + ".local/share/fish" + ".ssh" + "Documents" + "projects" + "Pictures" + "school" + ] + ++ (map (f: ".config/Signal/${f}") [ + "stickers.noindex" + "attachments.noindex" + "downloads.noindex" + "drafts.noindex" + "sql" + "IndexedDB" + "Local Storage" + "SharedStorage" + "config.json" + "ephemeral.json" + "Preferences" + ]) + ); - excludeHomeManagerSymlinks = true; - repositories = [ "ssh://server-public/tank/bak/laptop" ]; + excludeHomeManagerSymlinks = true; + repositories = [ "ssh://server-public/tank/bak/laptop" ]; - extraConfig = { - compression = "zstd"; + extraConfig = { + compression = "zstd"; + }; + }; + + retention = { + keepHourly = 48; + keepDaily = 30; + keepWeekly = 26; + keepMonthly = 24; + keepYearly = 10; + }; }; }; - - retention = { - keepHourly = 48; - keepDaily = 30; - keepWeekly = 26; - keepMonthly = 24; - keepYearly = 10; - }; - - storage = { - encryptionPasscommand = "cat ${borgPasswordFile}"; - }; }; } diff --git a/home-manager/secrets/borg-laptop-password.age b/home-manager/secrets/borg-laptop-password.age deleted file mode 100644 index abca559..0000000 --- a/home-manager/secrets/borg-laptop-password.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 JlUYaQ 0zR1i7aaaTiNatQ64adSfLAes3mxyErq3kZUziRInVc -A8sfonsw2iodHRFsmYbmMNAviEUFSy9mkXuq6jefki8 --> ssh-ed25519 dHDJgQ CmnVM06YvF+mzPNF1LsHdyL1hk+d/yH3HTBcdRlX/2c -79u1EAd+g/Cmb9TzAifO4VHqJZk5T88nP4DWfsJEuIw --> >=ei241-grease co`|!7_c lx{qy -A6d8YS1s8NZojKmRVWhmJDzOOFT/AEO/IRZN0LI30QP3jImoTJ4EFDQUm4p+0IWk -dam3RKxF7XzF6dNigGDKKeIVXcSX1SiEgHyIo0+hPm2nZbM/p1IJ6fsACbTB6Q ---- /Za+90oVP7/fGDLBRr6s56UopJjz8f851js/htBcYWA -6e0YT0|`H>`b. XGXs1n.$o \ No newline at end of file diff --git a/home-manager/secrets/secrets.nix b/home-manager/secrets/secrets.nix deleted file mode 100644 index 4bcb160..0000000 --- a/home-manager/secrets/secrets.nix +++ /dev/null @@ -1,16 +0,0 @@ -let - laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH"; - desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJjT5QZ3zRDb+V6Em20EYpSEgPW5e/U+06uQGJdraxi"; -in -(builtins.listToAttrs ( - map - (f: { - f.publicKeys = [ - laptop - desktop - ]; - }) - [ - "borg-laptop-password.age" - ] -))