diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..3d0f92e --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +nix/home-manager/secrets/factorio.nix filter=git-agecrypt diff=git-agecrypt +nix/etcnixos/secrets/wifi-passwords.nix filter=git-agecrypt diff=git-agecrypt diff --git a/git-agecrypt.toml b/git-agecrypt.toml new file mode 100644 index 0000000..f2810c7 --- /dev/null +++ b/git-agecrypt.toml @@ -0,0 +1,9 @@ +[config] +"nix/etcnixos/secrets/wifi-passwords.nix" = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH", + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJjT5QZ3zRDb+V6Em20EYpSEgPW5e/U+06uQGJdraxi", +] +"nix/home-manager/secrets/factorio.nix" = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH", + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJjT5QZ3zRDb+V6Em20EYpSEgPW5e/U+06uQGJdraxi", +] diff --git a/nix/etcnixos/common.nix b/nix/etcnixos/common.nix index fb91147..69578dc 100644 --- a/nix/etcnixos/common.nix +++ b/nix/etcnixos/common.nix @@ -105,22 +105,13 @@ age.identityPaths = [ "/home/${username}/.ssh/id_ed25519" ]; - age.secrets.wifi-passwords = { - file = ./secrets/wifi-passwords.age; - path = "/etc/secrets/wifi-passwords.nix"; - }; - age.secrets.primary-password = { file = ./secrets/primary-password.age; path = "/etc/secrets/primary-password"; }; #networking - networking = - let - wifi-passwords = import "${config.age.secrets.wifi-passwords.path}"; - in - import ./networking.nix { inherit hostname wifi-passwords; }; + networking = import ./networking.nix { inherit hostname; }; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; @@ -198,6 +189,8 @@ (inputs.agenix.packages.${pkgs.system}.default.override { ageBin = "${pkgs.rage}/bin/rage"; }) qemu_full + + git-agecrypt ]; #wayland with electron/chromium applications diff --git a/nix/etcnixos/flake.lock b/nix/etcnixos/flake.lock index 7a7c018..d78e495 100644 --- a/nix/etcnixos/flake.lock +++ b/nix/etcnixos/flake.lock @@ -50,11 +50,11 @@ ] }, "locked": { - "lastModified": 1726523817, - "narHash": "sha256-5KueNk96kOJ+Y2n2jZhNd2mdJbPQe3Y8pu1ZRkUCZNQ=", + "lastModified": 1726576520, + "narHash": "sha256-qkaiUpE3qRXunKbUzMaTGTMzF8nv534oglJY4a2hxNY=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "6c47675209ab684a05adcd6cee50d3d64247280d", + "rev": "4409a04839fc8c911ef3e461bb5f422ae1d03a85", "type": "github" }, "original": { @@ -332,11 +332,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726578198, - "narHash": "sha256-x+B/GJ9wc4qrq8PfTaYVnthwyaXmajCB2aGYiF2YKAM=", + "lastModified": 1726580083, + "narHash": "sha256-Jjf3j6s4NHQjQeq7R11ZuCEMgNd7GXinAxAbtfY28xA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "058f7222f15e3804199fb3ede267cb0368487a33", + "rev": "232996c3e7c200ea5619c8ec9dbe24e2101cf210", "type": "github" }, "original": { diff --git a/nix/etcnixos/networking.nix b/nix/etcnixos/networking.nix index fd1a983..fb8c6f4 100644 --- a/nix/etcnixos/networking.nix +++ b/nix/etcnixos/networking.nix @@ -13,5 +13,5 @@ }; }; - wireless.networks = wifi-passwords; + wireless.networks = import ./secrets/wifi-passwords.nix; } diff --git a/nix/etcnixos/secrets/secrets.nix b/nix/etcnixos/secrets/secrets.nix index 25a2b64..2aa18e7 100644 --- a/nix/etcnixos/secrets/secrets.nix +++ b/nix/etcnixos/secrets/secrets.nix @@ -11,7 +11,6 @@ in ]; }) [ - "wifi-passwords.age" "primary-password.age" ] )) diff --git a/nix/etcnixos/secrets/wifi-passwords.age b/nix/etcnixos/secrets/wifi-passwords.age deleted file mode 100644 index 62dc809..0000000 Binary files a/nix/etcnixos/secrets/wifi-passwords.age and /dev/null differ diff --git a/nix/etcnixos/secrets/wifi-passwords.nix b/nix/etcnixos/secrets/wifi-passwords.nix new file mode 100644 index 0000000..b6c2b40 Binary files /dev/null and b/nix/etcnixos/secrets/wifi-passwords.nix differ diff --git a/nix/home-manager/gui.nix b/nix/home-manager/gui.nix index 3d0ec04..cfcec76 100644 --- a/nix/home-manager/gui.nix +++ b/nix/home-manager/gui.nix @@ -2,8 +2,6 @@ pkgs, lib, inputs, - config, - homeDirectory, ... }: { @@ -19,11 +17,6 @@ "factorio-alpha" ]; - age.secrets.factorio = { - file = ./secrets/factorio.age; - path = "${homeDirectory}/.secrets/factorio.nix"; - }; - home.packages = with pkgs; [ #calculator gnome-calculator @@ -106,7 +99,7 @@ (factorio.override ( let - data = import "${config.age.secrets.factorio.path}"; + data = import ./secrets/factorio.nix; in { username = data.username; diff --git a/nix/home-manager/secrets/factorio.age b/nix/home-manager/secrets/factorio.age deleted file mode 100644 index 28800c0..0000000 Binary files a/nix/home-manager/secrets/factorio.age and /dev/null differ diff --git a/nix/home-manager/secrets/factorio.nix b/nix/home-manager/secrets/factorio.nix new file mode 100644 index 0000000..6a92136 Binary files /dev/null and b/nix/home-manager/secrets/factorio.nix differ diff --git a/nix/home-manager/secrets/secrets.nix b/nix/home-manager/secrets/secrets.nix index 8d3a8fc..9cd62a9 100644 --- a/nix/home-manager/secrets/secrets.nix +++ b/nix/home-manager/secrets/secrets.nix @@ -11,7 +11,6 @@ in ]; }) [ - "factorio.age" "server-password.age" "borg-laptop-password.age" "gnupg.age"