From 7fe6cd9bd6a8776067a2068353ef037069b266db Mon Sep 17 00:00:00 2001
From: Simon Gardling <titaniumtown@proton.me>
Date: Tue, 17 Sep 2024 10:08:23 -0400
Subject: [PATCH] ?

---
 .gitattributes                          |   2 ++
 git-agecrypt.toml                       |   9 +++++++++
 nix/etcnixos/common.nix                 |  13 +++----------
 nix/etcnixos/flake.lock                 |  12 ++++++------
 nix/etcnixos/networking.nix             |   2 +-
 nix/etcnixos/secrets/secrets.nix        |   1 -
 nix/etcnixos/secrets/wifi-passwords.age | Bin 775 -> 0 bytes
 nix/etcnixos/secrets/wifi-passwords.nix | Bin 0 -> 1195 bytes
 nix/home-manager/gui.nix                |   9 +--------
 nix/home-manager/secrets/factorio.age   | Bin 398 -> 0 bytes
 nix/home-manager/secrets/factorio.nix   | Bin 0 -> 502 bytes
 nix/home-manager/secrets/secrets.nix    |   1 -
 12 files changed, 22 insertions(+), 27 deletions(-)
 create mode 100644 .gitattributes
 create mode 100644 git-agecrypt.toml
 delete mode 100644 nix/etcnixos/secrets/wifi-passwords.age
 create mode 100644 nix/etcnixos/secrets/wifi-passwords.nix
 delete mode 100644 nix/home-manager/secrets/factorio.age
 create mode 100644 nix/home-manager/secrets/factorio.nix

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..3d0f92e
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+nix/home-manager/secrets/factorio.nix filter=git-agecrypt diff=git-agecrypt
+nix/etcnixos/secrets/wifi-passwords.nix filter=git-agecrypt diff=git-agecrypt
diff --git a/git-agecrypt.toml b/git-agecrypt.toml
new file mode 100644
index 0000000..f2810c7
--- /dev/null
+++ b/git-agecrypt.toml
@@ -0,0 +1,9 @@
+[config]
+"nix/etcnixos/secrets/wifi-passwords.nix" = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJjT5QZ3zRDb+V6Em20EYpSEgPW5e/U+06uQGJdraxi",
+]
+"nix/home-manager/secrets/factorio.nix" = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH",
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJjT5QZ3zRDb+V6Em20EYpSEgPW5e/U+06uQGJdraxi",
+]
diff --git a/nix/etcnixos/common.nix b/nix/etcnixos/common.nix
index fb91147..69578dc 100644
--- a/nix/etcnixos/common.nix
+++ b/nix/etcnixos/common.nix
@@ -105,22 +105,13 @@
 
   age.identityPaths = [ "/home/${username}/.ssh/id_ed25519" ];
 
-  age.secrets.wifi-passwords = {
-    file = ./secrets/wifi-passwords.age;
-    path = "/etc/secrets/wifi-passwords.nix";
-  };
-
   age.secrets.primary-password = {
     file = ./secrets/primary-password.age;
     path = "/etc/secrets/primary-password";
   };
 
   #networking
-  networking =
-    let
-      wifi-passwords = import "${config.age.secrets.wifi-passwords.path}";
-    in
-    import ./networking.nix { inherit hostname wifi-passwords; };
+  networking = import ./networking.nix { inherit hostname; };
 
   # Select internationalisation properties.
   i18n.defaultLocale = "en_US.UTF-8";
@@ -198,6 +189,8 @@
     (inputs.agenix.packages.${pkgs.system}.default.override { ageBin = "${pkgs.rage}/bin/rage"; })
 
     qemu_full
+
+    git-agecrypt
   ];
 
   #wayland with electron/chromium applications
diff --git a/nix/etcnixos/flake.lock b/nix/etcnixos/flake.lock
index 7a7c018..d78e495 100644
--- a/nix/etcnixos/flake.lock
+++ b/nix/etcnixos/flake.lock
@@ -50,11 +50,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1726523817,
-        "narHash": "sha256-5KueNk96kOJ+Y2n2jZhNd2mdJbPQe3Y8pu1ZRkUCZNQ=",
+        "lastModified": 1726576520,
+        "narHash": "sha256-qkaiUpE3qRXunKbUzMaTGTMzF8nv534oglJY4a2hxNY=",
         "owner": "chaotic-cx",
         "repo": "nyx",
-        "rev": "6c47675209ab684a05adcd6cee50d3d64247280d",
+        "rev": "4409a04839fc8c911ef3e461bb5f422ae1d03a85",
         "type": "github"
       },
       "original": {
@@ -332,11 +332,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1726578198,
-        "narHash": "sha256-x+B/GJ9wc4qrq8PfTaYVnthwyaXmajCB2aGYiF2YKAM=",
+        "lastModified": 1726580083,
+        "narHash": "sha256-Jjf3j6s4NHQjQeq7R11ZuCEMgNd7GXinAxAbtfY28xA=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "058f7222f15e3804199fb3ede267cb0368487a33",
+        "rev": "232996c3e7c200ea5619c8ec9dbe24e2101cf210",
         "type": "github"
       },
       "original": {
diff --git a/nix/etcnixos/networking.nix b/nix/etcnixos/networking.nix
index fd1a983..fb8c6f4 100644
--- a/nix/etcnixos/networking.nix
+++ b/nix/etcnixos/networking.nix
@@ -13,5 +13,5 @@
     };
   };
 
-  wireless.networks = wifi-passwords;
+  wireless.networks = import ./secrets/wifi-passwords.nix;
 }
diff --git a/nix/etcnixos/secrets/secrets.nix b/nix/etcnixos/secrets/secrets.nix
index 25a2b64..2aa18e7 100644
--- a/nix/etcnixos/secrets/secrets.nix
+++ b/nix/etcnixos/secrets/secrets.nix
@@ -11,7 +11,6 @@ in
       ];
     })
     [
-      "wifi-passwords.age"
       "primary-password.age"
     ]
 ))
diff --git a/nix/etcnixos/secrets/wifi-passwords.age b/nix/etcnixos/secrets/wifi-passwords.age
deleted file mode 100644
index 62dc809fe346531aca145a3620591e2b0fb7319f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 775
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl$_b533{)`9$t^H3
z^Ds$DF)z&vFp9`2&M^u0s7iIKG6<;5H!4VXPm9WNGS1C)H{i<kwFt{_3h?nQHT4b&
z3C%Gq&vG<RH+Qb|$t@2niYkcmt}5~M@i+8NH9)s5#lyubJy0R1IL*V;#lx@4C!$P0
z&BwsNJ0+^pJuA$kG%D0T$26_Nr!XM7!Zpi3E1fGUs@%*aJUl-o(BHy8!rUh#!XUh|
zprFXztRO!n*U+#mz{NNqpxijsv>0TYXJM+Ar+<WpZhBE_VsWZMsA@*Fo2{`zy1K8E
zzpWQnh^0@WzHyF=d8&tRfQf;BcwTW@wogQ|iFU3*iI-DSZnnRhmybn~c43%)Qemcr
zw}(@Pqh*j;NN`bcg-2L2mtkIdqGfq%uz65;VUnA7hM7lJhFfrXu~B}0Sw?!Qp^2L>
zm#(g^LWN~uX;PAxer1w*k++||MUcO5a+r&$V_r#UR9?QLfvJy?iAz*sg}!$(S6QU*
zvgQLTtR`eL&)6=VeL=ly+rQ%{XTR0H`7(B9spieFkD-72_D0XB*mBwEmDon_j9VKI
zJT~w?_E>oVi_?P=)|<OOa-T8zdHlyo(|4)gr-ZzkeX;Y~GwtPP=W+xmx6Hqlr?9o@
zpLEpWR}Y_PtrE?;6R=i1==FmwOBfVy7(B^(&gK#ExqT1Mrl{h)f9z`}T=EXA6YhOH
zb)iSvGOO04n#^QgQC^LX@D{E9uh-s%AL7lw_^QzD9IMq=p<m^z)+hYi=VZ8^^AKlL
zrKsVdt#U$n1v_fKZhG@b*XBgXiY<I^l@543j=tv0{x9>xi}YvCuKVgX=Uv<JWnC@T
z(vZVKHK8Z2&0M(kKxJL|Wr<?L<i@Y^i7)3`r_Xep!MDTW%IW4s%O5N^wVW2XH?%Nt
z!@7M2tEV1(Jbk}!{$dX;eVgb5EXUe&+M<5ta#WY?mg+j9$oo2?!1;Pjm+bfJ-OPF%
GA}RoU4?H#i

diff --git a/nix/etcnixos/secrets/wifi-passwords.nix b/nix/etcnixos/secrets/wifi-passwords.nix
new file mode 100644
index 0000000000000000000000000000000000000000..b6c2b407903cf5506d5a3beb182c3acd938e7558
GIT binary patch
literal 1195
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl$_b533{>z5%S&-f
ztq5@ncP$7EbvH;dvhcD<a>)($@-T4H&kl0Qw#Y5_&o#}=jpQm1@(poJ3y-Ywh_dkW
z5A+N74-1TP%`vbn&9Cq*$}h?EsY)vI3U=}JFGja5#lyubJy1crC@484qQEpiD!4d5
zJi{<N*FV`g%+NS0qp&zQQoAhBs5s3lE7HU$(10t?P&-UJ)7>D@B_-dyq#!-e(ak?S
z+pyBSB&FET)i}}EG0!c++|oI(C=_Iya=fCuN0g;*dQoa(ajHUWwWdy`M<$n1W@trJ
zwtr?wP-Rq>TW(2Vk)w%oWtMxOaZy-qN{VS>ftyKWl5>uQTcLJRXlibhM`%QmS%ybq
zxVu@oVL=pEig&SLKww2yR#Z+{a72!Kq^G}+v59k7lv$8Tm3v}Vh)GCkrJF~plaXPR
zVL+vOZgFC<lfQ?fMRKZdfW9l2uCA_vVL?E6fN4abUr1nHg_EawR76gMo2Rp@Nn&Ji
zzGF&JZir8QL{@}Fv2!+8ZH>x;Khf2?R%skt?`Ew%vA3?cd*ySz^)pT4^RB9T@BXnY
z#d4lbdCR{=pAJbmR?gk(djC;CmfhyIt!3Y2j+tL5TabG1P_dQ80fF!vE4_Y&o1Qyk
zo^kL>PO45zR^N6bo%1%g;-yr?ZCtf<V`u)K*Sw=8xRSkqCn)E$s5gg)tm$28=G@|A
zOF6i*8Y2F^nIW>^mfd_dxsAoOE48w=`PC+G*uzjhv1O&9%Z;S(ffJqyW^da$<wQr%
z?9wYu^Sz%<W4iX-t*h_zOG!&1*83fDz8dpf#O*$8%0ITQ?#r1OO{Idf&p%y%F!%Ls
z*Dn_@*c?!rsW15~thB^s|LpyoYUNI)S(Y*UfB3}0_a1xny@%yxn_I;B;{25PlXmR-
zeDuvWv*S8fn9PqXW!$e(eepV1Z`hk_vWGVxxuWvrc;m?n!gZh8lrB8oA@00zuEV+n
zQ-zbMPely5Um73UIcN8!n-6Dvv3k4zX4Q}K$qe@e_kP<sX?ZC}yJ8PZ<?Dq%rsWp>
zPmdEn{P)Pku#N1u&$Rwu)UWt(XM(r1<uiuutG1-r{yIH>r+WD2ee8#Q4?S>X(g@4+
z&e^)4>148^f!I;ynwFdX`!Y^vxp8{D>0?rvs&lSk_uhV1iO20#Iw$r<70Ge_XMWu9
z@Eh}S_8yC)8mBwGmhu?hmb|H+l%Z?PD_(ao?3zw^N@DZtt<HNVWt|l((@8(^^ms_l
zy_E^uYwA9vtvRr4&Q{J_-#>&I_$Z6~+8h5<eCwhMuixByrF-SANy{EfmC1+xMqdiJ
zJN=c_mB6KUb;N$^W-PeyV-?5mrIly+WAc)=Uf5H7JkB~+>-~yzZ__)=pR7N6^0DF#
zh6CD<_n05QvhCR9Pq*inh#9!Ob~^OR)Ya>j#glVxPlNZG?RXKB@Mzn$kh8&pQo0;=
zlRsyCwrg*_=@$GdiLK_~-+KZ}<kwwjw#?bUEO>H`Q}b=@-nw5U3g2R{D1G^6Ec!ZN
i&7vn6zwC}>39X*Qw7$?n^vvx~924LEzI({by#fGJBol)G

literal 0
HcmV?d00001

diff --git a/nix/home-manager/gui.nix b/nix/home-manager/gui.nix
index 3d0ec04..cfcec76 100644
--- a/nix/home-manager/gui.nix
+++ b/nix/home-manager/gui.nix
@@ -2,8 +2,6 @@
   pkgs,
   lib,
   inputs,
-  config,
-  homeDirectory,
   ...
 }:
 {
@@ -19,11 +17,6 @@
       "factorio-alpha"
     ];
 
-  age.secrets.factorio = {
-    file = ./secrets/factorio.age;
-    path = "${homeDirectory}/.secrets/factorio.nix";
-  };
-
   home.packages = with pkgs; [
     #calculator
     gnome-calculator
@@ -106,7 +99,7 @@
 
     (factorio.override (
       let
-        data = import "${config.age.secrets.factorio.path}";
+        data = import ./secrets/factorio.nix;
       in
       {
         username = data.username;
diff --git a/nix/home-manager/secrets/factorio.age b/nix/home-manager/secrets/factorio.age
deleted file mode 100644
index 28800c02847e10484ff6047dadbc7cc8bdd21475..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 398
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl$_b533{(hm4@xyC
z@%Qq#bTJAo)=u+@NH_4yGbl82Do#&}GIGo+&h{+xbIl2@D(6ZGO$rK+%riB~bMnj1
z^DK&}C@v^ZG%oe9G$>9E%l8Qm3r+V=Gj_6YEJwF3#lyubJy5|hJkT;J&ABi#)VnxB
zzsfhr%iFsm#o4W-+$E&4#KXU=$VEHRpro`SB%jN)%)&1tGNd#qIo&kWAkW1&EZERI
zv&u3oS3Aoy(WEda-@w<iAgi(}DwIoCS69KT+%z(@)X=@iAScWt)!Eg<u%y&DBQe}P
z)iFXpIU*!KD!9TZC?z=0Kc8#!lX+I67mIl%YVS#1`kHn#ti+9@;<SYIr=H4LVb9rW
zHgCWCHdvWc+vt(#F;*Gv$LX?ro%N&^w#;BKU6%dyIO~+fYfqLwt1U>+O5P>#R;|7K
g9m}*Y{Ync(oty47rmPdW9(>Q~$OfH<0jHB#00tzHKL7v#

diff --git a/nix/home-manager/secrets/factorio.nix b/nix/home-manager/secrets/factorio.nix
new file mode 100644
index 0000000000000000000000000000000000000000..6a921368ff454586f94d007ea4904025b8d828b4
GIT binary patch
literal 502
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl$_b533{)s|&C4p!
zD9`cn^|x>{Ofzr{Dk`aPO!sk2)h?+tGj??hOA7LJugEVAGvG=O3`#1FEUEGe$PD&3
zaM4b*tcXlbN^}V_OwMu6tTHPytFUm7iZJr=F+jI1#lyubJy5|hJV0OHv?$2JBiT3K
zz|18nGq|Y0-J>kTvot>}zaTwFKf~Xx%EdG<JDbbY#5u{o$RNGU+e<s#t)S4$HM69!
zxFRjXCDk#-FCZnzSvw;y%Oy7`z!hX$mX&ULQEFmws)7=izKN5kd4;cKURJ(=ho_NA
zq`SU(Wss?_m%g@dp1Z$uid&>ffQPqlp1V(`i$#uEey(F`u8)UydQwz+a)hBNS9q#f
zsF!7UU}btlfRC$Vv3q!0PJknquCA^^QG}OEq;Hu)WPWyfq_0_0iA9iSmA`+GQ9(p<
zM6heRaYl$~PN<P_NM<@0-=+CFe{ahsL>jakcXLkK_IdS`09$pH&hw>hy4OEDzt?wp
ztb8P)ton!9=TkS|D$hD~;e(?0-hGpvpVf8vHQn~oCtt-khtF&Ks>L3!*|uk5uG6X)
gjo)8yKcE!Y#<1yUm#6Yej;_7m9B${ae0R$N0N04Npa1{>

literal 0
HcmV?d00001

diff --git a/nix/home-manager/secrets/secrets.nix b/nix/home-manager/secrets/secrets.nix
index 8d3a8fc..9cd62a9 100644
--- a/nix/home-manager/secrets/secrets.nix
+++ b/nix/home-manager/secrets/secrets.nix
@@ -11,7 +11,6 @@ in
       ];
     })
     [
-      "factorio.age"
       "server-password.age"
       "borg-laptop-password.age"
       "gnupg.age"