modules/darwin/secrets.nix at deck

hyl.st / helm

fork atom

nix config

fork atom

helm / modules / darwin / secrets.nix

at deck 47 lines 1.2 kB view raw

wrap content

Anish Lakhwara fixed config for darwin 2y ago

57afd743

 1{ config, pkgs, agenix, secrets, ... }:
 2
 3let user = "dustin"; in
 4{
 5  age = { 
 6    identityPaths = [ 
 7      "/Users/${user}/.ssh/id_ed25519"
 8    ];
 9
10    secrets = { 
11      "syncthing-cert" = {
12        symlink = true;
13        path = "/Users/${user}/Library/Application Support/Syncthing/cert.pem";
14        file =  "${secrets}/darwin-syncthing-cert.age";
15        mode = "644";
16        owner = "${user}";
17        group = "staff";
18      };
19
20      "syncthing-key" = {
21        symlink = true;
22        path = "/Users/${user}/Library/Application Support/Syncthing/key.pem";
23        file =  "${secrets}/darwin-syncthing-key.age";
24        mode = "600";
25        owner = "${user}";
26        group = "staff";
27      };
28
29      "github-ssh-key" = {
30        symlink = true;
31        path = "/Users/${user}/.ssh/id_github";
32        file =  "${secrets}/github-ssh-key.age";
33        mode = "600";
34        owner = "${user}";
35        group = "staff";
36      };
37
38      "github-signing-key" = {
39        symlink = false;
40        path = "/Users/${user}/.ssh/pgp_github.key";
41        file =  "${secrets}/github-signing-key.age";
42        mode = "600";
43        owner = "${user}";
44      };
45    };
46  };
47}